1.  

    There are essentially two problems with “plus addressing” (is that what we’re calling it now?):

    1. A good chunk of online services don’t recognize + as a valid character in an email address. Ten years ago, I chalked this up to lazy coding and lack of understanding the RFCs that hold the Internet together.

    2. These days, I’m sure it’s done deliberately because these services want your real email address not the special one-offs that you can then use to block them or track their usage of. Or, if they do accept the +, then sometimes they will silently drop it from your address in an effort to defeat any filtering or blocking you might have in place so that you are more likely to see their marketing wank front and center in your inbox.

    One of the benefits of running my own mail server is that I can use “plus addressing” but substitute the plus for any other character I like. I set postfix’s recipient_delimeter to . because a period is accepted as a valid email address username character just about everywhere due to many companies using firstname.lastname@example.com as their email address format.

    Of course, on occasion it’s a little weird to call up my bank or whatever and tell them that my email address is bityard.bankname@example.com because that brings up a variety of questions but most of the time it just works and is no big deal

    1. 6

      Question for the group. If you use Stylus (or used to use Stylish), what do you use it for?

      I headed over the the userstyles.org site and most of the styles seem to be “dark themes” or other cosmetic changes like changing the background of a site. Are there more practical uses of the extension? Can it modify HTML or Javascript (where the real power would be), or is it CSS only?

      1. 27

        other cosmetic changes like changing the background of a site

        You call it cosmetic changes, other people call it accessibility.

        1. 7

          I use it to tweak the layout of some of the sites I use, like moving a fixed top navbar to the side, and making it smaller. Or making narrow columns wider. Small stuff like that, which make the browsing experience much more bearable. I rarely use the social or sharing aspects of it. I haven’t found anything useful there, and I’m not sharing my tweaks either, because they’re very personal anyway.

          I rarely use it to hide things, my adblocker can do that more conveniently indeed.

          1. 6

            I apply a style of body { max-width: 800px; } on a few blogs that weren’t designed with wide browser windows in mind—they spill text across the entire width of the screen, which makes them really hard to read. (You could use your browser’s “reading mode” to fix this, too, but this CSS change usually does the job without breaking any layouts.)

            1. 4

              Now that I’ve started using Dark Reader, I use Stylus for well-made, site-specific dark themes. Previously I was using the Gruvbox Dark Everywhere userstyle, but its shotgun approach leaves much to be desired. Beware: Dark Reader has some major performance issues on Firefox.

              Edit: My installed themes (which I enable along with Dark Reader after sunset): https://ptpb.pw/nUrG.png

              Edit 2: Also I enable the Firefox and Tree Style Tabs dark themes. This really needs to get more streamlined.

              Edit 3: And then I get to enable dark/night mode on sites that support it natively, one-by-one as I visit them. Sigh.

              1. 2

                Man, Dark Reader is great. Thanks for bringing my attention to that.

                1. 1

                  Funny that you mention this. I don’t often long for the days when I had a CSS styling addon installed, but exactly this Dark Reader page made me bob my head back 20cm. That page seems to be made for a mobile phone or tablet screen, not a 27” monitor. Wow.

                2. 3

                  Fixing fonts on the most obnoxious websites.

                  1. 3

                    I like to use it to remove ads in core apps I use. I’d like to share the styles I create with others who use those apps. I use the free version of toggl, and they have a persistent, animated thing in the bottom-right corner that tells me the benefits of “going pro”. I just made a stylish thing to display: none the element which matches that rule. It’s great.

                    1. 1

                      Is there an advantage to that over the “block element” feature that exist in most ad blockers?

                      1. 1

                        I use brave and Firefox which have some built in blocking. I haven’t thought of that, but I’ll take a look!

                    2. 3

                      I used to use Stylish - and a predecessor the name of which has slipped my mind - to reduce the size of the UI in Firefox - smaller tabs, less wasted space -> more space for page content.

                      1. 2

                        i’m considering using it to shrink the gmail sidebar label font - they recently increased it from the same size as email body text to a size bigger, and it’s very annoying.

                        1. 1

                          I sometimes use it to tweak interfaces, like get rid of annoying panels or adding bold to certain elements

                          1. 1

                            I just started using this again after forgetting that it existed. Another forum I visit regularly now is ad free and doesn’t waste a bunch of whitespace where these were removed. I created an ironic one for hiding the ads for stylish for android on userstyles.org… :D Also, my day job involves using a console that has a lot of useless (to me) menu items - bye bye.

                            1. 1

                              Can it modify HTML or Javascript (where the real power would be), or is it CSS only?

                              Is it possible for extensions to request access only to modify CSS?

                              1. 4

                                CSS can still exfiltrate sensitive page content (albeit attacks are harder to write).

                                1. 1

                                  If you write your own CSS this is no longer a problem :P.

                                  1. 1

                                    That’s good to know. I’m going to do some reading on this, but do you have anything you recommend?

                                2. 1

                                  There are two sites I frequent that have awful stylesheets that I can’t stand so I have custom stylesheets that make them look better.

                                1. 10

                                  My only real complaint about getting rid of the /usr split is that /usr still exists as something other than a symlink to /. The name /usr is basically meaningless. If you aren’t going to support /usr on a separate partition, why bother having /usr at all? Just shallow your hierarchy:

                                  • /bin
                                  • /dev
                                  • /local
                                  • /share
                                  • and so forth

                                  Keep /usr as a symlink to / for compatibility. I’ve suggested this to folks a few times over the years and haven’t gotten much response. By symlinking /bin and friends, you keep /usr as a naming convention, even though as Landley’s post points out, it is one that has lost its relevance.

                                  1. 2

                                    Having a separate /usr leads to a system of layered configuration. You have the distributor-originating artifacts in /usr, you have your configs in /etc, and local databases/pods/containers/caches/spools/etc. in /var.

                                    Also see systemd-tmpfiles(8).

                                    Coincidentally something I recall from Haiku.

                                    1. 3

                                      From a 60ies/70ies UNIX perspective, I can understand this line of reasoning (limited disk space, more primitive file systems). But we can just put every application/configuration in its own flat filesystem namespace to avoid name clashes. It also makes it possible to have multiple versions of applications or configuration files available at the same time.

                                      (E.g. nix and guix follow this approach and to a lesser extend macOS application bundles.)

                                      1. 3

                                        The central problem with just refactoring the file system structure to something that makes more intuitive sense from a high-level view is that it makes life a living hell for package maintainers. They have to grind through the process of not just making sure binaries and libraries get where they should be, they also have to make sure that the software will actually work correctly with things moved around. Some software (especially stuff using autoconf) can deal with this pretty okay, but other stuff is more nightmarish. The closer your system is to “legacy,” the more likely $random_third-party_app is likely to more or less work out of the box.

                                    2. 1

                                      having circular symlinks can create some interesting tarballs, or make the linker recurse through it a few times.

                                    1. 0

                                      Rob Landley is the guy who convinced me to start learning Python at a conference panel some 15 years ago. Which has no bearing whatsoever on the content of the post, just something that popped into my head while reading it.

                                      1. 4

                                        I’ve always found it annoying that Red Hat offers no way to upgrade across major versions. This is to me an essential feature. There seems to be some (very limited) support for it nowadays, but it’s nothing compared to (for example) the Debian upgrade story.

                                        1. 6

                                          Redhat brings out new versions every ~5years, supports thema fort 10years. After that many years imho it’s beter tot re-install if only to make sure there are no dependencies someone installed by hand. This will make your life easier by reducing technical debt. At least that’s the theory…

                                          1. 1

                                            And it’s pretty rare to have a system live longer than 10 years in an enterprise environment.

                                            1. 12

                                              Yeah, you’d think so. You’d really think so.

                                              (pours another shot)

                                              1. 1

                                                Well, obviously there are going to be small exceptions, but can anyone produce an example of a 1000+ system datacenter running 10yr+ old systems for production? Most of my background is HPC, and that would have been quite rare to see because of power inefficiency.

                                                1. 1

                                                  In the HPC world, that may be true. In a typical enterprise, it’s nothing of the sort.

                                                  In a typical medium-sized enterprise, you have multiple datacenters filled with some mix of modern and “legacy” hardware in each. All of this is managed by separate teams operating in their own little silos. Projects come and go based on which middle managers impressed a C-level exec last week on the golf course. Even in a particularly profitable year when the purse strings are loosened up enough to modernize most of the infrastructure, there’s that one fucking server that’s responsible for some highly business-critical task but the person who knew the task and wrote the software (in friggen Delphi or something, probably) retired five years ago. Nobody wants to touch it because there’s no documentation on it and the source code was lost when IT re-imaged his desktop PC after he left. Many have tried to virtualize it or at least upgrade the OS but all have failed. The last time it went down in the middle of the day, the CEO of the company came down personally from the seventh floor just to yell at a room full of IT managers for two hours with the conference room door deliberately left open. The best anyone can do about it now is monitor some opaque queue status built into the thing, have some spare hardware handy, and make sure all the backups still run nightly.

                                                  Yes, a company could hire a consultant to come in and disassemble the code to figure out how it works, and then possibly write a more maintainable clone for it. But that would introduce risk to whatever business process it manages and it would cost a lot more money than just keeping the old thing chugging along a little while longer, which is already working fine and, much more importantly, has already been paid for.

                                                  That’s the enterprise I know, anyway.

                                                  1. 1

                                                    I believe Google had this problem and ended up installing Debian over top of each Red Hat box. https://www.usenix.org/node/177348

                                                2. 1

                                                  Physical systems? Yes. That was the great thing about applications running directly on physical servers. Server warranty expired -> application had to be installed somewhere else, and most likely with a new OS and newer application version. Now with virtualization the VMs simply get migrated to a new cluster when the hardware is EOL. Aaand of course the application is important enough that management accepts the system running although there hasn’t been security patches for years…

                                                3. 1

                                                  In OpenBSD it is easy and with little pain to perform a similar task, in my opinion that’s one of the benefits of developing a coherent system with unified and carefully maintained set of tools, developed wisely by the same team. In GNU, many of the basic userland operating system programs don’t have the same maintainer, and are not developed as part of an entity.

                                                  1. 3

                                                    I don’t think you understand, this has nothing to do with the operating system itself. If you leave any system running with users that can access it, bad things will happen. They will put small shell scripts on it that control mission critical functionality without you knowing, store important data on it, (ab)use it to access another system, …

                                                    While I agree that being able to do upgrades could in theory be handy, I believe periodically wiping a system and replacing it will end up being better. All depends on your environment/job of course, but I’ve seen a fair share of 8+year old systems, not regularly re-created and accessible by almost everyone in the company. Shutting them down will probably end up causing a downtime somewhere else, or someone will complain about his data becoming inaccessible. This is no fun…

                                                4. 4

                                                  This is ‘enterprise’ in the Red Hat world works.

                                                  You can upgrade FreeBSD from 5.3-RELEAES - by several steps - up to latest 11.2-RELEASE but you can not upgrade Red Hat (or CentOS) from 6.9 to 7.5, because NOT.

                                                  1. 2

                                                    Looks like upgrading RHEL 6 to 7 server on x86_64 is supported.

                                                    1. 1

                                                      Have you checked the details?

                                                      • Limited package groups: The upgrade process handles only the following package groups and packages: Minimal (@minimal), Base (@base), Web Server (@web-server), DHCP Server, File Server (@nfs-server), CIFS File Server and Print Server (@print-server). Although upgrades of other packages and groups are not supported, in some cases, packages can be uninstalled from the RHEL 6 system and reinstalled on the upgraded RHEL 7 system without a problem. See the table below.

                                                      So no, you can not compare that to freebsd-update and/or pkg upgrade from FreeBSD which will work in ANY condition and with all packages/states supported.

                                                      By the way, its only an ‘additional’ article in the knowledge base, its not official documentation of the Red Hat system.

                                                    2. 1

                                                      Well, the modern way of working is immutable infrastructure (or at least scripted and therefore fastish to recreate) anyway, so that should be a moot point. And yeah, I know, in reality it is not :/

                                                    1. 2

                                                      TBH, the amazing part is not that it got pwned, but that the attacker was incompetent enough to drop a simple easy-to-read shell script in plain sight. With passwordless sudo, it would have been beyond trivial to instead install a rootkit that can hide every shred of evidence that the host was compromised. In fact, it’s fairly likely that one already is installed and the author just doesn’t realize it yet.

                                                      1. 1

                                                        The author said he’d wipe the pi and reinstall next visit, with an SD card reader to handle that.

                                                        1. 1

                                                          Sure, but in the meantime a probably-compromised raspberry pi is sitting out there on the internet.

                                                      1. 2

                                                        What any reasonable person SHOULD do is: wipe the pi and reinstall. I would have done that if I had an sd card reader with me. I might do it on next visit. But for now, this seemed enough.

                                                        No. What a reasonable person SHOULD do is not running a machine with default credentials; especially when you are handing that thing to a layman a. Unless he used that pi as a honeypot.

                                                        Also I hope he reported the issue to the police. I know that there wouldn’t be any outcome but in the long run the police will only be able to get knowledgable officers for such kind of crime if the numbers rise. At least that’s what I have taken away from multiple chats I had with the force in Germany.

                                                        1. 3

                                                          In the US, you would be laughed right out of the police station if you came in to report that somebody uploaded a malicious program to your $35 raspberry pi that you forgot to change the default password on. And rightfully so.

                                                          1. 1

                                                            The point of the officers I spoke with was that there’s basically not enough budget for the “cybercrime” department and the more crimes are being reported the better (but still slim) are the chances to change that. But maybe this is not representative even for Germany.

                                                        1. 15

                                                          Some historical perspective on the origins of our industry:

                                                          • Computers and tabulating machines prior to the 20th century were mainly concerned with generating tables of numbers (mostly useful for gunnery and navigation), census-taking, and accounting (naked capitalism).
                                                          • Analog and digital computers as we know them in the 20th century were developed and used for the first decades of their existence to do mostly military work: calculating ballistic tables, simulating physics of interest to fission, tracking and controlling anti-aircraft guns, targeting missles, and so forth.
                                                          • The first networked computing systems in common use were for Naval ships coordinating fire control and for ground anti-aircraft and missle systems.
                                                          • MIT via Lincoln Laboratory and Bells Labs did extensive defense work, dating back to the very founding of those institutions.
                                                          • Integrated circuits exist so we could make better missle warheads. Huge amount of defense funding.
                                                          • GPS exists to help deploy military units, mark artillery targets, and guide missles. The street found its own uses for these things.

                                                          We can point to visionaries like Vannevar Bush and their pure dreams for things like augmenting human intellect with hypermedia but those same people never ceased to work for their country on horrifically powerful weapons.

                                                          DARPA is probably one of the only reliable sources for decades-out basic research, arguably better than the NSF.

                                                          It is not popular in our circles to discuss such things, but then truth remains: military projects have been and continue to be sources of major innovation in our industry.

                                                          Further, there’s this bizarre political idea of globalization and open-borders I’ve often seen supported seemingly without thought by folks doing these protests.

                                                          Globalization can and does endanger workers by allowing companies to escape what a country might consider to be reasonable regulations.

                                                          Not all border-control and immigration enforcement is a bad thing–look no further than the experience of Ukraine in the last few years when faced with an influx of undocumented immigrants.

                                                          Frankly, while I support the desire for Labor to organize against Capital when they see their livelihoods and morals threatened, I really do wish they could do so with a bit more of an eye towards reality and strategy. It’s like nobody learned from the Occupy protests. :(

                                                          1. 24

                                                            I recognize all this history, believe me. What I can say, without getting into a detailed debate, is that the positions you mention are not taken thoughtlessly, and I would encourage everybody to have these conversations about what exactly right and wrong mean to the tech industry. There are certainly a lot of perspectives that deserve to be included, yours among them.

                                                            I’ve actually been very frustrated that I don’t see these conversations happening much in the public sphere. Or rather, everybody talks about the tech industry and its moral dilemmas, but I seldom see members of the industry engaging with it, other than CEOs, who therefore wind up representing all of us by default. That really needs to change, and the sooner the better.

                                                            I’m tempted to blame the lack of dialogue on the fact that most places where engineers come together are oriented towards technical discussion to the exclusion of politics. But that’s really not the root cause; the root cause is that, in some sense, anyone making an engineer’s salary is part of the establishment and benefits from the establishment, and that makes it a very frightening thing to question whether the establishment is good.

                                                            1. 4

                                                              I really appreciate your thoughtful input, and I think if everybody had your mindset then discussion would be much easier. Good for you for taking the time to contribute in this manner. Yet, I also find that there are lots of people who are intolerant of other’s perspectives if they differ from there own, which can make discussion unappetizing for people who’s primary goal at work is to get work done and not engage in public debate.

                                                              However, writing this comment has made me realise that if I want to help encourage a more thoughtful and nuanced debate within the industry (which I believe is vitally important), I have to be part of making it happen. I guess this involves taking the risk of people not liking me if my views differ from theirs, being honest about why I hold my own views, and open to changing them though constructive, respectful discourse and reflection.

                                                              1. 3

                                                                Well, indeed. :) I couldn’t have said it better.

                                                              2. 4

                                                                I’m tempted to blame the lack of dialogue on the fact that most places where engineers come together are oriented towards technical discussion to the exclusion of politics.

                                                                There’s a reason for this. Most people’s political beliefs are held at least as strongly as their religious beliefs and they are just as difficult to change. When people talk about political and religious beliefs, they like to talk about why they think their own beliefs are right and occasionally why someone else’s might be wrong. This will almost always cause friction between the participants of the conversation unless they happen to have the same beliefs or unless the participants are unusually diplomatic with each other. Since most people are not always super diplomatic when discussing strongly held beliefs, and generally have a desire to get along with the people they work with and socialize with, it’s usually better for all involved to just avoid the big three volatile topics altogether: sex, religion, and politics.

                                                                Of course, all of this goes out the window as soon as you login to twitter.

                                                                1. 3

                                                                  Yes, absolutely understood. I would say that what you’re describing is that people are choosing to prioritize being part of their community over their desire to discuss political ideas. In general, I find this admirable; it takes a lot of maturity to stay off of the topic. But when our industry is at a cross-roads, I think that we have to discuss what comes next, even despite the good reasons not to.

                                                                  This is all true in a wide variety of contexts - lobste.rs, Twitter, at work, … In the specific case of conversations at work, staying off of politics is a particularly understandable choice because it might well be necessary for continued employment. This is what I was trying to get at with my mention of benefiting from the establishment.

                                                              3. 7

                                                                How things were, how things are, how things should be, and how things will be are different things.

                                                                It’s 100% true that the modern industry was bootstrapped by military investment and funding. But we shouldn’t forget that the funding is all coming from the same gov’t, and we can choose to have the investment and funding, without having it be in the purpose of blowing people up.

                                                                Getting military contracts is a good tactic for a single company to get some success and revenue, and for research to fund itself. But we can also aspire to fund this research directly.

                                                                There’s a spectrum of “reasonable military research” here, and it’s totally not black and white. But without guiding principles it’s hard to motivate strong political causes. The tea party did not feel the need to hold back on their principles and now control all three branches of gov’t

                                                                1. 1

                                                                  and we can choose to have the investment and funding, without having it be in the purpose of blowing people up.

                                                                  It sounds true at first that you can separate from them. Then, looking at big picture, you can’t if you’re dependent on infrastructure, tech, and/or research designed by people fine with that for the purpose of doing that. The Net getting funded was one of those. INFOSEC was another that came from military with highest levels still classified as a munition far as I can tell. GPS was another where it’s constantly helping us find things and helping military kill things. It does both by design. The ISP’s are taking piles of money from NSA for spying on people per Snowden leaks but their opponents still pay for Internet from ISP’s. The major platforms, hardware and software, are often DOD suppliers who make money contributing to blowing people up which their buyers support indirectly. That includes Red Hat with its contributions to Linux.

                                                                  And yet, here your comment is via lots of tech developed and/or funded by the groups blowing people up. Hard to escape given all the companies trying to get at their money. I don’t know if there’s a single vendor of MCU’s/CPU’s that doesn’t sell to war industries. All we can do is reduce the damage. Then again, DARPA and NSF do the most funding of stuff that can protect people from lots of threats. Pissing them off might hurt a lot of people depending on what you’re working on even if they might hurt others with a weaponization of it. The morality isn’t clear. I guess my compromise so far is government/military work is worth supporting if it can do more good than harm with a decent chance of good being developed outside the government.

                                                                2. 3

                                                                  The problem is that to organize, you need to class solidarity. If your allegiance to your class comes before allegiance to your nation-state, then you cannot arbitrarily decide that some workers have more rights to work inside the borders of your nation-start than others, even if this directly impacts your well-being and even if this means driving down salaries in your country.

                                                                  Renouncing these values means renouncing the values that should motivate you into the class struggle and give in to individualism, that is a tool to maintain the status quo.

                                                                  Globalization is a tool of the Capital to achieve profit but fighting it now will just lead to a worse alternative. Also defining what’s possible and realistic according to what the neoliberal paradigms dictates is a tool of the Capital but you seem to deal with it pretty fine.

                                                                  1. 4

                                                                    If your allegiance to your class comes before allegiance to your nation-state, then you cannot arbitrarily decide that some workers have more rights to work inside the borders of your nation-start than others, even if this directly impacts your well-being and even if this means driving down salaries in your country.

                                                                    I agree with your analysis here, and that is why I don’t use that ordering. I would wryly suggest that what is needed is some way of balancing class concerns in such a a way as to favor Labor with an eye towards political boundaries, but the natural English branding of such a thing–national socialism–has rather a lot of baggage.

                                                                  2. 2

                                                                    I’ll add that both INFOSEC that stops governments (more often) and Tor came out of military research. NSF, DARPA, and CIA continue to fund these types of things. Hell, such dual-use, protective projects are some of best reasons to continue funding these organizations. At least NSF and DARPA anyway.

                                                                    Military R&D are a necessity. We can’t control whether the techs will be abused. The U.S. can’t get behind on tech. So, my compromise is we keep investing, keep the ratio toward positive stuff, and get the crooks out of top of government and military. The latter are who abuse the military tools.

                                                                    1. 2

                                                                      bizarre political idea of globalization and open-borders I’ve often seen supported seemingly without thought by folks doing these protests

                                                                      “Globalization” is an overloaded term. The most popular, “negative” meaning is global capitalism. Protestors probably don’t support that kind of globalization. Open borders for individuals, that makes sense, I’m not sure how it’s bizzare.

                                                                      1. 2

                                                                        Open borders for individuals, that makes sense, I’m not sure how it’s bizzare.

                                                                        Why does it make sense? What answer would you give for that example of Ukraine, where a bunch of armed individual Russians decided to make use of inadequate border control.

                                                                        If you want to make the argument that we no longer use Westphalian sovereignty, that’s fine, but unless that’s the case a nation must have control over its borders to be considered a sovereign nation.

                                                                        1. 4

                                                                          Personally, I suppose, I’d say that we clearly need some level of border control for that specific, military purpose. I would also say that border control targeted at civilians is far more strict and intrusive than it needs to be for any policy objective I support.

                                                                      1. 4

                                                                        Great, now release a version of the Firefox Sync server that people can actually deploy in a self-hosted scenario.

                                                                        1. 8

                                                                          I was installing firefox on a new linux install the other day, and since a freshly-installed firefox prompts you to do so, I briefly checked out the Firefox Sync signup page, only to see that it prompts you to create an account and agree to Mozilla’s terms of service. I don’t want to have to agree to Mozilla’s terms of service in order to use the service - even if I can trust that they did the encryption correctly and Mozilla can’t figure out what websites I’m looking at if I use it.

                                                                          Edit: upon googling, it does look like there’s an official Mozilla repository that provides the code necessary to run your own Firefox Sync server, which is awesome, and I’m going to try this when I have the time.

                                                                          1. 1

                                                                            Edit: upon googling, it does look like there’s an official Mozilla repository that provides the code necessary to run your own Firefox Sync server, which is awesome, and I’m going to try this when I have the time.

                                                                            Yes, the code is available but successfully deploying it is entirely another matter due to dependencies on Mozilla’s specialized infrastructure. I’ve read blog posts from smart people who have tried and AFAIK, they all gave up in frustration.

                                                                            1. 1

                                                                              Ah, well that’s frustrating. I did look more into their docs for running a Firefox Sync server, but even running your own seemed to rely on having a Firefox Account, and the code for provisioning that yourself seemed even more complicated. I may try this again at some point, but for the time being it does look poorly-documented and more trouble than I want to spend right now.

                                                                        1. 39

                                                                          Jeff Bezos calling anyone a bully is like a Klan member accusing a neighbor of being racist. People like Bezos get where they are by being an unrepentant asshole to literally everyone except shareholders and reporters.

                                                                          1. 1

                                                                            Or to talent or to managers. You don’t have to be a personal asshole, just a pushy manager.

                                                                          1. 2

                                                                            You can pry ncdu from my cold, dead hands

                                                                            1. 6

                                                                              Wow if I bought a monitor with a dead pixel and weird lines on the screen it’d be back in the shop before you could say ‘Consumer Guarantees Act 1993’. Especially on such expensive high end hardware. I was upset enough that my monitors’ colour balance isn’t quite the same.

                                                                              EDIT: I also find it absolutely hilarious that DPI scaling works fine in Qt 5, and works fine in actual web browsers, but doesn’t work in Electron, the supposedly ‘modern’ UI framework.

                                                                              1. 4

                                                                                He didn’t even align the displays with each other … AAAAAAARGHRGHGHRGH.

                                                                                1. 3

                                                                                  DPI scaling works fine for Electron apps based on a Chromium version that supports DPI scaling. This has been the case for quite some time now, and Chromium’s move to GTK3 has improved support even further. I’m not sure what Electron apps the author was using that didn’t support DPI scaling, however I’ve yet to come across one that doesn’t scale on my 4K laptop screen. Both VS Code and Slack work flawlessly for me.

                                                                                  I got my XPS 9560 in early 2017 with a 4K screen so I was initially quite worried about scaling issues, however the only apps I ever have issues with are older GTK2 apps (Gimp, and pgAdmin are the only two that I use).

                                                                                  1. 2

                                                                                    DPI scaling works in Electron apps, but I often have to specify it per app (often by using Ctrl +/- for the browser zoom). … It is kinda a step backwards when you think about it.

                                                                                    1. 1

                                                                                      I am using Spotify. I have just checked and it’s still not scaling correctly without the appropriate command-line option. I’ll add a note this may depend on the Electron app.

                                                                                      EDIT: maybe Spotify is not an Electron app, but a CEF app. Is there still a difference?

                                                                                      1. 1

                                                                                        The version of Chromium CEF/Spotify uses seems to lag pretty far behind contemporary Electron builds, just based on https://www.spotify.com/ro/opensource/

                                                                                        1. 1

                                                                                          Chromium 65 is recent enough to have the appropriate code. But maybe CEF doesn’t make use of it. I’ll update the table to mention Electron apps works fine.

                                                                                          1. 1

                                                                                            Spotify for Linux has been around since before Electron existed, so Spotify not using it isn’t much of a surprise.

                                                                                            According to this page, Electron doesn’t make use of CEF, and instead calls Chromium’s APIs directly, which is probably why Electron apps are able to scale correctly while Spotify doesn’t.

                                                                                        2. 1

                                                                                          I use Spotify every day in a HiDPI environment. Never had an issue. The one thing you might want to do if the first time you load it the text looks too small is use the built in zoom feature (Ctrl+/Ctrl-) to bring the font to a readable size, it’ll be saved and you won’t have to worry about it anymore.

                                                                                      2. 1

                                                                                        Wow if I bought a monitor with a dead pixel and weird lines on the screen it’d be back in the shop

                                                                                        The policy allowing some handful of dead/stuck pixels has been written into the warranties of most monitors literally since LCD computer monitors have been around. Because most people use their monitors for web browsing, email, document editing, etc, where a couple of extremely tiny black specs are truly insignificant and will literally never be noticed among all of the dust such that accumulates on every screen.

                                                                                        If you want a monitor that comes with zero dead pixels guarantee, they certainly sell those, but they cost more as well since there’s more QA involved.

                                                                                        1. 1

                                                                                          The policy allowing some handful of dead/stuck pixels has been written into the warranties of most monitors literally since LCD computer monitors have been around.

                                                                                          They can write whatever they like in the agreement that I never signed or agreed to when I bought a monitor from a shop. It’s completely irrelevant. I’m not talking about returning it to the manufacturer under their warranty, I’m talking about returning it to the shop I bought it from under consumer protection law.

                                                                                          Because most people use their monitors for web browsing, email, document editing, etc, where a couple of extremely tiny black specs are truly insignificant and will literally never be noticed among all of the dust such that accumulates on every screen.

                                                                                          My monitor has no dead pixels. If it got a dead pixel, I would notice immediately. They’re incredibly obvious to anyone that isn’t blind.

                                                                                          If you want a monitor that comes with zero dead pixels guarantee, they certainly sell those, but they cost more as well since there’s more QA involved.

                                                                                          No, monitors that come with a ‘zero dead pixels’ guarantee are all monitors.

                                                                                          1. 1

                                                                                            They can write whatever they like in the agreement that I never signed or agreed to when I bought a monitor from a shop.

                                                                                            Nobody mentioned an agreement. A warranty is not the same as an agreement or contract.

                                                                                            I’m not talking about returning it to the manufacturer under their warranty, I’m talking about returning it to the shop I bought it from under consumer protection law.

                                                                                            It would have been useful to mention that you’re apparently in New Zealand. If I understand it, the law you’re talking about requires every retailer to accept returns of purchased merchandise. Not all countries have such a law. In the U.S. for instance, almost every store accepts returns whether or not the merchandise is defective. But this is simply good customer service, it’s not a legal requirement.

                                                                                            So now the argument hinges on what is considered defective and who gets to decide that. Is it up to the manufacturer? The retailer? The end user? In your country, I honestly don’t know and don’t care enough to research it right now.

                                                                                            They’re incredibly obvious to anyone that isn’t blind.

                                                                                            No, not really. Dead pixels are only obvious when the entire area around the dead pixel is one solid bright color, and even then, are generally indistinguishable from dust. Most people will never notice a dead pixel in everyday use, especially as the pixels in monitors get smaller and smaller. I have a huge monitor with a ridiculous resolution at home. It has a couple of dead pixels, it’s been months since I last noticed them. But by god it was like $200 on Amazon. I’ll happily save a few hundred dollars to deal with a couple of dead pixels I very rarely notice.

                                                                                            No, monitors that come with a ‘zero dead pixels’ guarantee are all monitors.

                                                                                            In New Zealand, maybe, but that’s not at all a universal statement. Nor should it be.

                                                                                            The realities of the LCD manufacturing process are such that if every LCD panel manufacturer threw out all of their panels with one or more dead pixels, every monitor produced would cost the end user a lot more. Because not only do you need better QA, you’re throwing into the trash a significant percentage of your yield. Which has a dual negative impact: Not only did you waste precious factory time and expensive resources on the panel, now it has to get thrown away into a landfill or processed for recycling if that’s even possible.

                                                                                            It’s far more efficient from a manufacturing, environmental, and market standpoint to just sell the slightly imperfect panels at a discount and sell the perfect panels for whatever the market will bear for zero dead pixels. Which is exactly what most manufacturers do. You want zero dead pixels, buy the one with the zero dead pixels policy. Here is Dell’s version of that: https://www.dell.com/support/article/nz/en/nzbsd1/sln130145/dell-lcd-display-pixel-guidelines?lang=en

                                                                                            1. 1

                                                                                              Nobody mentioned an agreement. A warranty is not the same as an agreement or contract.

                                                                                              A warranty is an example of an agreement. You purchase the thing, and they agree to take it back if it’s faulty. But they can put whatever terms they like, they can define taking it back, define timelines, define ‘faulty’, etc. It’s completely up to them, really. If you don’t like it, don’t buy it.

                                                                                              It would have been useful to mention that you’re apparently in New Zealand. If I understand it, the law you’re talking about requires every retailer to accept returns of purchased merchandise.

                                                                                              Only if it’s faulty.

                                                                                              So now the argument hinges on what is considered defective and who gets to decide that. Is it up to the manufacturer? The retailer? The end user? In your country, I honestly don’t know and don’t care enough to research it right now.

                                                                                              The same way anything is decided legally: it starts off a bit fuzzy around the edges, but in the vast majority of cases, it’s pretty obvious what it means for something to be faulty. And in a few edge cases, it gets decided by the legal system which sets a precedent that sharpens the edges for everyone else in the future.

                                                                                              No, not really. Dead pixels are only obvious when the entire area around the dead pixel is one solid bright color, and even then, are generally indistinguishable from dust. Most people will never notice a dead pixel in everyday use, especially as the pixels in monitors get smaller and smaller.

                                                                                              I can guarantee I’d notice any dead pixels on my 1920x1200, 24 inch monitor. I can guarantee I’d notice any dead pixels on my phone. I think it’s nonsense to claim that most people would never notice a dead pixel in everyday use. A bright dot in the middle of your monitor is going to be obvious if you’re watching something that’s dark. The moment you watch a movie there’s an unmoving bright green dot in the middle of the screen? Everyone is going to notice that.

                                                                                              I have a huge monitor with a ridiculous resolution at home. It has a couple of dead pixels, it’s been months since I last noticed them. But by god it was like $200 on Amazon. I’ll happily save a few hundred dollars to deal with a couple of dead pixels I very rarely notice.

                                                                                              It’s fine if the manufacturers and retailers sell them at a discount as seconds. But that’s not what they’re doing. They’re selling them as normal and then just hoping people can’t be bothered complaining about them and returning them.

                                                                                              The realities of the LCD manufacturing process are such that if every LCD panel manufacturer threw out all of their panels with one or more dead pixels, every monitor produced would cost the end user a lot more.

                                                                                              For a start, nobody is saying that they have to throw them away. As I said, they could sell them at a discount as a second. Some people would be fine with that, others wouldn’t, that’s friendly to the customer and lets them make a choice with a tradeoff.

                                                                                              It’s far more efficient from a manufacturing, environmental, and market standpoint to just sell the slightly imperfect panels at a discount and sell the perfect panels for whatever the market will bear for zero dead pixels. Which is exactly what most manufacturers do.

                                                                                              That’s absolutely not what they do. They sell them all at a price somewhere between those two prices, and when you buy a monitor you roll the dice. Maybe you’ll be lucky, maybe you won’t. People that want a good monitor that actually works as advertised have to roll the dice, and someone that doesn’t care like yourself has to pay a higher cost (for your chance to get a perfect monitor) than they’d pay if they were able to specifically buy a monitor with a couple of dead pixels at a discount.

                                                                                      1. 1

                                                                                        For the outside, Lua has always seemed like a nice language and my perception of it is that it is pretty easy to get into. Unfortunately I haven’t yet had an excuse to dig into it.

                                                                                        1. 1

                                                                                          Just run your own mail server and create disposable addresses or use a catch-all pattern per user (e.g. username-correspondent_name like frank-microsoft or frank-lobste.rs) with a blocklist for abused addresses. I’ve been doing this for decades now, it works fine, I hardly get any spam in my inbox (once per week or less) and I have a simple way of finding messages pertaining to a given correspondent - just search on the `To:’ address.

                                                                                          1. 1

                                                                                            Yes, postfix makes this ridiculously easy. One setting lets you use any valid character as the separator, the recipient_delimiter option. Gmail uses ‘+’, but a ton of websites reject that either because they never bothered to check the RFCs or because they know about the gmail feature and demand your real address instead. I use ‘.’ on my mail server and it works everywhere.

                                                                                          1. 7

                                                                                            clickbaity title; ‘Stop Building Single Page Apps’ would be simpler and informative

                                                                                            1. 1

                                                                                              And the dude needs to dial the font size down a LOT. I had to view it at 70% the original size just to make it readable.

                                                                                              1. 4

                                                                                                Then others have to increase the font size again. For me the font size is pretty reasonable (27” WQHD). I often use Firefox’s reader mode when a page is hard to read, especially for forums and the like.

                                                                                                EDIT: typos, formatting

                                                                                                1. 1

                                                                                                  80% for me, but yeah kinda painfully big.

                                                                                              1. 13

                                                                                                That’s bad. So much for my hopes of Red Hat being an independent check against these big companies. If it’s actually $34 billion, then this tops WhatsApp as biggest acquisition if memory serves right. Makes sense on IBM’s part since they mostly be the farm on Linux on top of being major contributor to kernel.

                                                                                                1. 3

                                                                                                  Do you think rhel has acted as competition to IBM in the past decade?

                                                                                                  1. 9

                                                                                                    IBM is a patent-trolling firm that turns everything they acquire into crap vs what they were. I imagine them owning Red Hat’s IP early on might have made Linux worse off. Instead, they developed independently in goals and style then interdependently in supporting the kernel. Now, that large, independent party is controlled by IBM.

                                                                                                    I’d rather there be as large a number of companies as possible contributing to and/or influencing future of Linux.

                                                                                                    1. 9

                                                                                                      IBM has had a big influence on RHEL since early days. They started steering kernel development and taking advantage of Linux platform very early on thanks to some very smart executives. The Linux strategy enabled IBM to outsource OS development and create essentially a trust that broke the MSOFT monopoly without much investment and outside the imagination of anti-trust enforcement. Think about if, in 1998, IBM/Oracle/Novell/Intel had formed an OS company - it would have been the immediate target of an anti-trust action.

                                                                                                      1. 5

                                                                                                        Everything you say makes sense. The outsourcing OS development note is something I’ve always pointed out. They’re not fully freeloading off Linux but get way more value out than they put in. Smart strategy for them. Then, Novell grabbed Suse. The rest just build on top of the big ones with Shuttleworth’s Canonical being the outlier: a straight-up loss to make a desktop happen.

                                                                                                        1. 4

                                                                                                          They’re not fully freeloading off Linux but get way more value out than they put in.

                                                                                                          Doesn’t everyone? :) Certainly true of myself.

                                                                                                          1. 2

                                                                                                            (Glances at laptop and wallet.)

                                                                                                            Yeah…

                                                                                                    2. 4

                                                                                                      Absolutely. I don’t have any data but would bet that RHEL is easily the biggest competitor to IBM’s mainframe/enterprise computing stuff.

                                                                                                      1. 3

                                                                                                        IBM does a huge Linux business that relies on RHEL. You could view RHEL as a low cost vendor to IBM.

                                                                                                      2. 3

                                                                                                        Without a doubt. In big enterprise businesses like finance where downtime is measured in the millions of dollars per minute, you shell out big money for IBM hardware and IBM software and IBM support contracts because you know with 100% certainty that what you get is going to work as well as they claim. If it doesn’t, it’s escalated until it does*.

                                                                                                        All of that is well and good until one day someone notices that the company is shelling out way too much money annually on support for an aging Power server just to run some in-house Java web apps that would be just fine on a $50k Dell cluster running Linux. When you run an enterprise you always buy support and Red Hat is the industry standard in Linux support. So Red Hat really made a lot of headway into the lower to middle-end product space in enterprise datacenters, a space that IBM tried very hard to convince its customers didn’t actually exist. Until today.

                                                                                                        * Of course, this is usually more true for IBM’s in-house stuff, there are a lot of cases where they’ve bought another company for their successful product, slap the IBM logo on it, and then let it languish.

                                                                                                        1. 3

                                                                                                          20 years out of date. IBM biggest revenue division is services/cloud. The mainframe business is profitable but shrinking. Linux is raw material, not competition.

                                                                                                      3. 1

                                                                                                        What do you mean by, “this tops WhatsApp as biggest acquisition”? WhatsApp was acquired by Facebook. And neither are even in the ballpark of the biggest acquisitions on our public markets.

                                                                                                        Is it that this is the biggest “tech company” acquisition, for some definition of “tech company”? That might be. It’s interesting because it’s probably only a company like IBM that could afford – and even make sense of – a $20B market cap enterprise open source company like RedHat. But more than anything, IMO, it shows that this particular segment of the public tech market is running on a lot of smoke and mirrors. I am a multi-decade techie, and I can’t even tell you what IBM and RedHat truly do, other than sell overpriced enterprise support contracts for legacy systems to enterprises. No techie I know would choose either of them as “growth” opportunities on the fundamentals of innovation or new products; instead, your excitement about their businesses comes down to what extent you think Fortune 1000 companies will feel obligated to pay them an IT support tax, of sorts. Meanwhile, for IBM, which has been operating on smoke and mirrors for a long time now (especially “Watson”), this is just a multi-billion dollar enterprise tech confusion where it can continue to hide losses and buy time for a massive speculative innovation that will never come.

                                                                                                        1. 4

                                                                                                          Is it that this is the biggest “tech company” acquisition

                                                                                                          That’s what I meant. The news wave over Facebook dropping $16 billion on WhatsApp talked about it being the biggest or one of the biggest. This justifiably topped that. Remember this is a company that sells hybrid of FOSS and proprietary software, though. Most big acquisitions aren’t for FOSS-oriented companies. It’s both a nice precedent for valuing others and one that might not be repeated given Red Hat itself might not be repeated. To put the deal size into perspective, HP acquired Compaq with its servers, CPU’s, and OS’s for $25 billion.

                                                                                                          “But more than anything, IMO, it shows that this particular segment of the public tech market is running on a lot of smoke and mirrors. “

                                                                                                          It often is. In IBM’s case, they’re a large company that doesn’t produce this sort of thing on their own. They have to acquire such innovations for ridiculously-large amounts. It’s a problem with their culture mostly but some is inevitable. This one is different, though. Like in vyodaiken and I’s conversation, these two have been pretty close for some time with IBM betting the farm on Linux for most servers and service revenue. Although it was outsourced (an externality), it looks like they’re internalizing it since it’s so mission-critical. Ensuring tens of billions in Linux-derived revenue continues to flow for years… the total being a humongous number… might be worth $20 billion one-time. Then they also get new tie-in products like with other acquisitions. I think it’s mostly them addressing a core dependency, though.

                                                                                                      1. 11

                                                                                                        Lazy loading is missing, so that I always click on the ads instead of on the link I want, because the site still hasn’t finished loading.

                                                                                                        1. 2

                                                                                                          You’d be surprised how often this “feature” is not an accident

                                                                                                        1. 3

                                                                                                          It’s rare that I have a programming project in my hobby time but I’m working on an expense tracker. I have been making a surprising amount of progress on it considering that I’m not really much of a developer and web development in particular is not at all my in my wheelhouse.

                                                                                                          1. 2

                                                                                                            Sounds interesting. I’m preparing for a talk this week on plain text accounting so I’m always curious for work happening in this domain. Do you have any details to share at this point?

                                                                                                            1. 2

                                                                                                              Oh, this isn’t a plain-text project, I’m implementing it mainly in the traditional HTML/CSS/Javascript stack. This will be so that my wife and I can track our expenses better. I’ve looked at a LOT of existing solutions but none of them quite fit because they either try to do too much, do too little, or are written in a technology stack that I have no hope of being able to maintain myself (e.g. Java) or that my wife isn’t technical enough to use (e.g. ledger).

                                                                                                              I haven’t decided yet what the backend will be yet so I might be able to leverage some plain text accounting tools there but it’s too early to say.

                                                                                                          1. 14

                                                                                                            I don’t totally agree with Stallman on a lot of things but I’m extremely impressed with how much common sense is being applied here. This approach is a lot better than the various codes of conduct bolted on to so many open source projects. Many CoCs are somewhat authoritarian in their tone in that they simply tell you what you can and cannot do without offering any advice about effective communication. (Worse, some projects require you to agree to the CoC, which makes it a binding and enforceable contract whether you realize it or not.)

                                                                                                            1. 5

                                                                                                              It is my understanding that CoCs are meant to communicate in clear language what a community will and will not accept, and the consequences of unacceptable behavior. And perhaps all communities converge to something like a CoC even if it isn’t explicit, e.g. “Do what you like, we don’t moderate here.” Perhaps community organizers can have CoCs and communication guidelines side-by-side and cross-referenced, so that the guidelines come first and the CoC is there for when boundaries are crossed?

                                                                                                              1. 3

                                                                                                                The original motivation by the author of Contributor Covenant was forcing far left politics on folks everywhere. When such people get one passed, they use its broad language to do that. They just talk about obviously bad stuff that few would argue with in lead up to it. Hence, the strong opposition.

                                                                                                                There’s also folks who saw the trend, didnt know/share the political goals, liked emforcing civility, and added one to their project for that reason. That happens, too. Most of the enforcement interpretation comes down to moderators and/or vocal members, though.

                                                                                                                1. 6

                                                                                                                  forcing far left politics on folks everywhere

                                                                                                                  That’s not what far-left politics is, it’s pretty milquetoast liberalism.

                                                                                                                  1. 1

                                                                                                                    milquetoast

                                                                                                                    I’m not familiar with this word. The dictionary definition doesn’t help me much; what does it mean in the context of politics?

                                                                                                                    1. 1

                                                                                                                      It means ineffective or inoffensive.

                                                                                                                    2. 0

                                                                                                                      It depends on who you ask. Maybe geographical area, too. I honestly don’t follow all the terms closely since they themselves become part of political battle and sophism. I try to simplify. Most of what leftists call right-leaning people all oppose that kind of politics. So, it’s best to call it leftist politics of some sort. Most liberals I meet aren’t for systematically controlling peoples’ speech or banning them in every forum or place for their casual remarks in one. Obviously, there’s exceptions where people flip out over something like an N-bomb exposing what person might really think on inside. Most of the time, though, the liberals out here and in lots of places don’t go that far with enforcement. They’re also willing to make practical tradeoffs for greater good even if it sacrifices a bit of ideological purity in decision-making.

                                                                                                                      So, these people that put ideology above everything and want universal, constant, severe enforcement are a rare breed compared to majority. At least, from what I can tell. I’d love carefully-worded surveys to get more objective data. If they’re rare, leftist, and stronger on ideology than most, then calling them far leftist is a fair description even if not precise. I think radical leftists or leftist extremists is even better showing the fact that many leftists would argue with their position or actions even supporting their goals. Some might even distance themselves from them in business or politics.

                                                                                                                      1. 5

                                                                                                                        This conversation isn’t going anywhere because your understanding of the left is so wildly different than mine. For me, far-left means socialist or communist, not people who shout things on Twitter. I suggest you read Exiting the vampire’s castle by the late Mark Fisher if you want to learn more about this distinction.

                                                                                                                        1. 1

                                                                                                                          Thanks for the reference. Maybe the term has multiple meanings in practice with people using it relative to their own political stances. I might stick with radicals or extremists to avoid confusion.

                                                                                                                        2. 2

                                                                                                                          The use of coercion to make people adhere to their own worldviews is not exclusive to either side of the traditional political spectrum but an orthogonal dimension entirely. There’s a long but ultimately good explanation at https://nintil.com/2017/10/14/yet-another-half-baked-theory-of-the-political-spectrum

                                                                                                                          1. 2

                                                                                                                            Most political theorising and philosophical discourse happens in the anglosphere. And the anglosphere is mostly, by numbers, the United States.

                                                                                                                            There are texts that haven’t even been translated into English that are valuable pieces political theory. Especially from the left. Don’t even get me started on philosophy.

                                                                                                                            Also, Scott Alexander is garbage and if you want any kind of actual political insight you should not be reading him or reactions to him. His personal politics boil down to GamerGate for nerds. Of all the armchair social “theory”, only Moloch is a somewhat good text, but it’s also just a distillation of small bits of Nick Land’s philosophy. If you’re looking for actual insight, read the things that he hates.

                                                                                                                            All this talk of “axes” and “spectrums” are totally useless and trivial, appealing only to people who view politics as some kind of an internet ideological picnic. They get infatuated with ideas themselves, without wider philosophical, historical, and material context, they view them as identity badges, and that leads to confusions and perversions like the political compasses.

                                                                                                                            1. 2

                                                                                                                              re “why do people who want laissez-faire free trade empirically also prefer a strong military”

                                                                                                                              I’ve countered them with exactly that! I told them I don’t support the troops. “What? What?” I told them military wastes money constantly on stuff that’s useless in general or against today’s threats. Most bases and deployments are unnecessary even to a lot of military people. The companies wasting money are protected year after year. None of this is like free market where you have to get useful to people or perish. Then, I suggest maybe they can pay out of their taxes for all the extra bullshit and waste they want while people like me force competition among lean defense contractors that deliver only useful, necessary stuff. We’ll pay less, too. They’re always so shocked and pissed at the concept despite some agreement.

                                                                                                                              re “The common thing between leftists is utilitarianism.”

                                                                                                                              I have said the right is about individualism: follow personal opportunity and responsibility even if failure can kill you. If left is opposite, then them being utilitarian would seem to follow. Liberals out here being willing to loose something every year to improve society’s baseline is something that differentiates us from conservatives. That said, it falls apart with the charitable aspects of conservatives where they’re fine helping people so long as it’s their own private donations given to their choice of recipients. The churches are also usually centers of charity and support in smaller towns, too. They also believe pushing people hard to do their best improves the baseline much like we liberals do with socialist-type activities.

                                                                                                                              So, even this fails to really categorize them.

                                                                                                                              re article in general

                                                                                                                              Emotional, herd behavior as described in the article seem to fit best. Yeah, I might drop left and right for general discussions since their meaning is too diluted. Thanks for this article that does an excellent job illustrating that, too. I’ll keep it.

                                                                                                                              1. 1

                                                                                                                                Liberals out here being willing to loose something every year to improve society’s baseline is something that differentiates us from conservatives.

                                                                                                                                Please stop using these terms like an American, even if you are one. It’s incredibly annoying to see people that say things like ‘liberals hate the free market’.

                                                                                                                        3. 5

                                                                                                                          Most of the strong opposition I’ve seen has been an amorphous blob without much substance to them but vitriol.

                                                                                                                          Yes, I think Coraline handled this poorly, but after the backlash and personal attacks against her I think that’s kind of understandable. I also think the flashpoint of this backlash (Linus) is kind of indicative as well. Linus was a dick. He often provided an entertaining display of brutal honestly which people unconnected to the issue at hand would latch onto. They wouldn’t care about the issue being argued, only Linus’s display of maleficent brutality. I’m cool if you call my idea stupid. I’m less cool when you start calling me ugly.

                                                                                                                          Sooo @nickpsecurity is there anything specific argument you have against these CoC’s?

                                                                                                                          1. 2

                                                                                                                            The CoC’s are specifically designed to enforce one type of politics from a leftist minority in every space on Earth they can. This includes the usual language policing where a tiny portion of America, who may not even be contributors or minority members, attempt to police everyone else’s speech based on their interpretation of what discriminatory or offensive speech is. Even if there’s no overall consensus on that or disagreement by majority and/or dissent by many minority members on specific claims. Despite being “pro” minorities, the minority members who disagree will themselves be chastised or ejected for supporting discrimination. And finally, the author pushes for projects taking up the CoC to enforce it everywhere: good, inclusive behavior in a project doesn’t count if you said something their type of politics doesn’t like on another forum. The best example, where she and her pals showed true colors, was OpalGate with highlight being them trying to set maintainer up to look like they supported child molesters. As usual, they wanted their rules enforced and major contributor removed for ideological reasons with nothing in return for project.

                                                                                                                            A group of them also put me on trial here wanting me banned with one going after user tree. I stopped doing invites to avoid others being targeted and harassed via association with me. I knew political suppression would follow adoption of a CoC that’s designed for political suppression. Like in other situations, those pushing the CoC only talked about over abuses nobody would argue with. Since it’s activism or war to them, they’re always dishonest when getting them adopted (end justifies means). They rarely straight-up say: this is a tool to enforce a specific set of political beliefs about speech, actions, and affiliations on everyone in the project in every space they inhabit with non-conformance leading to admonishment and/or ejection from all with our rules. That’s how they try to use them, though, once adopted. So, I oppose them so such sneaky manipulators have less leverage over their targets.

                                                                                                                            Stallman’s looks really good overall since it just encourages kind and wise behavior. That’s the kind of merit-based, but with kindness and respect, CoC that I was promoting in the past. You don’t need leftist extremist setup to block many bad behaviors in project guidelines. He just illustrated that nicely.

                                                                                                                            1. 2

                                                                                                                              Again: is there specific arguement you have against the CoC?

                                                                                                                              Most of your complaints listed thus far seem to be focused on the personal actions of individuals, not the conduct of the organizations. Paradoxically, this is what you are arguing these people are trying to police.

                                                                                                                              The CoC is scoped to interactions of the organization (both internally and while representing the organization).

                                                                                                                              This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event…

                                                                                                                              You are free to be racist, sexist, or transphobic. It just says don’t do it when you are working in an official capacity.

                                                                                                                              The best example, where she and her pals showed true colors, was OpalGate with highlight being them trying to set maintainer up to look like they supported child molesters.

                                                                                                                              This was a personal action by Coraline to petition the project to remove an very anti-trans contributor. Also they did not try to frame the maintainer to supporter of child molester. When meh declined, they asked what level of behavior would merit ejection. e.g. being a neo-nazi, a rapist, or a child molester.

                                                                                                                              The entire thing very quickly turned into a shit show when people from unrelated to the project flooded arguing there support or in disagreement of the original verdict by meh.

                                                                                                                              Coraline emailed the owner of the project apologizing for the mess, as well as to Elia (the person she petitioned to be removed).

                                                                                                                              A group of them also put me on trial here wanting me banned with one going after user tree. I stopped doing invites to avoid others being targeted and harassed via association with me.

                                                                                                                              Yeah and some people are just dicks. I don’t know what the background on this is, but if they are harassing you, then report then. That is why things like CoCs - exist to codify the conduct between individuals.

                                                                                                                              There is no far left cabal trying to undemocratically control the behavior of people, or at least this isn’t it.

                                                                                                                          2. 3

                                                                                                                            When such people get one passed, they use its broad language to do that.

                                                                                                                            I understand that this is a popular theory among people who oppose the Contributor Covenant. Is there any evidence for it?

                                                                                                                            Most of the enforcement interpretation comes down to moderators and/or vocal members, though.

                                                                                                                            This seems like the “bottom line” for all projects. Accepting a CoC written by someone else isn’t giving up the existing project/community and their standards, it’s just encoding them in a more formal way than most projects have (up until now).

                                                                                                                            1. 2

                                                                                                                              Answered that here.

                                                                                                                              “Accepting a CoC written by someone else isn’t giving up the existing project/community and their standards, it’s just encoding them in a more formal way than most projects have (up until now).”

                                                                                                                              It really doesn’t since most don’t want political domination and control according to specific views by specific groups of people who might not be contributors. That’s what the CoC was designed for, though, as I say in my other comment. The next move they try is getting people that think like them in enforcement positions. Whatever original reason for adoption, the CoC becomes a tool for them to achieve their political goals. Even if those aren’t there yet, they can always get in later to use CoC for its intended purpose.

                                                                                                                              That’s what Ehmke did at Github with quite a backlash. I bet Github’s management weren’t told of Ehmke’s actual goals either: probably just the regular BS of “we’re only trying to stop trolls and haters doing things like N-bombs or saying women can’t code.” Who would argue with a need for better moderation or stopping such people? Hardly anyone with sense given all the toxic behavior. Then, she recruits a crew like her… that would enforce their views on the masses and ignore the outgroups’ complaints. Outgroup mostly being straight, white males that she vilifies that are a huge chunk of tech projects. Politically antagonizing them might mean reducing market share, impact, or image of any tech-focused service she’s working for as they switch sites or services. I bet she didn’t tell executives she intended to cause that and was OK with such results given their ideology trumps everything. In her later write-up, she said all the hate that came in was just because she was trans person basically trying to make people nicer and more inclusive. Nothing more.

                                                                                                                              Den of jackals they are. I consider any rules they create to be tainted and subversive by default. Double so if I see them used for political subversion. Let each community make their own rules codified from their existing practices like you said. They can draw on language from any source. Just be honest about goals, discuss it, vote on it, and so on. Then, what sticks they commit to. Lobsters already has a non-political-domination CoC that I follow: unwritten but illustrated by admin/mod responses to comments in various threads. It maintains civility and reduces visibility of problematic comments without outright suppression of dissent. Bans are only when necessary about behavior on this site, not others with other rules. Much better. As usual, I’ll add that the fact that this site runs so well is an argument in favor of such non-political CoC’s being able to do the job. Add Stallman’s to the list or as a start on another one.

                                                                                                                              1. 1

                                                                                                                                I can see that you feel very strongly about this, and I don’t want to inflame this argument at all, but I do want to point a couple of things out.

                                                                                                                                The replies above mention a number of examples of things Coraline Ada-Ehmke or “her people” have done. For the most part, they don’t involve adoption of CoCs or the Contributor Covenant.

                                                                                                                                In the “OpalGate” thread I agree a lot of unpleasant and angry things got said. I suggest a substantial part of that was people arguing from the basis of what they personally felt the project’s standards should be, and “arguing past each other” as a result. In the end the maintainers adopted a code of conduct for the project which clarified “the standard this project will be run against”. The person who was the subject of the original post is still a core maintainer today. This seems to me like a pretty mild outcome - the project’s standards are no longer in dispute, and noone got banned…?

                                                                                                                                (I’m not arguing that the ends necessarily justified the means here, but I am genuinely trying to understand what the catastrophic consequences of adopting CoCs are, as I don’t see them.)

                                                                                                                                Regarding the actual Contributor Covenant, I’ve read it carefully a number of times now and I don’t see how “thin end of the wedge” or “far-left politics” arguments follow from the text of the actual document. It has a Scope section which clearly excludes people’s activities outside the project. Under “Our Responsibilities” it makes it clear that banning is only one possible outcome and is entirely at the discretion of project maintainers. These are the same fundamental power relationships that a project without a CoC has, only now it’s made clear rather than implicit/vague.

                                                                                                                          3. 1

                                                                                                                            Nobody ever had a problem with projects that had rules. Everything had rules. Forums had rules, mailing lists had rules, IRC channels had rules. People had issues with specific rules, but if I’ve ever seen a complaint about the very idea of having rules I don’t remember it.

                                                                                                                            The backlash against contributor covenants is not as simply as people not wanting rules. Having rules against being racist or sexist or whatever isn’t new or unusual or what people have a problem with. What people usually have a problem with is when they’re busy minding their own business writing code and someone turns up and demands they accept a list of rules that they’ve written, usually based on some grievance they have with someone in the project for something they’ve done outside the project.

                                                                                                                            Frankly, people don’t like being told what they should be doing and why what they’re doing is wrong by people that aren’t part of their community. And that’s the very essence of contributor convenants: you should do things in this way because we say so, and because if you don’t you’re an evil sexist white male chauvinist pig that likes pushing women away from projects and it’s your fault that women earn less.

                                                                                                                        1. 3

                                                                                                                          This looks interesting. Of course it’s a shame it’s based on Intel, but:

                                                                                                                          • PCI-e
                                                                                                                          • SATA
                                                                                                                          • 2 x gigabit ethernet
                                                                                                                          • x86
                                                                                                                          • VT-x + VT-d
                                                                                                                          • 32 GB ram
                                                                                                                          • 4 okay-ish cores

                                                                                                                          At first glance this looks like the first SBC that actually will be usable for stuff like routers, virtualization host/hypervisor (in a cluster for example) or a simple linux desktop stuck to the back of a monitor. Price will be important though, since you also need to get memory while a lot of other SBC’s have memory on the PCB.

                                                                                                                          1. 8

                                                                                                                            The fact that its based on Intel is, imho, a good thing .. I’ve got a drawer full of SBC’s that started out with lots of promise - ultimate power, great battery life, etc - but are sitting there unused because the vendors failed to keep the kernel promises.

                                                                                                                            That’ll be less likely to happen with an Intel-based SBC, imho.

                                                                                                                            1. 4

                                                                                                                              Most ARM SoCs are decently supported by mainline operating systems. Which boards do you have and what would you like to use them for?

                                                                                                                              1. 2

                                                                                                                                Which ARM SoCs do you have that are supported on mainline? I’ve had nothing but all kinds of issues with ARM. I tried using an overpriced SolidRun as a router and ran into nothing but issues and terrible support.

                                                                                                                                I wrote another post on seeing these issues in Android devices. ARM is not a platform. It’s just random shit soldered to random pins. At least Microsoft phones had ARM + UEFI. I mean we have device tress, but they’re usually broken to hell too and most phone vendors don’t use them.

                                                                                                                                Is the particular device in this post a 3rd party x86 clone? Is it free of Management Engine or other 3rd party controllers? I realize all x86 stuff has non-free binary blobs everywhere, where as you can get a lot of totally free ARM chips/boards, but long term support is often an issue. With x86+UEFI or even classic BIOS, you can run mainline Linux on them for years to come. There are even forks of Linux for older unsupported 386 chips if you really want to buy a ton of old 386 stock and use them in embedded applications. ARM is a clusterfuck by comparison.

                                                                                                                                1. 3

                                                                                                                                  Rockchip RK3399/RK3328, Allwinner H3/H5/A64, Nvidia Tegra X1, the Broadcom junk that’s in the RPi…

                                                                                                                                  I run FreeBSD (actually I worked on RK3399 support), so there’s no non-mainline :) but for Linux, Rockchip is actually mainlining their official drivers, and for Allwinner it’s the community.

                                                                                                                                  Of course the cheap embedded boards aren’t as good as the high end server stuff (ThunderX/2/Centriq/eMAG/…), but there is a lot of support.

                                                                                                                                  1. 2

                                                                                                                                    OLIMEX has some interesting hardware and according to SUNXI Buying guide “Currently, Olimex is the only company creating Allwinner based OSHW, and Olimex actively contributes to the sunxi project.”.

                                                                                                                                    For some cheaper but less open options(I use an orange pi zero as a home media server/nas/cups/whatever) armbian provides quite decent support.

                                                                                                                                  2. 2

                                                                                                                                    I bought the original PINE64 and found the is support to be pretty terrible, even today it feels like it’s all been hacked together by guests in China rather than the manufacturer doing much about it.

                                                                                                                                    1. 1

                                                                                                                                      It’s very well supported in FreeBSD.

                                                                                                                                      For Linux, just don’t go to the vendor, ever. Check Arch Linux ARM and Armbian. (Apparently Ethernet support was merged into mainline as late as 4.15, but it’s there now)

                                                                                                                                  3. 4

                                                                                                                                    I think the parent was implying AMD would have less microcode updates and more trustworthiness due to better QA than Intel. Likely inspired by Meltdown/Spectre vulnerabilities. Also, AMD has been in the low-power, SoC game for some time. I don’t know if you’ll get lots of problems out of them that you wouldn’t out of Intel. It would surprise me a bit. I remember Soekris was using AMD Geodes.

                                                                                                                                    Oh shit:

                                                                                                                                    “Due to declining sales, limited resources available to design new products, and increased competition from Asia, Soekris Engineering, Inc. has suspended operations in the USA as of today.”

                                                                                                                                    Glanced at their page to see product updates. Got sadder news than I was looking for.

                                                                                                                                    1. 5

                                                                                                                                      I don’t know much about the Soekris boards, but pcengines.ch sells surprisingly affordable AMD Jaguar-based boards for embedded and network applications. I’m using one for my OPNSense firewall and have been perfectly happy with it.

                                                                                                                                      1. 1

                                                                                                                                        Thanks for the tip!

                                                                                                                                        1. 3

                                                                                                                                          From corebooting my ALIX2C3 I recalll the geode microcode has another issue in that it’s reliant on legacy tooling to build so you are encouraged to just use the blob (tooling is either DOS based or related to visual studio, can’t recall).

                                                                                                                                    2. 2

                                                                                                                                      If I remember properly HardKernel had everything for their C2 platform mainlined so you could use modern kernels without having to use a vendor specific one.

                                                                                                                                    3. 2

                                                                                                                                      it’s a shame it’s based on Intel […] Price will be important though

                                                                                                                                      I too immediately thought “why not Ryzen?” but, price is actually the reason they went with Intel, according to the blog post that’s linked here. Excerpt:

                                                                                                                                      2017 December, We considered AMD Ryzen 5 2500U 3.5Ghz mobile processor. The performance was very impressive, but the price of the CPU was also very impressive. Fortunately, Intel also announced the Gemini Lake processors. It was slower than Ryzen but much faster than Intel Apollo Lake, and the price was reasonable.

                                                                                                                                      Looks like the board will be considerably cheaper due to the Intel chip.