1. 13

    The issue with double dash (--) is one “string safety” problem I’ve meant to address on my blog, but haven’t yet.

    I’m not sure I’m following the argument in this post though.

    • I don’t see the need to distinguish between paths and strings.
    • I do see the need to distinguish between args and flags, which is what the -- convention does.
    • As far as serializing arrays, it seems like the NUL convention of find -print0 and xargs -0 is (surprisingly) sufficient? I didn’t quite see that until writing the two Git Log in HTML posts.

    I think there does need to be some kind of lint check or function wrapper for --, like flagging the former but not the latter (somehow):

    grep foo $file  # oops, $file could be a flag and GNU and OS X grep accepts it
    grep -- foo $file  # this is more correct
    
    
    mygrep() {  # mygrep only accepts args
      grep -E --color -- "$@" 
    }
    mygrep2() {  However sometimes you do want the user to be able to append flags, so this function is useful too
      grep -E --color "$@" 
    }
    mygrep2 -v pattern *.c  # invert match
    

    The rule I have for Oil is to avoid “boiling the ocean” – i.e. there can’t be some new protocol that every single command has to obey, because that will never happen. Heterogeneity is a feature.

    However there should be some recommended “modern” style, and I haven’t quite figured it out for the flag/arg issue.

    I think one place Oil will help is that you can actually write a decent flags parser in it. So maybe the shell can allow for wrappers for grep/ls/dd etc. that actually parse flags and then reserialize them to “canonical form” like:

    command @flags -- @args  # in Oil syntax
    command "${flags[@]}" -- "${args[@]}"  # in bash syntax
    

    I addressed quoting and array types in various places, including this post:

    Thirteen Incorrect Ways and Two Awkward Ways to Use Arrays

    There are also related string safety problems here – is -a an argument or an operator to test ?

    Problems With the test Builtin: What Does -a Mean?

    1. 4

      I don’t see the need to distinguish between paths and strings.

      They’re different types: a path is a string which is or could be the pathname of a file or directory on disk. Since they’re different types, treating them differently yields all the standard benefits of strong typing.

    1. 5

      texinfo(1) and DocBook are excessively complicated, ill-designed, and unmaintained

      One might quibble with the complexity & design of texinfo, but I believe Brian Fox & Karl Berry would be surprised to find out that it’s unmaintained: they are, after all, the maintainers, and released the latest version last summer.

      1. 7

        No, it’s really not a good language. It’s a pretty terrible language on which a colossal malinvestment of human resources has been squandered, leading to a not-entirely-terrible ecosystem which is just barely usable for real work.

        If the effort which had been mis-spent on JavaScript had instead been focused on an actually good language, then the world would be so much better off now.

        Not just that, though: JavaScript has poisoned the web. What was once a really nice way to serve resources has become a grotesque, undesigned application development platform whose sole virtue is that it’s been deployed everywhere. Also, it’s used regularly to undermine privacy & security.

        1. 4

          Eclipse dying however results in a net loss for developers.

          I don’t know about that — it means less competition pulling developers away from emacs, which can only be a good thing.

          1. 4

            I believe that there’s a very real chance that a reëvaluation of scientific research — particularly the social sciences, which are so soft as to border on pseudoscience to begin with — in light of this new understanding is very likely to yield unexpected & revolutionary results.

            1. 7

              The social sciences are not “so soft as to border on pseudoscience”. Yes P-Hacking and over reliance on p-values are an issue, but they’re an issue unilaterally. It matters just as much in physics as it does in social science. The idea that social sciences are somehow less rigorous than say physics is I think fallacious and without merit. Physics is still ultimately rooted in experimental evidence which is statistical in nature. You realize you’re discrediting an entire set scientific fields with literally no evidence and likely with very little knowledge of the subject. It’s not like there’s been literally no replication in the social sciences. What an absolutely absurd claim.

              1. 6

                I have to agree with @bargap here. Physics is a poor example to hold up against the social sciences. Physics results require a level of significance that is mind boggling. Of course those piddly experimentalists do get things wrong sometimes. But a better comparison is perhaps life sciences. The basic problem is that the system is so complex that it is hard to figure out all the moving parts and make sure you’ve bolted down all but a few.

                There is a running joke about “Doctors recommend … “ (take your pick - babies should sleep on their back/belly, this food is bad/good for you, this causes/cures cancer, this causes/does not cause autism …) precisely because we’ve been burned so many times by studies that just did not have enough N, or more insidiously (and forgivably), had a biased N.

                Social sciences study PersONS which are much more complex than protONS or electrONS but their tooling and standards are, paradoxically, lower, not higher and society seems to have an expectation of what the right answer should be, allowing social biases to play a disproportionate role in biasing reports in these fields.

                1. 4

                  If you look in spaces like chemistry or spintronics you’ll find a lot of papers that people end up not being able to reproduce because it turned out that the machine that the writers were using had issues.

                  In situations where there are only 5 or so machines in the world that can do an experiment, if 1 of them has an issue then it’s not always easy to validate. Especially when the research methodology is “cartesian product of every material with every technique => see if something happens”. And even absent that, people’s interpretations of measurements change over time too!

                  Agree that people are harder to study, especially in long term stuff. But we don’t do many physics experiments over 20 years either! It’s mainly that time is hard, and preconditions are hard to set up. You can totally do experiments in social sciences over a small time scale correctly.

                  1. 5

                    Instead of comparing the foundations of physics to the edges of social sciences you should be considering the edges of physics, after all it doesn’t make sense to compare things which have a thousand years of replication to ones with tens of years. We’re still not sure that dark matter actually exists. Classical bias risk is pervasive in theoretical physics and is a constant threat.

                    The analogy is instead saying “Medical science borders on pseudoscience, we should cast doubt on the entire field including claims such as “Arsenic is poisonous” because some of the newer claims on cancer haven’t yet been replicated”.

                    To be entirely clear you haven’t been burned by science, you’ve been burned by irresponsible reporting which has confidence from a single study.

                    This article is also relevant here https://news.harvard.edu/gazette/story/2016/03/study-that-undercut-psych-research-got-it-wrong/

                    The concession is that there hasn’t been enough replication but a recent study reported on by ars which I don’t have on hand right now says that the replication rate of social science studies were around 70%, which is yeah not great but it’s hardly pseudoscience.

                    1. 3

                      To be entirely clear you haven’t been burned by science, you’ve been burned by irresponsible reporting which has confidence from a single study.

                      That’s a classic defense. “I never said that! They blew the press release all out of proportion”. Sometimes it is true.

                      I know of many papers where inferences and conclusions are not warranted by the data and have seen this in different fields of study. I infer that this is common human behavior to game a the system that rewards visibility and volume.

                      1. 5

                        You have conveniently dodged the main premise of my argument. Sure I’ll concede there are plenty of bad actors, but they aren’t magically condensed in the social sciences.

                        1. 2

                          The social sciences are definitely one of the areas where bad studies are harder to root out because of lower standards of rigor combined with the complexity of the subject and the fact that “truthiness” is easier to determine and therefore forms an extra social pressure not to challenge a particular study if it conforms to current social biases.

                          1. 3

                            I don’t think its actually reasonable to say that the newest physics are any more rigorous, any less complex, or any less rife with bias. They both use studies with statistical evidence so they both have a lot of rigor but it’s hard to beat replication. They both are very very complex. They both have lots and lots of human bias, from a bias towards classicalism, conservativism, anti-classicalism and modernism. That doesn’t mean that either of them are anywhere near pseudoscience. The claim is just uninformed.

              1. 4

                GUI development is broken, but JSON isn’t the solution: it’s another broken thing, just broken along a different axis.

                An S-expression–based interface would be better, because then there’d be a seamless way to embed behaviour along with the GUI …

                1. 9

                  Ocaml uses 0o for octal. Seem consistent and works well enough.

                  1. 4

                    Common Lisp uses #o as a prefix, e.g. #o0, which seems fine too.

                  1. 3

                    Perhaps beside the point, but: the gendered language was a bit distracting. By this point in history, when I read a blog post like this that exclusively uses “he” and “his” for unspecified genders, it feels like the author is making a political point of it (as I say, feels like: I have no insight into this author or his political position), and ends up niggling a little while reading.

                    1. 1

                      Yes, same here.

                      1. 1

                        While I agree with you, on further reflection, this does seem like derailing.

                        1. 0

                          when I read a blog post like this that exclusively uses “he” and “his” for unspecified genders, it feels like the author is making a political point of it

                          I’m the opposite: when I read a post which uses incorrect English, it feels like the author is making a political point of it. In English, the feminine is only used when referring to a specific female; for all other purposes the masculine (or, if you prefer, the ‘general’) is used.

                          1. 2

                            In English, the feminine is only used when referring to a specific female; for all other purposes the masculine (or, if you prefer, the ‘general’) is used.

                            According to whom? I’m asking this because the singular they goes at least as far back as 1848, where it appeared in William Makepeace Thackeray’s novel Vanity Fair.

                            1. 1

                              It actually goes back further than that — and in fact Shakespeare used it, IIRC! Still, it’s an ugly construction.

                              1. 2

                                It actually goes back further than that — and in fact Shakespeare used it, IIRC! Still, it’s an ugly construction.

                                Ugly? Again you beg the question: according to whom? For example, the Associated Press has a style guide article which offers the following recommendation:

                                “They, them, their — In most cases, a plural pronoun should agree in number with the antecedent: The children love the books their uncle gave them.They/them/their is acceptable in limited cases as a singular and-or gender-neutral pronoun, when alternative wording is overly awkward or clumsy. However, rewording usually is possible and always is preferable. Clarity is a top priority; gender-neutral use of a singular they is unfamiliar to many readers. We do not use other gender-neutral pronouns such as xe or ze…”

                                “Arguments for using they/them as a singular sometimes arise with an indefinite pronoun(anyone, everyone, someone) or unspecified/unknown gender(a person, the victim, the winner)…”

                                “In stories about people who identify as neither male nor female or ask not to be referred to as he/she/him/her: Use the person’s name in place of a pronoun, or otherwise reword the sentence, whenever possible. If they/them/their use is essential, explain in the text that the person prefers a gender-neutral pronoun. Be sure that the phrasing does not imply more than one person… “

                                I’ll admit it can be awkward if you’re not used to it, but I don’t buy the premise that singular they is ugly or wrong.

                        1. 5

                          Emacs Lisp has many features of Common Lisp, although it is considerably smaller (and thus easier to master).

                          Ehn, sorta. Elisp is smaller, but as far as I can tell, the cl library is used an awful lot, mostly because writing Elisp can be such a slog. I love Common Lisp (CL) and have used Emacs for 20 years now, and I’ve never been able to get into writing Elisp, although I’ve been trying more lately.

                          It’s not because it’s terrible but because the APIs are so vast. Have you ever tried to read through the Elisp manual? You’ll be there for a long time (hint: understanding buffers is the Zen of Elisp, so jump ahead).

                          Also, Elisp doesn’t seem to encourage breaking things down into functions as much as CL. A lot of existing code that I’ve looked at has many little expressions that would be nicely served as predicates or one-off functions, but since Elisp doesn’t have something like flet, the language doesn’t encourage such things. As a result, some functions are huge and really hard to follow. One great thing about Emacs is how easy it is to examine the code for things; it’s too bad that code is so obtuse a lot of the time.

                          1. 3

                            Yup, rms famously doesn’t like Common Lisp’s complexity, but I think that the histories of both elisp & Scheme are used in practice demonstrate the wisdom of Common Lisp’s approach. As an example, elisp has no namespacing mechanism, so folks commonly prepend the package name to variables & functions, leading to variables named e.g. my-package-variable & internal variables named e.g. my-package--private-variable; one has to type those long names everywhere, even in the package defining them, or a package which heavily uses them; in Common Lisp one would have a package my-package & the variables could be referred to as variable & private-variable within the package, and as my-package:variable & my-package::private-variable externally, or as variable inside a package using my-package. Complex? Certainly: I had to write a lot of words there, and maybe the reader doesn’t quite follow. A good thing? Yes, it’s easily learnt and it pays for itself every single time one writes or uses a package.

                            I can only imagine how awesome emacs would be today had it switched to Common Lisp back in the early 90s.

                            1. 0

                              AFAIK[1], Emacs doesn’t have a module or packages system which also doesn’t help breaking things down into smaller pieces.

                              [1] I could look this up but instead I choose to comment.

                              1. 3

                                You are correct, it does not have a language-defined namespace mechanism. That’s done with function naming conventions. It does have a package system, but that’s for feature distribution.

                                1. 3

                                  Yes, sorry about my terminology: I meant Common Lisp “packages” (i.e. modules, namespaces).

                                  (Common Lisp junky here as well.)

                                2. 2

                                  There is ELPA and MELPA, M-x package-list-packages

                              1. 3

                                I think this should have been published on Sunday …

                                1. 15

                                  I started researching the GitHub APIs that would be relevant to implement something like this a few months ago, but I’m really hesitant to sink a lot of investment into GitHub and its accompanying monopoly in my free time.

                                  I’ve moved a bunch of my personal projects over to GitLab, but they’ve been doing stupid stuff like refusing to render static repository content without whitelisting Javascript, or telling my my two-week-old browser is unsupported because it’s outdated, so … not a lot of motivation to invest in that ecosystem either.

                                  1. 13

                                    This. I noticed the mandatory JS for rendering nonsense too. I really want to like GitLab, and have tried multiple times to use them as my main, but to me the UX is just inferior to GitHub. The UI is sluggish and feels very bloated.

                                    It’s been a while since I’ve given up on GitLab for the time being, and have been self-hosting Gitea. Now Gitea uses JS too, but also works quite well without it. And it’s nowhere near as slow as GitLab.

                                    1. 5

                                      but to me the UX is just inferior to GitHub.

                                      Well, GitLab for all its faults doesn’t hijack my Emacs key bindings to do idiotic shit like “bold this thing in markdown” (which was already only two keystrokes to begin with; why are you adding a shortcut for something I never do on ctrl-b that I use all the time?) so I wouldn’t say GitLab has quite sunk to that level yet.

                                      1. 3

                                        Interesting. That’s a fair point; though GitHub’s editor isn’t the first to do that. I hadn’t noticed it with GitHub mainly because I use Vimium in Firefox, Evil in Emacs, and bspwm; so I rarely use Emacs-style bindings but I agree that could be frustrating.

                                        Does exwm’s simulation keys work around the issue, or does GitHub’s in-browser binding take precedence?

                                        EDIT: There’s also xkeysnail, though it does require running as root.

                                        EDIT2: It seems like running xkeysnail as root may not be necessary if the user has access to input devices. On Arch (or any distro with systemd >= 215) that can be achieved by adding the user to the input group (see here and here).

                                        EDIT3: The Emacs-keybinding extension may be another option, though apparently it only works in macOS. There’s also shortkeys but I haven’t tried either one.

                                        1. -2

                                          If you’re editing text, Ctrl-B for bold (or Ctrl-F if you’re in Germany) should be expected. Editing text means Word keybindings, not Emacs bindings.

                                          This also means Ctrl-I for italic (or Ctrl-K in Germany) and Ctrl-U for underlined (this one is actually the same).

                                          1. 12

                                            I strongly disagree, at least on a Macintosh, where all native text entry widgetsobey the Emacs keybindings. Web garbage that arrogates system functionality to itself, hijacking my chosen platform experience for a poor copy of some other system is noxious, and broken.

                                            1. 0

                                              I just tried in the macOS Notes app and ctrl+b makes the text bold. The Pages app does the same, ctrl+b makes the text bold. These are two native text entry applications developed and provided by Apple themselves.

                                              1. 6

                                                No, you are pressing cmd. Control is reserved for motion.

                                                1. 1

                                                  That’s the problem of your system then – the browser explicitly exposes Ctrl, Alt, Meta. If your keyboard does not offer these, either your browser, OS, or keyboard has to map between these and the actual keys.

                                                  Users on all other systems (aka 99.5% of users) expect Ctrl-B (or Ctrl-F) to create bold text.

                                                  1. 6

                                                    No, users on Macs expect their modifier keys to respect platform convention – Emacs keybindings for movement, cmd for meta. To assume otherwise is disrespectful.

                                                    1. 0

                                                      So what do you suggest? Breaking keybindings for all windows and linux users instead?

                                                      1. 4

                                                        No, use the proper keybindings for the platform that the user is using.

                                                        1. 0

                                                          So how do you suggest to do that without using heuristics on the useragent?

                                                          I’d be interested in your implementation of a JS function that returns the correct set of modifiers and keys to use for the bold shortcut. And which works reliably.

                                                          Currently, the browser doesn’t expose this, so everyone gets the most commonly used solution.

                                                          1. 3

                                                            Currently, the browser doesn’t expose this, so everyone gets the most commonly used solution.

                                                            ????

                                                            Note: On Macintosh keyboards, [.metaKey] is the ⌘ Command key.

                                                            MOD_KEY_FIELD = navigator.platform.startsWith('Mac') ? 'metaKey' : 'ctrlKey';
                                                            
                                                            // lazy
                                                            if (keyEvent.ctrlKey && ...
                                                            
                                                            // bare minimum for any self-respecting developer
                                                            if (keyEvent[MOD_KEY_FIELD] && ...
                                                            

                                                            What I want to know is how you’re commenting from 1997. Just hang tight, in a couple years two nerds are gonna found a company called Google and make it a lot easier to find information on the internet.

                                                        2. 3

                                                          Using the proper modifier depending on platform? The browser should expose “application-level modifier” say, for bold, and that would be ^B on X11/Windows and Super-B for Mac.

                                                          1. 0

                                                            The browser isn’t exposing this, though. The best chance is sniffing the user agent and then using heuristics on that, but that breaks easily as well.

                                                      2. 2

                                                        100 - 99.5 != 12.8, your assumption is off by a factor of 25.

                                                      3. 1

                                                        You’re right. Lord I’m an idiot.

                                                      4. 4

                                                        Ctrl+b on my Mac goes back a character in both macOS Notes and Pages, as it does everywhere else. Cmd+b bolds text (as also it does everywhere else).

                                                        In general, Macs don’t use the Ctrl key as a modifier too often (although you can change that if you want). They usually leave the readline keybindings free for text fields. This seems to be by design

                                                        The standard key bindings are specified in /System/Library/Frameworks/AppKit.framework/Resources/StandardKeyBinding.dict. These standard bindings include a large number of Emacs-compatible control key bindings…

                                                    2. 4

                                                      Editing text means Word keybindings, not Emacs bindings.

                                                      Those of us who use emacs to edit text expect editing text to imply emacs keybindings.

                                                      Some of us expect them everywhere, even.

                                                      1. 3

                                                        If it was a rich text WYSIWYG entry, I’d be 100% agreed with you. (I would also be annoyed, but for different reasons.)

                                                        But this is a markdown input box. The entire point of markdown is to support formatted text which is entered as plain text.

                                                  2. 3

                                                    It’d be great if we had a language server protocol extension for code review + a gerrit backend. I started taking a look at this a few months ago (I work mostly in Gerrit now) but didn’t have the bandwidth for actually prototyping it. It seems like an obviously good idea, though having to use git hampers some of the possibilities.

                                                  1. 8

                                                    Nothing hugely shocking here. If you have a decentralized system without end to end crypto then servers can read all your stuff, its the same with email and gmail scanning all of your emails.

                                                    1. 6

                                                      Which is why we shouldn’t build decentralised (or centralised) systems without end-to-end crypto any longer.

                                                      There’s no reason why something like Mastodon couldn’t have anonymous (unsigned, unencrypted), public (signed, unencrypted), group (signed, encrypted to a group — ‘friends’ is merely one group), and unlisted (signed, encrypted) posts. Yes, there are some key management challenges (particularly around key management & re-encryption as one adds & deletes friends), but they are no insurmountable.

                                                      I strongly believe that writing systems without cryptographically-strong privacy in 2018 is an error.

                                                      1. 8

                                                        Secure Scuttlebutt is a pretty good example of this, you have public messages and private messages. If a message is private then it is encrypted and only people mentioned in the post can decrypt the message. But ssb does have serious key management issues.

                                                        1. 5

                                                          What are the key management issues? I was just coming here to mention ssb, but I’m very new to it and was unaware of this. Can you share more?

                                                          1. 4

                                                            Well off the top of my hat, key management issues arise whenever you try to use it across multiple machines. Now you could manually copy the key from machine to machine, but if you ever use two machines simultaneously it creates a sort of fork in your identity on the network, which causes plenty of trouble.

                                                            There are a few solutions under research, most notable a master / slave system, but last time I checked it was still very much in the design phase.

                                                        2. 4

                                                          This is easily said, but both end to end crypto and key management add a huge amount of complexity to the system. If you need the privacy that e2e can provide, this is of course worth it, but it’s not at all clear that every service needs this. The fediverse is meant for public and targeted messages, not private ones. For those usecases, people can easily use e2e encrypted systems like matrix or gpg.

                                                          1. 3

                                                            Hear hear! I think everyone has this vision of a perfect crypt-opia where we can conduct our social networking safe from the prying eyes of government or BigCorps, but the realities of making this happen are as you say not at all trivial.

                                                            It’s a great goal, and one I think people should continue working towards, but the logistics are hard.

                                                            1. 3

                                                              Privacy and social media are kind of at odds with each other anyway. People want to share their posts with the world but also not have that data used against them. If you didn’t want everyone to know then you shouldn’t be sharing it.

                                                              1. 1

                                                                I don’t know if I agree. When I publish toots on Mastodon, all they know is that feoh@amicable.feoh.org said blah blah blah.

                                                                When I use Facebook, they are collecting a SUPER rich trove of demographic data on me, cross referencing it with other commercial sources (my employer for one :) and linking it in with my “social graph” where my friends data is taken into account. It’s the difference between a linked list of nodes with 2 or 3 fields and a full on acyclic graph with zillions of nodes and zillions more connections.

                                                                1. 1

                                                                  all they know is that feoh@amicable.feoh.org said blah blah blah.

                                                                  Anyone can also see who you are following, who you reply too, whos posts you like, what kind of content you like and then draw a graph based on this data. The main thing you lose is the tracking using apps to see more than what you post but a huge huge amount of data anyone can see can be used to track you and build a profile on you.

                                                                  1. 1

                                                                    By ‘anyone’ you mean ‘any Fediverse user’ right? Also there’s a huge difference between having to scrap the correlate vast gobs of data yourself and having it handed to you for analysis on a silver platter by the platform.

                                                                    Anyway, this is silly. I agree that social media is at odds with privacy to an extent, but some platforms are factually, provably better than others.

                                                            2. 1

                                                              also there’s nothing stopping you from using clientside tools that provide this.

                                                            3. 3

                                                              I totally disagree. I think there is a place in the world for social network protected by crypto, and also for those that aren’t.

                                                              Let’s not let the perfect be the enemy of the good.

                                                              1. 1

                                                                How would you do this while still allowing mastodon to be used from a web interface? If it’s implemented using javascript you’re in the exact same situation of having to trust the instance administrator.

                                                                1. 1

                                                                  How would you do this while still allowing mastodon to be used from a web interface?

                                                                  I’d either use a native client, or a web client running on localhost. It’s the only way to assure privacy & security.

                                                                  1. 0

                                                                    Exactly. You said that there’s no reason why it couldn’t do this, there’s your reason.

                                                              2. 3

                                                                agreed. It seems mostly useful for like novices.

                                                                1. 1

                                                                  What scares me is the resignation to this state of things.

                                                                  1. 4

                                                                    If you store things on other people’s servers they are on other people’s servers. I don’t see how this statement is a resignation. If you want your posts to be private in the fediverse, encrypt it. If you want your emails, posts,etc to be private, encrypt them.

                                                                    1. 5

                                                                      I was not talking about @mercer article: as you said it can be pretty useful for novices.

                                                                      What scares me is that we could design something better, but there is not much research about the topic.

                                                                      No one really try to challenge the status quo with original engineering solutions, in a sort of resignation.

                                                                      At best, people are waiting for mathematicians to create a cheap fully homomorphic encryption scheme.

                                                                      But I’m afraid it’s not lazyness, but lack of vision, interest and hope.

                                                                      1. 5

                                                                        Vision, interest, and hope are not valid inputs to compilers.

                                                                        I think a reasonable compromise in new system design (taken in some side projects of mine) is to assume that the channels of communication are compromised by hostile actors, that storage exists in the datacenters of hostile actors who are actively trying to munge through the contents, and that mere possession of encrypted material is of significant interest to the hostile actors.

                                                                        You end up with a sort of “I am Spartacus” setup for communication systems under those constraints, where everybody by definition has open-access to all communications but all communications are also encrypted such that if you have a key you can read it and otherwise you are just providing storage–and because everybody has copies of the content, the metadata of how it moves through the system is not super interesting. Of course, the flipside is that participation in such a system is almost always a red flag.

                                                                        1. 1

                                                                          Well… vision alone gave UNIX pipelines. And stacks. And timesharing systems… ;-)
                                                                          Interest gave us Linux. And hope gave us GNU.

                                                                          But, your system description look interesting… can you share links to some free software designed that way?

                                                                        2. 3

                                                                          If you can’t read the code on the server, and you can’t, then you can’t know it was actually encrypted. The only thing you can do is end to end encryption, which you can already do on top of all of these existing services. What we need is education of the tools that already exist and also improving ease of use. The moment you put the tech on the server you’ve already lost. Otherwise the tech you’re describing already exists.

                                                                          1. 3

                                                                            I agree with you about education. I deeply agree.

                                                                            But with fully homomorphic encryption you can know it’s encrypted even without seeing the code.

                                                                            I’m not entirely sure that no other mitigation is possible: my insight is that too few have tried to challenge the http/dns/browser/javascript stack to get a chance to find a solution.

                                                                            My bet is that we just need to open our minds.

                                                                            Still, you are right: there’s no cloud, just another person’s computer… ;-)

                                                                1. 2

                                                                  Why not just use Helm?

                                                                  1. 5

                                                                    I don’t believe I can disagree more. Tools matter, because some tools are better than others on some axis or axes. ‘Tools don’t really matter’ is the only argument one can make when one can’t argue ‘my tools are better.’ I don’t think any particular tool is better on all axes, but certainly some aren’t the best on any axis (e.g. pico).

                                                                    And I don’t think it’s inappropriate for someone who recognises a tool’s actual excellence in a world which incorrectly fails to do so to make that recognition part of his identity. It’s part of how an oppressed minority perpetuates its existence.

                                                                    1. 7

                                                                      This is a good point, but it’s also an argument against strongly identifying with your tools. If tomorrow you encounter a new tool that does something better than your current tool, it should be as easy as possible for you to abandon your current tools and take up the new ones, and that’s harder to do if being a user of a particular tool is part of your self-identity.

                                                                      1. 3

                                                                        “Oppression” seems like an overly strong word here, maybe…

                                                                        1. 1

                                                                          If you’ve ever been an emacs-user on a team of vim-users, you’d know what I mean. Or a Linux-user on a team of Mac-users …

                                                                          No doubt the other way ’round is the same, too …

                                                                      1. 15

                                                                        C++ got its act together. Java and Perl came along (and later, Python). Meanwhile, Lisp hadn’t advanced much in about a decade (since the ANSI spec was finalized). It was still a win, but the competition had narrowed the field. Once upon a time Lisp had a long list of features that no other language had (GC, full numeric tower, CLOS, incremental development, macros) that list kept getting shorter and shorter, and the case for Lisp, which had never been easy even in the best of times, was getting harder and harder to make.

                                                                        I think that this is definitely an issue with Lisp. The core is really, really good; it still has plenty of features that common languages don’t have. But even though it’s more advanced than they are, it’s still stuck in 1994. The median language is a lot better in 2018 than it was in 1994: it’s JavaScript, which is a horrible, terrible, no-good language but still orders of magnitude better than C for software development.

                                                                        Lisp is still better: it still has things JavaScript, Python, Java, Ruby, Scala, Erlang & Go are all missing. But it’s not as much better as it used to be, because all of those languages are much more capable than C, assembler & Pascal.

                                                                        But then a very strange thing happened: I noticed that all around me people were writing code using C++ and Java and Python and even (gasp!) Perl, and they were actually getting it to work without tearing their hair out. In fact, in a number of cases I saw people whip things up in Perl in a couple of hours that would have taken me days or weeks to do in Lisp.

                                                                        I think that’s a factor of batteries being included. Once upon a time Common Lisp was derided for including hash tables: nowadays they are table stakes. Once upon a time people laughed at Common Lisp for being a huge standard; now they laugh at it for not including a web server, let alone standardising sockets.

                                                                        The good news is that this is fixable (we can always have a new standard, if we want to go to the effort), and in practice it more-or-less is fixed: Quicklisp provides semi-standard libraries for everything. Would it be nice to have a truly-standardised library equivalent to, say, Go’s? Hell yes. Can we get by with what we have now? Sure.

                                                                        I do think that the Lisp world needs to consider a compatibility-breaking Common Lisp 2 at some point. The world has changed a lot in 24 years; it’s time Lisp took note.

                                                                        1. 9

                                                                          What do you think of other newer age Lisps like Clojure?

                                                                          1. 9

                                                                            Honestly, I don’t like Clojure — it’s not (IMHO) really a Lisp (among other things, it breaks conses). It’s a neat language, but it’s not my cup of tea. I’d like to see a Lisp continued & carried on, not a break with tradition.

                                                                            1. 8

                                                                              cons, car, cdr is the least that I miss in clojure, I guess they are a bit too low-level for my taste (and kind of complicated for reading code, although I never had a problem writing them out for some reason).

                                                                              What I kind of miss is in Clojure is CLOS, i.e. a multiple dispatch object system.

                                                                              1. 3

                                                                                I am not familiar with CLOS, but Clojure does have this.

                                                                                1. 1

                                                                                  Yes, and if it hadn’t this, one could probably write a multiple dispatch system with macros. I guess i could build my own island of multi methods. But that is a little different from an ecosystem that invests in them like Dylan or cl.

                                                                                  1. 1

                                                                                    I’ve been meaning to try Common Lisp. Things like the condition system, image dumping, CLOS, and MOP seem different from what I know and worth learning. I’m going to try out PAIP. Any insight on what the CL ecosystem tends to do with mutli-dispatch?

                                                                                    1. 2

                                                                                      I might be the wrong person to ask, because I never really used it (CL, and multiple dispatch) for more than a few example programs. First of all it implements OO in a way that nicely fits into the lisp functional programming world, i.e. procedures/functions first. Then there are the instances were you’d normally resort to the visitor pattern and can use multiple dispatch for truely polymorphic functions. I think they aren’t as widespread as one might think, but every now and then, multiple dispatch really helps at keeping code simple.

                                                                            2. 8

                                                                              You beat me to it. Ill go straight to saying it seems to solve that very problem with proof being its mainstream status having a big community and plenty of job ads for it. Need more LISP initiatives like that.

                                                                            3. 8

                                                                              I do think that the Lisp world needs to consider a compatibility-breaking Common Lisp 2 at some point.

                                                                              i’d love to see that effort put into optimising the racket runtime and adding libraries to it, personally. i think it has real potential to be an “industrial-strength” langage; the design is already excellent.

                                                                              1. 6

                                                                                i’d love to see that effort put into optimising the racket runtime and adding libraries to it

                                                                                Some work is being done right now to integrate the Chez scheme backend with Racket, which would mean some really nice speed improvements for compiled code.

                                                                                1. 3

                                                                                  The problem with Racket is that it’s very much a Scheme rather than Lisp, with all the mistakes that come with being a Scheme: Lisp-1, #f, (car '()) being an error. It’s an incredibly impressive body of work, but I wish that effort had been expended on Common Lisp instead.

                                                                                  1. 8

                                                                                    wait why shouldn’t that be an error though.

                                                                                    1. 4

                                                                                      wait why shouldn’t that be an error though.

                                                                                      Because it makes writing code which walks through lists a bit simpler. It’s useful that (car nil)nil & (cdr nil)nil. This — like having multiple namespaces — is one of the places where Lisp is more pragmatic than Scheme. I find that quality attractive in a programming language meant to be used.

                                                                                      I really wish that I could find a good article about this to share with you. I know that I’ve read one in the past, found the arguments convincing and have had the ‘nil should be carable’ bit set in my head since.

                                                                                      1. 7

                                                                                        It’s useful that (car nil) → nil & (cdr nil) → nil.

                                                                                        That sounds horrible, a recipe for “foo is not a property of undefined”-style errors miles away from where the problem actually occurred. Surely your functions should know what kind of data they expect to be operating on, and fail-fast is not.

                                                                                        1. 3

                                                                                          Yes that is my view too. Though I think for smal projects bargap’s proposal could be good but as the project grows in size the need for errors to happen close to the source of the problem grows.

                                                                                          1. 1

                                                                                            It actually works out very well with the sort of code which is written in Lisp. Typically, Lisp systems depend on it.

                                                                                            1. 2

                                                                                              I’ve found it to be the single largest source of errors in the lisp systems I work with.

                                                                                              1. 1

                                                                                                Are you writing Lisp or Scheme? If you’re finding it to be a huge source of errors in Scheme, then wouldn’t that tend to support the Common Lisp way of doing things?

                                                                                                1. 3

                                                                                                  I mostly write Clojure and Emacs Lisp, (since 2008 and 2004 respectively) which use nil in the same way Common Lisp does. I don’t have these problems when I write Racket.

                                                                                                  1. 1

                                                                                                    I don’t know Clojure, but I’ll agree elisp is a good basis for comparison. All I can say is that my experience with elisp & Common Lisp differs from your own, and that my experience with Scheme has convinced me that I do not want to write a large system in it — nor use a large system written in it.

                                                                                          2. 6

                                                                                            Leaving nil out of the language is hands-down my favorite thing about Racket. So many of the problems of CL and Clojure just evaporate completely.

                                                                                            1. 6

                                                                                              Of course Racket has nil. It’s just written '().

                                                                                              1. 7

                                                                                                When I say nil here I’m referring to a single value which can mean “emptiness”, “false”, or “not found” depending on the context. Racket has three different values for each of those cases instead of lumping them all into a single value, and that is much less error-prone.

                                                                                            2. 2

                                                                                              Could you write a car that doesn’t error, Call it care

                                                                                      2. 3

                                                                                        That reference to Quicklisp made me think about slib

                                                                                        I like the idea of having a standard library build only on spec scheme and app’s built with the specific particularities of scheme implementations.

                                                                                      1. 4

                                                                                        If you are an amateur looking for cost effective SBC options, I’d suggest Orange Pi PC2 + Armbian.

                                                                                        1. 3

                                                                                          Why that over a Raspberry Pi 3 Model B+?

                                                                                          1. 3

                                                                                            It’s half price of the Pi, shipped. As a bonus you get onboard microphone and a native Gigabit Ethernet port.

                                                                                        1. 1

                                                                                          Pity this can’t be used to attack Bitcoin … and it’s a bit surprising, since Nakamoto generally didn’t leave even the appearance of gaps in his protocol.

                                                                                          1. 5

                                                                                            If you think that’s tweaking your system, just wait until you discover StumpWM & emacs …

                                                                                            1. [Comment removed by author]

                                                                                              1. 10

                                                                                                I think it’s usually because “that’s what work is buying me”.

                                                                                                1. 10

                                                                                                  Can anyone show me a laptop that doesn’t lose to a macbook in any of these categories?

                                                                                                  • performance
                                                                                                  • price
                                                                                                  • form factor
                                                                                                  • fit and finish
                                                                                                  1. 5

                                                                                                    I really like Lenovo X1 Carbon.

                                                                                                    1. 2

                                                                                                      Very happy with 5th gen x1c. If only I could get 16:10 though…

                                                                                                    2. 5

                                                                                                      Personally I like the Dell XPS 13 and 15. The 4K screens are really amazing to see in person. You can configure with an i7 processor, optional fingerprint reader, fast SSDs up to 1TB, up to 32GB RAM, touch/non-touch display options, up to 97Wh battery in the ~4.5lb model or 56Wh in the 4lb if you want to go lighter (benchmarks). For ports, it has an SD card slot, 2 USB-A 3.0 with PowerShare, 1 HDMI, and a Thunderbolt 3 (including power in/out).

                                                                                                      I feel they compete in several of the categories and are worth checking out in person somewhere (Frys, etc) if you’re in the market. Just earlier today someone posted a link to this guy’s experience spending a year away from MacOS and he winds up with an XPS 15, which he mostly likes.

                                                                                                      1. 8

                                                                                                        Too many QA issues to compete with a MacBook. Just check /r/dell.

                                                                                                        1. 8

                                                                                                          Not a chancee, my favooritee part is the firmwware feature that douboles up my keypressese!

                                                                                                      2. 2

                                                                                                        I went from a 2011 macbook pro 15” to a thinkpad 460p running kubuntu, its not as flush as the macbook but it beats performance & price for me. Form factor, I should’ve got a 15” again but thats my choice. Fit & finish on the macbook is better but then I can easily remove my battery and get to all the internals of the laptop, so I prefer the thinkpad.

                                                                                                        1. 1

                                                                                                          I can try, though I am not sure what “fit and finish” means or how to measure it.

                                                                                                          Ignoring that, I would offer up both the Dell XPS 13 or Lenovo X1 Carbon.
                                                                                                          There are reasons to pick one over the other, but for me it was the X1 Carbon for having matte screen.

                                                                                                          1. 1

                                                                                                            Fit and finish covers build quality and aesthetics. According to this page it’s an automotive term.

                                                                                                          2. 1

                                                                                                            The new Huawei Matebook X?

                                                                                                            1. 1

                                                                                                              How about the ASUS ZenBook Pro? I don’t have experience with it, but superficially it’s got very similar form factor and design to a MacBook. Aluminum uni-body and all. And being not-Apple, you obviously get better performance for the price.

                                                                                                              1. 1

                                                                                                                Thinkpad P71. Well, except for the form factor (I’d rather get stronger arms than have to compromise on other factors), it beats the Macbook Pro on all fronts.

                                                                                                              2. 5

                                                                                                                I’ve run Linux on a Macbook because my employer wouldn’t give me anything else. Reason was: effort of IT team vs my effort of running Linux.

                                                                                                                But pretty sure my effort was extensive compared to what their effort would have been :)

                                                                                                                1. [Comment removed by author]

                                                                                                                  1. 2

                                                                                                                    Yeah, but then you’re stuck with the clunky old macOS rather than a nice modern UI like StumpWM, dwm or i3.

                                                                                                                2. 4

                                                                                                                  16:10 screen, wide-gamut display, correct ppi (X1C is too low, and the high-res Dells too high).

                                                                                                                  The last ThinkPad (of which I have many) to have a 16:10 screen was T410, which is now 8 years old.

                                                                                                                  Personally, there’s no other modern laptop I’d rather use, regardless of operating system. To me nothing is more important than a good and proper screen.

                                                                                                                  If anybody comes up with a laptop that has a 4:3 screen, I’ll reconsider.

                                                                                                                  1. 1

                                                                                                                    Doesn’t the pixelbook have a nice tall aspect ratio? Ignoring linux compatibility and the fact that it’s a chromebook, I feel like you’d like the hardware.

                                                                                                                    1. 2

                                                                                                                      It does, but tragically it’s ruined by a glossy finish on the screen. I bought one for the aspect ratio and brightness but almost threw it out the window several times in frustration before giving it away.

                                                                                                                  2. 2

                                                                                                                    I don’t think many people buy new Apple hardware with the intention of immediately wiping it and installing Linux.

                                                                                                                    My MBP, for example, is running OSX because I need it (or Windows) to use Capture One photo software. When I upgrade to a new machine I’m going to put Linux on the old one and use it for everything else. I did the same thing with my iMac years ago.

                                                                                                                    I personally still think the build quality of Apple laptops are better than the alternatives. The trackpad in my old MBP, for example, still feels better than the trackpads I’ve used on newer machines from other brands. The performance and specs are less important to me as long as it’s “fast enough” and the build is solid.

                                                                                                                    All that said, I’m not buying any more Apple products because their software quality has completely gone down the toilet the last few years.

                                                                                                                    1. 2

                                                                                                                      In this case I didn’t really have a choice. I had tried asking for a PC before I started this job; but they tried to get me in really fast and provisioned a Mac without even asking me. My boss made up some bullshit about how you have to have them for developers laptops as the PCs the company bought didn’t have the specs (16GB of ram and such). I’m really glad I got Linux booting on it and not have to use it in VMWare (which does limit your max ram to 12GB and doesn’t give you access to the logical HT cores).

                                                                                                                      But yea if it was my personal laptop, I wouldn’t even bother buying a mac to being with. My recent HP had everything supported on it with the latest Ubuntu or on Gentoo with a stock kernel tree right out of the box.

                                                                                                                      1. 1

                                                                                                                        I got given a macbook so I had no choice what laptop to use so I installed linux on it and it works well enough.

                                                                                                                      1. 3

                                                                                                                        Certainly, but there are costs to not working on one’s skills outside of work. All other things being equal, someone who spends 1,000 hours studying a topic will know it better than someone who spent 100, and less than someone who spent 10,000. If you choose to spend your time not-coding, then you need to accept that someone who decides to spend his time otherwise may be better at coding than you (while perhaps being a worse musician, artist, friend or human being).

                                                                                                                        One really key point is that as we progress in our careers, our non-technical skills become more important than our technical skills. It turns out that investing all of our free time in coding is probably not the best use our resources.

                                                                                                                        Regardless, choices have consequences.