1. 2

    Deleted my original rant response because, as @sgreben rightfully pointed out, my rant was exactly the kind of thing i ranted about.

    But, yes, I’d like to see a freeze in new users for a while, to avoid lobste.rs from collapsing under its own weight.

    I’d also suggest:

    1. Culling users who have been new members for X months and never posted (but once you post/comment once, you’re in for forever?)
    2. Requiring more than one invitation for joining?
    3. Moving to a subscription model. I get enough enjoyment out of this site that I’d be happy to pay for it.

    But, that’s just my USD$0.02.

    1. 15

      Culling users who have been new members for X months and never posted (but once you post/comment once, you’re in for forever?)

      I will note that there are people who primarily lurk in any online community. This site has a private message system and possibly other features of value to members who never post publicly.

      Original research I was privy to in my first moderating position suggested that about 20 percent of users were active participants who posted regularly or semi regularly, another 10 percent posted only once or very rarely and the rest lurked. Anecdotal observation suggests that these figures probably are fairly representative of other communities I have engaged in.

      1. 8

        Lurkers are harmful to communities like this, because they have influence in shaping the site but also don’t bother to engage beyond being a silent majority that can be pandered to (purposefully or not) they amplify any democratic issues the site might have.

        Better to purge them and leave control of the site (what little there is) in the hands of the people who bother participating.

        Edit: lurkers here being those who have accounts but don’t post.

        1. 7

          Hi friendlysock, I’m malxau and I’m a lurker.

          The reason I ended up like this is because the technology landscape is very broad today (and getting broader), and I have firsthand knowledge or experience with a tiny fraction of topics that get discussed. So the best way I can see to keep the signal-to-noise ratio high is to read about things that I don’t know, including comments from people more familiar with them, and avoid contributing to or moderating those posts.

          Occasionally there will be something I know, but something I deeply know and have firsthand knowledge of is still rather rare. (In my case, I’ve spent the last 14 years working in Windows kernel mode; I’m an active practitioner, but looking at submissions you’ll see why I don’t feel like I know the breadth of topics being discussed, including things like the Palantir thread.)

          Do you still think I’m a problem? Do you think the site would work better if I commented or moderated more?

          1. 4

            I can’t see your upvotes or flags, so I can’t comment on that front. That said, I think the site would definitely be improved by your participation and submissions of things relating to your background with Windows arcane programming!

            Thank you for giving your perspective here.

            1. 1

              Your site was refreshingly different since it covered stuff I don’t usually see on Lobsters. Doing low-level kernel stuff, I bet you ran into both content and lessons learned that Lobsters might have found interesting regardless of you writing on Windows. There’s also Lobsters on Windows. There’s also a lot of Lobsters that hate Windows.

              I have no idea how well your stuff would’ve been received. There’s a chance people might have found it interesting, though. If it’s Windows-like as someone said, an easy example is Minoca OS getting lots of appreciation. Another thread on its documentation had 10 votes. So, there’s potential.

            2. 6

              Hey there. That seems like a fairly strong opinion. Any research or data you can point me to? I’m not aware of evidence that lurkers are somehow harmful in most cases.

              1. 5

                Have you seen HN or Reddit? I’m serious. It’s called hivemind for a reason.

                People that care enough about a site to post content, or even comment, are, by definition, more involved in the site than users who maintain accounts but don’t do anything but vote up and down.

                Lurkers who just vote and flag look an awful lot like slacktivists. They’re freeloaders, contributing no content of their own and no discussion, but they can still screw up conversations by voting with a knee-jerk reaction.

                One of the things that sets Lobsters apart is that is made up quite largely of people that actually write code frequently (instead of, say, being growth hackers, or bloggers, or marketers, or bankers, or whatever else) and that those people are given transparency and tools for interacting with the running of the community. Lurkers run counter to at least the latter of those key characteristics.

                1. 11

                  Yes, I’ve seen both HN and Reddit.

                  I don’t think I’ve ever seen a forum that didn’t have a lot of lurkers. Do you know of any forums where “post or leave” is actual policy? Do you know of any research on this angle?

                  I’m not making any recommendations here. I’m just seeing people saying “I think we should do X!” and the things I’m seeing don’t fit with my understanding of best practices. But I certainly don’t know everything, so I’m trying to share what I know concerning actual (pertinent) data and asking if anyone knows of any supporting research for their positions.

                  To be clear, I’m absolutely not trying to tell anyone how lobsters should be run. I was given an invitation by a coder who wants to start a discussion board and he asked if I would consider taking on the role of lead moderator. I tentatively agreed.

                  So I’m not actually a programmer, though I have some technical training and so on. I’m genuinely interested in learning if there is good data and research supporting the various proposals in this discussion because I’m looking for, among other things, stuff pertinent to the project I’m trying to collaborate on.

                  I’m genuinely curious and open to seeing good information on such things. I’m aware these questions may be unwelcome here, both because I’m new and because people will tend to interpret my comments as intent to shape policy on lobsters the very day I joined.

                  A best case outcome is that my comments and questions serve to be helpful and thought provoking for people here who are trying to shape lobsters while I get useful resources to support my project. But a less nice and more likely outcome is that people decide my questions are somehow bad behavior and I get told to gtfo of the discussion or something.

                  1. 7

                    I’ve never thought about how lurkers skew voting until this thread, but it seems commonsensical now. You end up with the posters performing for a silent audience, instead of interacting with each other.

                    Maybe a half-measure we could try is giving people a pool of votes that’s replenished when you post, and you spend from that pool when you up or down a story or comment; one post (submission or comment) could earn you 10 votes or something. That way votes come from the people who are actually engaging with the site, but we’re not kicking anyone off for not being chatty.

                    1. 10

                      Maybe a half-measure we could try is giving people a pool of votes that’s replenished when you post

                      No no no no no no no. That would result in users creating a large number of low-effort comments in order to refuel. It’s bad enough that internet users will do almost anything to make a number go up. It’s even worse when you attach actual incentives to that number.

                      1. 3

                        We could do something like requiring a comment/post have at least +3 or something before it counts towards your vote pool; that might be enough to frustrate a lot of the system-gaming, no?

                        1. 1

                          The low-effort posts on popular topics get lots of votes. Probably won’t work.

                      2. 2

                        I’ve never thought about how lurkers skew voting until this thread, but it seems commonsensical now. You end up with the posters performing for a silent audience, instead of interacting with each other.

                        This is an empirical question worth empirically validating before believing. There is also a plausible just-so story that older users feel more confident voting strategically to enforce their political opinions, etc. Form your hypothesis, write a query, decide how to interpret possible results, and then send it to me to run.

                        1. 1

                          That’s a neat idea and I’d be in favor of trying it. I don’t know to what extent that would affect the upvote/downvote dynamics of the site, but I’m interested in finding out, and I don’t think it’s an onerous requirement on people.

                          1. 1

                            a pool of votes that’s replenished when you post, and you spend from that pool when you up or down a story or comment; one post (submission or comment) could earn you 10 votes or something.

                            I think that this is great idea. Personally I would go with 1-2 votes per submission but whatever the number I think we should try it.

                            1. 1

                              Yeah; I originally said 10 because voting serves a real purpose, and I’d worry that only getting one vote per comment could reduce the quality of the front page, because people would hoard their precious votes. I’m no expert on this stuff, though.

                            2. 1

                              This idea sounds great. I’m not sure what the dynamics would look like, but it’s be interested in trying it out.

                            3. 6

                              but they can still screw up conversations by voting with a knee-jerk reaction

                              Yes, voting does screw up conversations. If I had my way, lobsters wouldn’t have votes on comments, exactly because I don’t think that meaningful conversations should be democratized like that. Lobsters isn’t a very good system for conversations in my very humble opinion (I keep linking to Discourse.org as the model to live up to for a reason). But I don’t think lurkers are necessarily any worse at knee-jerk voting than active commenters.

                              Lobsters is, however, pretty much the gold standard for link aggregation, for surfacing content from elsewhere. Voting, flagging, and submitting articles without ever commenting is something I think we should be encouraging, because that’s what the Lobsters software is actually good at. Less conversations, more stories.

                          2. 5

                            voting satisfies the “me too” impulse. absent that, I suspect you’d see a lot more actual me too comments.

                            1. 4

                              If you change the rules to ‘post or get out!’, I suspect you will see:

                              1. People who are slow to integrate into the community but will eventually post good stuff lose their connection to lobsters and go elsewhere instead of slowly ramping up from just looking to joining to voting to commenting/submitting.
                              2. Lots of comments along the lines of “I have nothing to say right now, I’m just trying to say something so I don’t get purged”
                              1. 4

                                Voting lurkers could indeed be problematic. Perhaps adding a min-karma-threshold for upvoting (similar to flagging), could be a useful experiment.

                                1. 1

                                  Is the problem with vote lurking the up or down votes?

                                2. 3

                                  Downvotes are inaccessible until a user reaches a certain karma threshold. Would it make sense to do the same thing for upvotes too, reducing the pool of users that can vote?

                                  I don’t think outright purging users is very helpful, since reading for a while before posting is a common practice (and probably not something that should be discoraged). I agree having a silent voting majority is potentially quite harmful to a forum.

                                  1. 1

                                    reading for a while before posting is a common practice (and probably not something that should be discoraged)

                                    You don’t need an account to read.

                                    1. 2

                                      You don’t, but there are features that are useful for people who are only reading (tag filtering, hiding stories).

                                    2. 1

                                      That inversion is worth thinking on more. The political folks currently do more upvoting of political stuff than submissions or comments. It isn’t limited to them. We see the same thing in the technical threads for some people or types of comments.

                                      1. 1

                                        I was under the impression votes were anonymous, is this not correct?

                                        1. 1

                                          The site won’t tell other users what your votes are, but it needs to know, both to prevent multiple votes and to show you what you’ve voted on. Obviously the site administrators, who have direct database access, can query that information.

                                          1. 1

                                            This is accurate, and I’ve written elsewhere in this thread about that access and the practices around it.

                                          2. 1

                                            They usually vote and comment together. So, you know who some of the likely voters are.

                                      2. 2

                                        how about limiting the votes one has? dota2 does that for reports to keep the reporting system valuable. one of:

                                        • fixed number of votes per time-unit (easiest, but limited impact i think)
                                        • votes per time-unit limited by karma, eg. votes * karma / maxKarma (could become a lobsters ingame currency)
                                        • votes per time-unit limited by submission count (facilitates spamming)
                                        • votes per time-unit limited by combined submission count and karma (i don’t have an idea for a good function to do that ;)

                                        this should at least limit the lurker influence. i for one wouldn’t care if i’d have to manage my votes a bit.

                                        edit: haldean had posted this idea before me, i should have read this thread more thoroughly :)

                                        1. 3

                                          If the intent is to limit the effect of upvotes, and avoid knee-jerk voting, one could also make it mirror the current downvote choices and simply make a user think about why they are up-voting a comment. So an upvote arrow should offer choices such as [technical|meta|..].

                                          1. 1

                                            Or “MAS” for “mutual appreciation society” ;)

                                        2. 2

                                          Wouldn’t that just cause stupid posts like “not lurker” or “first” to trigger account “lock in” – possibly even on very old threads.

                                          1. 1

                                            My concern with a negative eye towards people like myself who don’t post much is that it suggests posting is mandatory regardless of quality or relevance. I am a lurker, but only because I don’t want to clutter up threads with poorly informed or nontechnical content. I wish I had the depth of experience that some more frequent posters have; should I be excluded for being more of a generalist?

                                      1. 2

                                        I really like the way this looks, though it took me a couple attempts to realize that the pairs dots on A-R aren’t important. It’d be very cool to use these for decorating a spellbook - I’ll be trying to remember this when I next create one.

                                        1. 2

                                          Thanks! The font is designed so it can be easily sight-read at the table if necessary. All of the capitals are double dotted and the lowercase are single dotted just to indicate the center of each letter (and for show). You’re free to edit the source to take them out, though ;)

                                          The font should still be unambiguously readable if characters share horizontal strokes, but I was having trouble getting Metafont to shift the baseline of each character so they would overlap. Not the greatest documentation :-(

                                          1. 2

                                            Oh, that makes a lot of sense! I don’t think they look bad at all though, I just assumed they carried information and changed between letters when I first tried to understand how the letters. I missed them representing upper and lowercase in the examples below, which on a second look definitely helps trying to read them.

                                        1. 6

                                          Can we please stop using the “Make X Y Again” schema for advertising things? I know there is no ill intent behind this but some of us are directly affected by the policies and rhetoric that comes out of the very much sincere desire to roll back progressivism by decades.

                                          1. 12

                                            Your comment is off-topic.

                                            You reasonably observe that the name of the project is derivative, acknowledge that the author bears you no ill intent, but nevertheless suggest the project name is harming you and yours.

                                            You don’t address the author, you don’t talk about Medium as a platform, you don’t talk about blogging or anything apparently connected to the article. Your comment is a generic complaint. (Applies to any submission matching your pattern.)

                                            We’re a community of practitioners. We show (create, invest, fix), rather than tell (scold, beg, demand).

                                            1. 26

                                              The title of this project is a riff on a political slogan that itself is a riff on various fascist slogans throughout history. Making a joke of it by using it as the name of a browser extension is, at the very least, in poor taste. The commenter you responded to made a polite request to the community to stop doing this thing that is in poor taste. There was no need for them to address the substance of the project because the comment was only concerned with the choice of title. In terms of scolding/begging/demanding, I see more of that in your comment than in the one you responded to.

                                              1. 1

                                                Apologies for the off-topicness, but are Mel Brooks’ Hitler jokes/comedy in bad taste? Can something horrible be alleviated by ridiculing it?

                                                This is a philosophical question that doesn’t wven account for the author’s intent with the naming.

                                                And on the other side, would “Medium we can believe in” or “Medium we can” be more acceptable or less, and to whom?

                                                A rose by any other name… It seems to be a somewhat useful browser addition regardless.

                                                1. 2

                                                  Can something horrible be alleviated by ridiculing it?

                                                  Yes, somewhat, and only if actually done well. (And even then, sometimes the supposed object of ridicule can miss the point entirely and embrace whatever the “joke” was about.)

                                                  I guess the point is, naming entirely unrelated things with the same pattern (“Make X Y again” here) is not comedy! It’s literally just spreading the slogan.

                                              2. 19

                                                You can’t ignore politics when they are no longer ignoring you. However much you may think that Lobsters is a domain of pure, unadulterated reason and everything unreasonable is offtopic, the linked software decided to make a political slogan ontopic.

                                                You’re grandstanding here about how neutral Lobsters is, but there’s no neutrality on this moving train, and telling people to shut up about the politics that affects them isn’t nice.

                                                1. 9

                                                  We’re a community of practitioners. We show (create, invest, fix), rather than tell (scold, beg, demand).

                                                  I like this a lot! The internet would be a better place if there were more places that followed this philosophy.

                                                  1. 0

                                                    Yeah, wouldn’t that be something…

                                                    :-/

                                                  2. 8

                                                    I also happen to feel playful takes on MAGA is putting googly eyes on swastika, and was about to post similar comment. Didn’t post as the earlier exchanges OT exchanges like this on Lobsters suggest ethics is a taboo subjects to many here.

                                                    But seriously, screw this.

                                                    1. -6

                                                      Fine, let’s discuss ethics.

                                                      Calling a playful riff on the MAGA slogan”putting googly eyes on a swastika” is bullshit. It’s the same authoritarian communist rhetorical technique that the East German government used when they called the Berlin Wall the “anti fascist defense wall”. I’m not a huge fan of Trump myself, but I’m even less of a fan of the anti-Trumpist faction in American politics characterizing Trump’s policies as literally Nazi-like so they can feel justified in weaponizing the social norm that “Nazis=bad” in western society against their poltiical enemies.

                                                      Nothing the Trump administration is doing is in any meaningful way close to the bad things that the Nazis did - frankly most of what he’s been doing are the same things that every post-WWII American presidential administration has done, just with less high class verbiage to describe it. The people who claim otherwise are doing so in order to make themselves feel like they’re morally-righteous crusaders instead of people having ordinary political disagreements in the American political system.

                                                      Lobsters isn’t a political discussion forum, but if people are going to say that nonpolitical articles that happen to reference the current US President’s campaign slogan should be considered forbidden, you’re already bringing politics into the space, and you shouldn’t expect that your particular poltics must go unchallenged. There’s nothing wrong with the title of the article, and people claiming otherwise are making a backhanded political argument that Trump is Bad on a technical forum.

                                                      1. 3

                                                        Now this is an off-topic comment.

                                                        1. 10

                                                          And yet despite being in good company, it is the only one flagged to death, because it comes from the perspective of the wrong tribe.

                                                          You see why I object to politics and “ethics” discussions? This is sort of the reason why–people don’t get a fair shake.

                                                          1. 0

                                                            This is a tough problem to solve, for sure.

                                                            I am among those who have flagged it as off-topic, as per @alynpost ’s comment here

                                                            https://lobste.rs/s/f4t0y2/make_medium_readable_again#c_ty2pp6

                                                            (based on my understanding, posted here: https://lobste.rs/s/f4t0y2/make_medium_readable_again#c_szkkme)

                                                            As both this downvote and the one I made on the other post were made in affect, I have removed them both.

                                                            1. -1

                                                              This whole discussion is a response to unnecessarily politicised title. Ironically, it’s the objection to the title was attacked by no ethics pls crowd.

                                                          2. 2

                                                            I’m not taking the bait. Would just remark that my reply, and your rant could be precisely avoided if the author stuck to fucking technicals for technical write up.

                                                        2. 6

                                                          How does one show, create, invest or fix in response to a negative pattern like the “Make X Y Again” headline?

                                                          1. 4

                                                            Indeed. I suppose one could suggest an alternate name for the project, in which case I will propose “Readable Medium” as a straightforward name for a browser extension that would entirely avoid any political connotations that only serve to distract from the substance of the project.

                                                            1. 1

                                                              I like that also because I find it humorous – a medium is a person who may do a “reading”, so “readable medium” sounds backward to me.

                                                            2. 0

                                                              If the title of the project bothers you, open an issue and try to convince the author of your point. If not possible, fork it.

                                                            3. 3

                                                              I downvoted this comment as “incorrect” but I have since reconsidered and removed my downvote.

                                                              I initially read the comment to mean “never discuss anything political, (as defined by us the community*) on this site”.

                                                              I know hope it reads “please feel free to discuss things political, but the focus should be on the technical contents of the submitted post”.

                                                              In this spirit, I will submit a comment that both reflects my opinion on the linked content, and will serve as a template for an acceptable comment that also addresses the political/ethical implications.

                                                              [start comment]

                                                              This project strikes me as useful for now, but ultimately reactive. It’s easy for Medium to redesign their site to defeat the circumvention, and the developer and users will engage in a game of whack-a-mole to keep up.

                                                              It’s a similar situation with ad blockers, with the significant difference that the market for ad-free browsing is much larger than the market for reading Medium without a bunch of banners.

                                                              This segues nicely into the problems with Medium’s business plan. Ultimately, it’s just Wordpress.com with a nicer editor and draconian rules about CSS. There’s really no reason to pay for Medium apart from the content, and the content, for me personally, seems mostly to be cryptocurrency boosters nowadays. Essentially it’s content as a commodity… there has to be a critical mass of writers who are only available on Medium for it to be worth paying for.

                                                              If Medium promised a cleaner reading experience as part of a paid tier, that would maybe help?

                                                              As to the name of the linked project - it’s unfortunately hard to detect irony on the web, and considering the “alt-right” has had some success in shifting the conversation by “pretending” to be racist, saying it’s for the “lulz”, I am prepared to automatically assume that someone who seems to do the same is either on the same side as this political faction, or insensitive to how they appear by choosing this name.

                                                              Personally I would add the name choice as a negative in evaluating this project.

                                                              [end comment]

                                                              If anyone upvotes or downvotes this comment, please let me know if it was because of the content, or the presentation, or the meta-narrative on how to handle political/ethical/sensitive submissions to the site.


                                                              * who represents this community is another question that deserves discussion but that’s for another time.

                                                              1. 0

                                                                Good comment, upvoted. You address the content of the article first, make good points and analysis, and close with minor but reasonable speculation and an opinion–and you don’t go on a screed.

                                                              2. 2

                                                                @gerikson, @jamesmacaulay, @JordiGH, @varjag I’ll reply to all of you at once in the interest of my time.

                                                                I have had folk observe that I’m prone to understatement. I may have done that here describing the project name as derivative, when I could have said political slogan (h/t jamesmacaulay) or dog whistle (h/t gerikson). Both would have been more accurate.

                                                                The de minimis statement I made supporting my off-topic claim was “Your comment is a generic complaint.” I then provided a test so the claim can be falsified: “[Your comment] applies to any submission matching your pattern.” This same test holds without regard to the sentiment of the comment. A similarly context-free comment supporting, rather than detracting, this political slogan, dog whistle, or derivative name would also be off-topic.

                                                                We know that naming things is hard. The problem is featured in a widely known joke. (“There are two hard problems in computer science…”) We also know that names can be chosen because they’re provocative. (“There’s no such thing as bad publicity.”) Discussing names gets the benefit of the doubt regarding topicality. The comment in question is off topic qua a kind of behavior.

                                                                Thank you all for your replies.

                                                              3. 1

                                                                I suppose to a progressive, the title would sound like “make medium awful again” – the exact opposite of what the author is trying to convey!

                                                                (I didn’t even pick up on the political reference until you pointed it out.)

                                                                1. 1

                                                                  Can’t speak for others, but to me the original intent was clear given the context. But it’s hard to divorce the connotations of opression and hate from it. As @JordiGH said so eloquently, at this point it’s impossible to ignore politics as they won’t ignore you. Using this language will hurt people. I assume this wasn’t anyone’s intention by choosing this name, so I’m just trying to point this out hoping that when the next time comes around people can make a more informed decision.

                                                              1. 96

                                                                I’m sorry to bring this up, and it’s probably considered off-topic here on Lobsters, so feel free to flag this.

                                                                I know that OpenBSD and SQLite and lots of great pieces of software have been funded by the US military, and computing and military have a long and complicated relationship, but where do we as developers draw the line as to whom we are willing to accept contributions from?

                                                                This is from Palantir, the company providing the technology for Trump’s deportation machine. I don’t think that this is a black/white issue, and I guess it may be possible to work at a seedy company and still do good stuff. But the docs include a FlightSearch example; is that really appropriate given the context?

                                                                Regardless, thanks for releasing this as free software.

                                                                1. 37

                                                                  Thank you very much for saying it. I think making sure these ethical topics aren’t ignored is the very least we all have a responsibility to do. It’s also entirely possible that there are people here who didn’t know about it, so it’s always worth saying.

                                                                  1. 37

                                                                    Thank you for saying this. I’m troubled by the cavalier attitude of techies toward ethics lately, and it’s nice to know I’m not alone.

                                                                    1. 23

                                                                      I don’t think a forum where this response is off-topic is worth participating in. The tech industry spends too little time thinking about the ethical implications of it’s products.

                                                                      1. 25

                                                                        Even today, we debate the ethics of using the data gathered from unethical experiments in WW2.

                                                                        I agree that there is a massive ethical issue working for Palatir - and I am not sure it’s ethical to use the work they have produced. Particularly if it’s a Swagger-like clone not yielding substantive value to humanity.

                                                                        1. 10

                                                                          While we’re at it, you probably typed that on a machine made by highly-exploited workers in a corrupt country that does far worse, added to the lake in the process, probably paid a surveillance-enabling company in a police state to send it over the network, and possibly wearing clothes made by kids in a sweatshop. And you did all this to get online suggesting moral folks maybe shouldn’t contribute to a HTTP/JSON thing that’s open source since a bad company might misuse [more] open source. Seems hypocritical to me.

                                                                          Where to we draw the line on how our consumption and contribution harms or helps others? And do you regularly do that for every product and service you buy? Most of them? Have you been active in government on laws, treaties, court cases, etc? The stuff that stops things like you describe. Or just some quick, social signaling on Lobsters getting feel-good points? If you care, I encourage you to put time into legal reform or bootstrapping alternatives to each of the things I mentioned. Maybe make for better opportunities for immigrants in whatever your country is, too. Maybe host some coding bootcamps or something for those in the slums. What you’re doing here is adding to the noise but not helping Trump’s victims or your country’s immigrants in any way.

                                                                          1. 71

                                                                            I feel like this is a great example of whataboutism.

                                                                            I think that if this approach was applied to tech, we’d never fix a bug because “what about the other bugs that could crash the app, this is just virtue signaling because physical compromise means game over”. Why fix a bug when you can say “What about the terrible state of security education in general, why fix a security bug when developers are just adding more?”

                                                                            It’s ok to make a judgement call and improve one thing in this messy world. It’s ok to try and reduce your footprint/total harm while hypocritically still participating in the system that feeds you. In fact that’s sort of core to improving those systems in a democracy.

                                                                            Sorry if I misinterpreted your statement, I greatly enjoy your comments across the internet.

                                                                            1. 11

                                                                              Whataboutism is a common reply on HN or Lobsters when a popular group decries their outgroup’s activities, third party points out their actions are contrary to their own beliefs, adds that the biases indicate they’re scoring political points rather than really care, and someone pops in to say third party is whataboutism to silence those views. Thing is, whatever 3rd party brings up is almost never on these forums, getting crowd support, or whatever. Always absent. Rather than likely-intended purpose, the whataboutism claim just reinforces specific types of people supporting/rejecting specific activities by silencing dissenters. I mean, if commenter really cares about Trump’s horrors or not contributing to evil organizations, why the hell are they funding evil, slaving companies to buy toys to spend so much time on the programming projects? So, they probably don’t care or are acting like it now. Then, I do to them as they do to others.

                                                                              Far as what I’m doing, I’ll tell you straight up. There’s been an increase over time of political comments that are about shaming people into behaving certain ways for a perceived, social good. Almost all of them are coming from hypocrits and/or slactivists. I mean, they’re talking on a forum no politician reads with low views. It’s not going to change Palantir’s or Trump’s practices. They know they avoiding stuff that can get results to spend time on Internet forums. So, they’re just getting an emotional high off attacking their opponents, looking like they’re responsible, or getting meaningless votes from people that agree with them. They also tie up our threads with that shit. So, as a real activist doing real-world work, I just call out their selfish, hypocritical bullshit to (a) deter more comments like that here and/or (b) encourage them to actually work on the causes they claim to work on.

                                                                              Disclaimer: In fairness, people could (and do) call me out for not putting more time into actually building and deploying secure goods rather than high-level designs posted online. Although I defended my choice, I’m probably guilty of screwing up on a reasonable ratio between the two. Anything above zero code might be better. I plan to work on that more next year after I change circumstances.

                                                                              Disclaimer 2: I say “almost all” cuz a few people here are legit activists or doing things at a loss to address the causes they’re talking about. I respect them a lot.

                                                                              “It’s ok to make a judgement call and improve one thing in this messy world. It’s ok to try and reduce your footprint/total harm while hypocritically still participating in the system that feeds you. “

                                                                              I totally agree with you. That’s not what the person was doing, though. It won’t stop Palantir’s contracts, it won’t stop the government’s activities, and proliferation of HTTP/JSON libraries will continue. The latter will even be FOSS so anyone, including Palantir, can use them. Maybe person complaining should start an alternative to Palantir that’s more ethical, organize boycotts of their products, get in a HR office poaching all their smartest talent (or delivering idiots), make enough money to pay off politicians to change government policies, and so on. Stuff that actually affects Palantir or Trump’s agencies.

                                                                              “I greatly enjoy your comments across the internet.”

                                                                              Thanks and same to you. :)

                                                                              1. 25

                                                                                Maybe person complaining should start an alternative to Palantir that’s more ethical, organize boycotts of their products, get in a HR office poaching all their smartest talent (or delivering idiots), make enough money to pay off politicians to change government policies, and so on.

                                                                                This objection is absurd on its face. You can’t ethically compete in a market for unethical services. An ethical alternative to Palantir is an oxymoron, because Palantir’s ethical issues are fundamental to the things that Palantir sells. You also can’t “organize a boycott” of a defense contractor. Your final two points are literally “just have enough money to fix the problem”.

                                                                                How does starting a company which sells the same thing as Palantir to the same customers Palantir sells to, hires the same people as Palantir, has the same wealth as Palantir, and bribes politicians the way Palantir does, stop the problem of companies that behave like Palantir? You’re objecting to someone criticizing the status quo by telling them they should instead… further reinforce the status quo?

                                                                                1. 19

                                                                                  I think you misapprehend what is going on here. This is a forum for highly technical people; by raising the serious ethical space Palantir exists in, it directly bears on creating difficulty in recruiting, along with decreasing retention.

                                                                                  You, of all people, should understand the power of words on an internet screen to influence readers: you’ve been writing long & grammatically correct essays on security across multiple major internet fora for years. I’ve seen you on Schnier and HN, :) Communication, persuasion, and discussion are an essential activist activity. (And for my money, it is substantially more effective than picketing and marching 95% of the time…)

                                                                                  1. 7

                                                                                    (I suspect this was meant as a reply to the person I replied to.)

                                                                                    1. 2

                                                                                      “by raising the serious ethical space Palantir exists in, it directly bears on creating difficulty in recruiting, along with decreasing retention.”

                                                                                      I agree with you. I actively do that in real life every day for customers and coworkers wanting something better in a lot of areas. I have plenty of results to show for it. That’s because I put the time in where it gets results and consistently do it rather than one-off’s we sometimes see here. Companies like Palantir use recruiting practices that cast a wide net. Anyone wanting to disrupt their recruiting should be posting such comments on sites with massive numbers of page views that are mostly developers. Big, social media sites like Twitter, Facebook, Reddit, and Hacker News. LinkedIn, too, if you can do it that way but I haven’t been on in long time. That’s why I encourage them to put political efforts in front of literally millions of developers instead of a hundred or less participating here if aiming for a big wave of change.

                                                                                      “You, of all people, should understand the power of words on an internet screen to influence readers: you’ve been writing long & grammatically correct essays on security across multiple major internet fora for years. I’ve seen you on Schnier and HN, :) “

                                                                                      You said long and grammatically correct. You gotta be messing with me on second half lmao. I agree with the power of words and persuasion as stated above. Hell, you had to have seen me do it there, esp to “Skeptical” (troll or near-perfect DOD apologist) before I left. That’s why I tell them to use that power where it gets results instead of Lobsters. Then, we keep Lobsters focused on deep, technical stuff with low noise. Anyone wanting to achieve political action can ping Lobsters, via dedicated threads or private messages, to go where the action is to get actual, Palantir-scale results.

                                                                                      ““It is what it is”, which is what your comment & Nick’s comment promote, simply promotes apathy; history provides many examples of change taking place. I encourage people to shake off the belief that things will always stay the same.”

                                                                                      That’s not true at all. I’ve just followed something like several lifetimes worth of history on the U.S. military and government under both left- and right-leaning leaders finding the military-industrial-complex just got more powerful over time. The politicians of both sides support it. The right supports companies like Palantir overtly. The left’s politicians will support the defense contractors for both payouts and to bring jobs to their districts. So, to change the situation voronoipotato describes, you have to get millions of people to vote out scumbags that take money to improve chances of elections to combat defense industry or get an anti-war, pro-immigration President in office with Congress willing to roll-back legislation.

                                                                                      The last election surprised most lefter-than-I liberals that were trying to make people say the correct things on forums, etc in ways we see in some threads here. I doubt they’re capable of achieving that 180 directly if keeping same practices that failed before so hard they didn’t even see what was coming. Fingers crossed that we just get lucky that Trump does so much damage and embarrassment that a reversal happens in swing states after the Democrats get on top of their shit this time. Or we centrists get a President. Fat chance on that one since few listen to moderates. ;)

                                                                                    2. 5

                                                                                      The person you’re talking to likely doesn’t even think that Defense Contracting is unethical. Being said palantir is going to keep existing, boycotting doesn’t mean anything here because we don’t even buy their products. Even under a proper organized effort if we got a different defense contractor absolutely nothing would be different. The only tactics I’m aware we can do are mitigation tactics of not giving our labor to defense contractors, but this drives up the wages to the point where someone would. You can if you work there do a labor slowdown, but your ability to act in that way is limited, and useless if it’s not a group effort.

                                                                                      Palantir is a bad thing but our ability to affect it is extremely limited. Electoral politics is mostly useless here. Their lobbying power affects both parties pretty evenly. IMHO it’s better to put energy into mitigation tactics into problems where it’s easier to have traction. One group has been for example paying for bail bonds for refugees.

                                                                                      Defense contractor spending isn’t a symptom of capitalism but rather attached to the heart, a swollen vestigial organ from mercantilism and much like the appendix may kill you if you remove it unskillfully.

                                                                                      I think it’s natural to see the biggest problem and try and lock horns with it, but sometimes a smaller problem you can solve is genuinely better than a larger problem you can’t. Obviously don’t work for them, there’s plenty of other places that pay you well and you won’t even have to think about all the bodies when you go to sleep.

                                                                                      1. 7

                                                                                        The person you’re talking to likely doesn’t even think that Defense Contracting is unethical.

                                                                                        Yes, but the person they’re suggesting this in response to does, which was the context of nickpsecurity’s original suggestion to compete with Palantir.

                                                                                        The only tactics I’m aware we can do are mitigation tactics of not giving our labor to defense contractors, but this drives up the wages to the point where someone would.

                                                                                        I don’t know what your point is. Driving up wage costs for unethical corporations is the point of organizing an effort to boycott employment at specific corporations. The goal is making things like human rights violations untenable to corporations by making them unprofitable. Yes, this is a half measure - but it’s not nothing, either.

                                                                                        Defense contractor spending isn’t a symptom of capitalism but rather attached to the heart, a swollen vestigial organ from mercantilism and much like the appendix may kill you if you remove it unskillfully.

                                                                                        So your point is, we should leave it alone?

                                                                                        I think it’s natural to see the biggest problem and try and lock horns with it, but sometimes a smaller problem you can solve is genuinely better than a larger problem you can’t.

                                                                                        On the contrary - refusing to work for companies like Palantir and encouraging my fellow tech workers to do the same is one of my most fruitful opportunities to fight against systemic injustices at the moment. Each of us in the tech industry have far more influence on an our industry’s actions than on the actions of things like the federal government - there are less than four million programmers in the entire US, as opposed to the vastly higher number of voters. We should be adamant about using our privileged place as one of the few labor pools left with real negotiating power to prevent our industry from committing acts of evil, not conveniently defeatist whenever someone dares to suggest the small personal sacrifice of choosing not to directly build the tools of human misery.

                                                                                        1. 7

                                                                                          Fundamental changes are achieved by many people choosing to not accept what is, and coming together to push towards a major change in the status quo.

                                                                                          “It is what it is”, which is what your comment & Nick’s comment promote, simply promotes apathy; history provides many examples of change taking place. I encourage people to shake off the belief that things will always stay the same.

                                                                                          1. 1

                                                                                            You said it even better than me.

                                                                                        2. 20

                                                                                          Whataboutism is a common reply on HN or Lobsters when a popular group decries their outgroup’s activities, third party points out their actions are contrary to their own beliefs, adds that the biases indicate they’re scoring political points rather than really care, and someone pops in to say third party is whataboutism to silence those views. Thing is, whatever 3rd party brings up is almost never on these forums, getting crowd support, or whatever.

                                                                                          No it’s a common reply when you distract from the discussion at hand to go ‘oh but what about these other unrelated issues?’ Your response is literally at the level of ‘capitalism made your iPhone you’re using to have this conversation so checkmate’ in a discussion about economic systems.

                                                                                          There is no ‘popular group’ here, there’s no ‘outgroup’, nobody is decrying anyone’s activities. You haven’t ‘pointed out’ any actions that are contrary to anyone’s beliefs or exposed any biases or virtue signalling. All you’ve done is responded to a post pointing out that Palantir might be an unethical company, accusing them of virtue signalling! They didn’t even say ‘Palantir is bad’. They suggested that it might be, and that it was worth thinking about and discussion. Did you then discuss it? Did you think about it? No, you just launched into an attack, said that their post was social signalling and accused them of hypocrisy.

                                                                                          Imagine for a moment the discussion was oil companies, and the person you were responding to had said ‘I think oil companies often act unethically and I think we should consider whether we want to be working with them and contributing to their open source software’. Your response was the equivalent of ‘you don’t have an electric car so you’re not allowed to discuss this’. I hope you can see that that is nonsense.

                                                                                          I totally agree with you. That’s not what the person was doing, though. It won’t stop Palantir’s contracts, it won’t stop the government’s activities, and proliferation of HTTP/JSON libraries will continue. The latter will even be FOSS so anyone, including Palantir, can use them. Maybe person complaining should start an alternative to Palantir that’s more ethical, organize boycotts of their products, get in a HR office poaching all their smartest talent (or delivering idiots), make enough money to pay off politicians to change government policies, and so on. Stuff that actually affects Palantir or Trump’s agencies.

                                                                                          When someone says ‘where do we as developers draw the line as to whom we are willing to accept contributions from?’ they are opening up a discussion. Maybe the result of that discussion would have been ‘anyone actually’. Suggesting that the first thing you should do is start boycotting companies before the issue has even been discussed is ridiculous. Discussions are fine. Discussions are not slacktivism. Posting ‘#stoppalantir #metoo #stoptrump’ at the end of your tweets and doing nothing else in your life is virtue signalling. Discussing issues is not.

                                                                                          1. 10

                                                                                            There is no ‘popular group’ here, there’s no ‘outgroup’, nobody is decrying anyone’s activities.

                                                                                            A person submitted a HTTP/JSON toolchain that they were open-sourcing. A versatile, general-purpose tool that can be used for good if someone wants to. The comment I replied to ignored the software submission entirely to tell them they’re unethical for working at Palantir since other parts of the company uses its tech to serve an unethical customer. That’s decrying activities. Such reasoning also applies to companies like Google (or other surveillance companies), Apple/Foxconn, VC-funded companies aiming for lock-in, and so on since buying their stuff or contributing to their FOSS might support all kinds of evil. Some people supporting the decrying comment even work at such companies despite other jobs being available for people with that kind of talent. Strange.

                                                                                            The fact that this accusation and suggestion to quit their job got 60 votes vs 7 about the submission… on Lobsters with lower numbers of votes to begin with… definitely says it’s popular. The marked difference between the people who support or question that tangent supports the existence of an outgroup relationship. I can’t say as much about what it means here since the outgroup receives more support on a lot of political divides. Lots of folks here hate companies like Palantir regardless of other beliefs. That’s what I’m leaning toward.

                                                                                            It’s been an interesting thread to observe, though.

                                                                                            1. 2

                                                                                              Wholeheartedly agree, there! I suspect I drew different conclusions than you, though.

                                                                                          2. 3

                                                                                            People can disagree with you without being part of a conspiracy to silence or shame you. Maybe a less emotional response would be more informative.

                                                                                          3. 0

                                                                                            One of nick’s pastimes seems to be railing against liberal “hypocrisy” on this website, mostly by deflecting into muddy tangential arguments just like so.

                                                                                            1. 13

                                                                                              Please don’t post ad-hominem attacks here. If you disagree with the argument, pick it apart politely.

                                                                                              Lord knows you should have enough practice by now to do so.

                                                                                              1. 5

                                                                                                If you disagree with the argument, pick it apart politely.

                                                                                                That only works if both sides are arguing in good faith though which definitely doesn’t appear to be the case with some commenters on here.

                                                                                                1. 4

                                                                                                  If that’s the case, then arguing further with somebody in bad faith is just going to create noise and antagonize other lobsters. Best just to ignore the posts then.

                                                                                                  1. 3

                                                                                                    I do but it ruins the lobsters experience for me to see people arguing in bad faith without any censure. Some of them even seem to be encouraged as a kind of clickbait/outrage generator. It’s disheartening.

                                                                                                2. 4

                                                                                                  Lord knows you should have enough practice by now to do so.

                                                                                                  This is an ad-hominem, friendly.

                                                                                            2. 19

                                                                                              Leaving whataboutism aside, I think you cannot conflate the (delusional) idea of ethical consumption with active usage and contribution of open source software.

                                                                                              Ethical consumption doesn’t work for the structure of the market, where the contribution of the individual gives no perceivable feedback to the system.

                                                                                              The Open Source world and software engineering are a much smaller world. It is a realistic goal to radicalize enough software engineers inside and outside of Palantir in order to halt their production. Your target audience has contract leverage, money and is highly connected and easily reachable.

                                                                                              This is a much easier and realistic goal than convince the management of some big corporation to reduce their exploitation just because a small minority of consumers is unhappy. When they realize this, instead of reducing exploitation, they invest in more marketing to wash their brand, or they simply start a new one. Much cheaper.

                                                                                              Don’t conflate your power as a consumer with your power as a producer, because they very different.

                                                                                              1. 11

                                                                                                I used to work for Nokia. They did everything in their power to ethically source all their materials. It was the only phone company that did that. Other companies don’t do that because nobody demands it from them. While there is no ethical consumption under capitalism, there is slightly less terrible consumption. So where do we draw the line? As deep into their pocket books as it can go.

                                                                                                1. 1

                                                                                                  I didn’t know that about Nokia. That’s awesome! Thanks for the tip.

                                                                                                  1. 1

                                                                                                    Now, keep in mind the new Nokia phones are made by a different company that just licenses the brand. I’m not sure if care as much.

                                                                                                2. 10

                                                                                                  […] the lake […]

                                                                                                  That is horrible.

                                                                                                  Seems hypocritical to me.

                                                                                                  Ok.

                                                                                                  Where would you draw the line personally? Do I understand your opinion correctly as suggesting that if you use a computer, then you shouldn’t be discussing unethical behaviour, e.g. racism? It is not my intention to judge here; just genuinely curious.

                                                                                                  Maybe make for better opportunities for immigrants in whatever your country is, too.

                                                                                                  I agree with this very much, and this is something that I aspire to do. Additionally I do have friends that have been deported, and worry a bit about my own not so distant post-Brexit situation in the UK.

                                                                                                  1. 2

                                                                                                    Im glad you’re doing real work on this issue. I commend that.

                                                                                                    Writing it here likely isn’t is the thrust of my point. Instead, it’s just adding noise to the forum plus sending a jab at one of only folks we know in Palantir doing something possibly beneficial (eg open-sourcing software for data analysis). The people here that would agree with your position already dont work for Palantir, use their services, or vote for folks that support horrible policies on immigration.

                                                                                                    Those that do these thing are (a) mostly not on Lobsters where your comments bave about lowest ROI you can get and (b) usually disagree with you with no intent to change their mind based on your comment that states the obvious. So, you’re not reaching them. Goes for similar comments aiming for political impact on government-level stuff in non-political, Lobsters threads. So, I push for people not to introduce them.

                                                                                                    Im at work now so responses might be delayed.

                                                                                                    1. 5

                                                                                                      mostly not on Lobsters where your comments bave about lowest ROI you can get

                                                                                                      Yes, you are probably correct in that observation.

                                                                                                      I wasn’t really sharing my thoughts here expecting any impact, but rather because I’m interested in hearing what other people think. And you are right that I’m being hypocritical here, because I doubt I’d react the same to an IBM project even though they have a shameful past; and even worse, I used to work on this phone app promoting some agrochem from DOW. At first I just kept my eyes on the code, but I couldn’t justify it to myself after reading about their role in the Vietnam War and the Bhopal Disaster and all that.

                                                                                                      So, it was intended more of an open question about where people here draw the line.

                                                                                                      1. 2

                                                                                                        Well, you seem to be speaking out of the heart on things you’ve been close to personally. I respect that. I still say low-ROI with better results elsewhere. You were bringing it up for good reasons, though. The community response also strongly favored your comment in a way consistent with prior threads on politics showing a shift in what Lobsters wants as a community. I’ll write on that in the future.

                                                                                                        And it’s still cool you’re another person reusing older computers with the LiveCD tests and such. Off-topic a bit, but I was wondering if the hardware vulnerabilities they probably won’t patch on 5-10 year old machines have you considering new stuff? I always knew they were there. Now, they’re coming quickly with many eyeballs on them. Might be best reason I ever heard to get the latest and greatest from Purism, Raptor, or whoever. And then most have backdoors for (insert group) but fewer hardware 0-days for (more groups). Wait, I thought this tangent-tangent could lighten things up with easier choices… Looks just as hard… ;)

                                                                                                        1. 1

                                                                                                          Off-topic a bit, but I was wondering if the hardware vulnerabilities they probably won’t patch on 5-10 year old machines have you considering new stuff?

                                                                                                          I don’t know enough about this; what hardware vulns are we talking about here, and how easy are they to exploit? Although it’s not really about hardware, there’s that whole Intel Management Engine issue that is avoided by using somewhat old WinXP-era 32-bit laptops, so newer is not always more secure.

                                                                                                          And it’s still cool you’re another person reusing older computers with the LiveCD tests and such.

                                                                                                          Oh yes that thread! At least it’s a bit less harmful if we can use computers for longer. A friend of mine has a Mac that can’t get more OS X updates now, so she’s stuck with insecure versions of Firefox and all that. Gonna put Debian on it later this week, hopefully!

                                                                                                          Do you know of any somewhat more ethical laptop producers?

                                                                                                          1. 2

                                                                                                            re hardware attacks.

                                                                                                            Essentially, the hardware has always been secure with only elite pro’s focusing on it. Now, due to Meltdown/Spectre, hardware attacks have gone really mainstream with all kinds of university research, private research, folks describing stuff on blogs, and so on. All the CPU’s that were highly optimized (esp Intel/AMD) are vulnerable to them needing patches. They’re doing the attacks over the network now. Older systems used to be safer but now they’re not since attacks will get more numerous and effective over time.

                                                                                                            About the only things that are immune were simpler, embedded CPU’s. They’re not designed for security, though, with far less attention by defenders. So, that could reduce the hardware risk adding to the software risk. Simpler boards that can run modern, security-updated OS’s might help. I’m not sure. At lot of stuff is piling in.

                                                                                                            re put Debian on it.

                                                                                                            Ok, you’re already using that strategy. Good thinking and being helpful! :)

                                                                                                            re ethical producers

                                                                                                            I can’t remember since I was buying used ones like you. The one I see in media most with good things going for it is Purism. They try to disable the ME with software changes, too. Some folks pushing high freedom were using MiniFree to get ME-less, FOSS-firmware laptops. It had downsides. My own Core Duo 2 still handles stuff nicely outside games, highest-def content, and worst of web apps. Here’s a Guardian article I just found with some recommendations. Another said iFixit can help keep things going.

                                                                                                            So, not a lot of options for new hardware minimizing harm to self and others. There are options in both reuse and new categories that help us reduce harm. We can at least do that. I stay dedicating slices of my research to solving this problem. Tracking whatever can help for whoever can do it. Maybe something will shake out eventually.

                                                                                                    2. 0

                                                                                                      Additionally I do have friends that have been deported

                                                                                                      Sorry but are we now living in a world where the ‘standard’ left-wing political view in the Anglosphere is that any kind of deportation is bad? Because that’s how I’m reading this comment.

                                                                                                      Immigration policy exists for very good reasons. The American political dichotomy that either there should be zero immigration or completely unchecked immigration is, for lack of a better word, moronic.

                                                                                                      1. 3

                                                                                                        I think it’s fair to assume that the poster could be criticising the particular immigration policy that led to these deportations, instead of all immigration policy.

                                                                                                        1. 1

                                                                                                          It could be fair, if the poster denounced similar and almost identical policies under the previous President. As it stands, the poster is mostly just criticizing immigration policies that seemed totally reasonable and main stream just eight short years ago.

                                                                                                    3. 5

                                                                                                      You can’t make perfect the enemy of good. Your argument essentially seems to be that if you can’t live perfectly you shouldn’t try living better at all.

                                                                                                      It’s virtually impossible to operate in the modern world without using the internet, without having and using a computer. If it were possible to, for a reasonable price that I can afford but knowing I’d have to pay somewhat of a premium, buy a computer that I knew wasn’t made using exploitation of those in the third world, then of course I would buy one. But I don’t know that it is. And there are other competing priorities too, like getting a computer that is free of binary blobs and proprietary software.

                                                                                                      I certainly don’t pay a ‘surveillance-enabling company in a police state’ to send anything over the internet. I pay an ISP for internet access, but I don’t live in a police state and as far as I know my ISP doesn’t enable surveillance.

                                                                                                      In the same way that I think it’s perfectly reasonable for someone to say ‘I can’t afford to be vegan’ even though being vegan is morally important, I think it’s perfectly acceptable to say ‘I can’t afford to buy ethically produced clothes’. Plus there’s significant evidence that manufacturing things in third world countries has improving their living standards and wages considerably.

                                                                                                      Where to we draw the line on how our consumption and contribution harms or helps others? And do you regularly do that for every product and service you buy? Most of them?

                                                                                                      I like to have an idea, at least, of what goes into the things I buy, yes. It’s hard to do it with absolutely everything though, because there’s just so much different stuff.

                                                                                                      Have you been active in government on laws, treaties, court cases, etc? The stuff that stops things like you describe.

                                                                                                      That’s absolutely ridiculous. You do not have to be a member of government to have a political view. You do not have to negotiate an international treaty to have a political view. You do not have to sue someone to have a political view. Your standards are ridiculous.

                                                                                                      Or just some quick, social signaling on Lobsters getting feel-good points?

                                                                                                      Discussing important issues is not ‘virtue signalling’.

                                                                                                      If you care, I encourage you to put time into legal reform or bootstrapping alternatives to each of the things I mentioned. Maybe make for better opportunities for immigrants in whatever your country is, too. Maybe host some coding bootcamps or something for those in the slums. What you’re doing here is adding to the noise but not helping Trump’s victims or your country’s immigrants in any way.

                                                                                                      This has nothing to do with immigrants and everything to do with Palantir being a company that operates in an unethical manner. It’s a surveillance company. There’s absolutely nothing problematic about a company producing software on contract for a government that has immigration policies. The issue is that Trump’s policies are violating human rights in how they’re enforcing those laws.

                                                                                                      You don’t solve this problem by creating ‘coding bootcamps’ for immigrants LOL.

                                                                                                    4. 4

                                                                                                      I guess it may be possible to work at a seedy company and still do good stuff.

                                                                                                      Regardless, thanks for releasing this as free software.

                                                                                                      Every field of endeavor is welcome here. Every field of endeavor is welcome here for technical discussion, free of (without expectation of) moralizing, guilt, or shame.

                                                                                                      1. 2

                                                                                                        I personally already draw the line at technology coming from uber for ethical reasons, so I will not touch palantir things at all. Thanks for bringing that up!

                                                                                                      1. 2

                                                                                                        I’m really surprised that they’ve not covered Rust’s “editions” approach in their background section, which aims for very similar goals - avoiding breaking changes by allowing modules built for different versions to work with each other.

                                                                                                        1. 22

                                                                                                          I think it’s generally worth following the recommended steps to get a project running to get an understanding of what it looks like in a known working setup before trying to configure the application in a different way to the developers.

                                                                                                          1. 3

                                                                                                            Running D&D for a couple of groups and more recently, minatures painting. I realised some time ago that I dodn’t really do much outside of work or work related things, and made an effort to dedicate my time to something that I wasn’t being paid to do. I’d still like to find other hobbies though.

                                                                                                            1. 2

                                                                                                              This is a really common mechanism for application updates on linux?

                                                                                                              1. 2

                                                                                                                No. Security-conscious distributions provide centralized updates and try to prevent “side-channel” downloads.

                                                                                                              1. 2

                                                                                                                Adopting Coraline Ada’s anti-meritocratic CoC is a disaster. Its intended as political tool for feminism, this is no secret. This will, at best, split the community.

                                                                                                                1. 24

                                                                                                                  I contemplated not answering to this comment, because I am tired of this discussion a bit, yet I don’t want to leave it unchallenged. I think

                                                                                                                  • The Contributor Covenant is a very reasonable guideline. Not every sentence is as I would have phrased it, but if you wholeheartedly reject it, I kind of suspect you aren’t interested in a community I want to work in. There are some legal implications I think that would be worth discussing before introducing it, though, but overall I share its intent.
                                                                                                                  • Feminism is a positive movement in our societies, it has liberated women and it has benefited men as well.
                                                                                                                  • Politics is the process of making decisions that apply to members of a group, so yes, this CoC is politics, but not having a CoC is also politics, just less organized politics.
                                                                                                                  • Meritocracy is a fairy-tale political ideal that never realizes usually because “merit” cannot be defined.
                                                                                                                  1. 4

                                                                                                                    Modern ‘3d wave’ feminism, identity politics, intersectionality and basically all those other -isms and -itys defined under ‘critical theory’ have done a large amount of damage to the cohesion of society and stand to do much more given the chance as they eventually all lead to the same thing: divide society into groups of ‘us’ and ‘them’ based on real or imaginary differences between the two where the ‘us’ is deemed to be oppressed by the ‘them’. This hierarchy of oppression is a fluid thing where the ‘oppressed’ of today can become the ‘oppressor’ of tomorrow, viz. the exclusion of ‘cis-gender white male homosexuals’ from more radical LGBTQ[a-z0-9] groups [1].

                                                                                                                    Part of the problem can be understood by looking at that term I just used to identify the formerly oppressed, now oppressing gay men: ‘cis-gender’ ‘white’ ‘male’ ‘homosexuals’. Four identifiers which supposedly can be used to group a lot of people into a box where all those people are supposed to have certain characteristics innate to that group. Those who are into using terms like this don’t seem to realise that they’re going down the same path that groups like the KKK went down before by attributing behavioural traits to people with certain identifying characteristics, i.e. more or less the classical definition of racism.

                                                                                                                    [1] https://www.them.us/story/white-gay-men-are-hindering-our-progress

                                                                                                                    1. 1

                                                                                                                      The Contributor Covenant is a very reasonable guideline.

                                                                                                                      Questioning its contents is now off-limits. Rules must stay debatable. The “not aligned to this Code of Conduct” part is unnecessary for moderation, but necessary if its intended to be abused as power instrument.

                                                                                                                      I kind of suspect you aren’t interested in a community I want to work in

                                                                                                                      You don’t know how i work or where i work or what i do, but you still voice that (pre-)judgement? IMHO its really rude. If you are interested, i offer you to come around and have a talk.

                                                                                                                      Feminism is a positive movement in our societies, it has liberated women and it has benefited men as well.

                                                                                                                      Just from the ire it created, i don’t think the 3rd wave feminism, especially identity politics, are helpful to society. People are so fed up with it, they vote for people like Trump just to spite them. Maybe some time for reflection what went wrong?

                                                                                                                      Politics is the process of making decisions that apply to members of a group, so yes, this CoC is politics, but not having a CoC is also politics, just less organized politics

                                                                                                                      Ill quote http://paul-m-jones.com/archives/6214:

                                                                                                                      […], it is true that Ehmke thinks of open source as a political arena. As such, one must read the Contributor Covenant as a political document, with political means and political ends. Specifically, it is a tool for Social Justice.

                                                                                                                      Kernel-internal politics are fine, but Coraline Ada using it as arena is off-limits.

                                                                                                                      Meritocracy is a fairy-tale political ideal that never realizes usually because “merit” cannot be defined

                                                                                                                      Things don’t need to be defined to be valid (including personal identity).

                                                                                                                      In Software Development, competence is a scarce resource. If someone has the ability and knowledge to do something, they’ll also end up as decision maker in this area. This isn’t fairy-tale, this is how self-organization works, and this is how many OSS-Communities work. Its Ada who now whats that things happen differently. I highly doubt that her ideal will work at all.

                                                                                                                    2. 11

                                                                                                                      I want to disagree with this, because I don’t believe that “a political tool for feminism” is necessarily a bad thing, but perhaps that’s my politics showing. Do you have any specific objections to the CoC? What in particular is anti-meritocratic about it?

                                                                                                                      Edit: Link to the CoC itself, courtesy of rodolfo elsewhere on this page https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/Documentation/process/code-of-conduct.rst?id=8a104f8b5867c682d994ffa7a74093c54469c11f

                                                                                                                      1. 2

                                                                                                                        The content is only one of the issues. Alone the fact that its imposed top-down will make feel many people violated in their moral autonomy. The worst thing is, people who don’t exercise their moral autonomy don’t understand what kind of loss this is.

                                                                                                                        Maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project’s leadership.

                                                                                                                        Tell me, how is this different from authoritarian rule?

                                                                                                                        1. 18

                                                                                                                          Tell me, how is this different from authoritarian rule?

                                                                                                                          It sounds like… a rule. Some places have those, like “please put your clothes back on or we’ll ask you to leave the shop”, but it’s the content that makes them reasonable or otherwise.

                                                                                                                          My question is what specifically does this code of conduct prevent people from doing that you object to?

                                                                                                                          Examples of unacceptable behavior by participants include:

                                                                                                                          • The use of sexualized language or imagery and unwelcome sexual attention or advances
                                                                                                                          • Trolling, insulting/derogatory comments, and personal or political attacks
                                                                                                                          • Public or private harassment
                                                                                                                          • Publishing others’ private information, such as a physical or electronic address, without explicit permission
                                                                                                                          • Other conduct which could reasonably be considered inappropriate in a professional setting
                                                                                                                          1. 6

                                                                                                                            I’m not the person you’re replying to, but I believe this point can raise some contention. It’s argued it’s so weakly defined that it could be abused both ways.

                                                                                                                            Other conduct which could reasonably be considered inappropriate in a professional setting

                                                                                                                            1. 4

                                                                                                                              Yes, that’s a fair point - thanks. Personally, I believe there’s enough general consensus on what is considered appropriate in a professional setting that this isn’t immediate cause for concern, but it will come down to seeing when and how the CoC is enforced.

                                                                                                                              Most workplaces have similar language in their contracts and it certainly can raise contention depending on how it’s applied.

                                                                                                                              I realise you’re not liwakura, but just to bring it back around - I don’t think there’s anything in that to justify his original statement that it’s “a disaster”, or “a political tool for feminism”, however.

                                                                                                                          2. 9

                                                                                                                            imposed top-down

                                                                                                                            What isn’t imposed top-down in open source projects?

                                                                                                                            The license, the initial code, the name, the decisions on accepting patches, who gets commit access… The project owners can (and should) impose whatever they feel is necessary. What the hell is wrong with that? What makes you feel entitled to project maintainers not setting their rules?

                                                                                                                            The only autonomy you have is to fork the project.

                                                                                                                            1. 18

                                                                                                                              I was once a visitor to South Africa during the apartheid government and stayed a couple of nights in a house up the hill from a police station. You could hear people screaming as they were tortured some nights. Being told that voluntarily participating in a group project requires you to be polite is really different from living under authoritarian rule.

                                                                                                                              1. 8

                                                                                                                                Tell me, how is this different from authoritarian rule?

                                                                                                                                You can’t just walk away from authoritarian rule.

                                                                                                                                No-one is being forced to contribute to Linux and follow the rules the community has.

                                                                                                                                1. 6

                                                                                                                                  Tell me, how is this different from authoritarian rule?

                                                                                                                                  You are free to contribute to the Linux kernel as long as you abide by the code of conduct. If you do no abide by it, you may be censured. You can either change your behavior, stop contributing, or fork the code and continue on your own.

                                                                                                                                  This last is what makes it different from authoritarian rule.

                                                                                                                            1. 11

                                                                                                                              On one hand, I don’t particularly find the Linux code particularly pleasant to work on, so I probably wouldn’t be contributing in my spare time regardless.

                                                                                                                              On the other hand, I think that this reduces the chance that I’ll send any patches in the future; I find these “welcoming” cultures make me feel less at ease, for whatever reason, which is a second strike against my involvement.

                                                                                                                              For me, the code reviews I got from Theo were a highlight of sending in patches to OpenBSD.

                                                                                                                              In the end, it doesn’t matter much – not everything needs to be for everybody, and the Linux community isn’t run for for me. This will bring some people in, push others out, and the world will go on.

                                                                                                                              1. 8

                                                                                                                                True. I’m also concerned that code quality (and therefore users) will suffer.

                                                                                                                                1. 24

                                                                                                                                  I am honestly at a loss to see who abiding to a bland CoC could lead to code quality suffering.

                                                                                                                                  Nothing in the CoC that I have read is in any way unremarkable. It’s simply normal professional behavior codified, with some additions to address the peculiarities of mostly online communications.

                                                                                                                                  1. 5

                                                                                                                                    It’s simply normal professional behavior codified.

                                                                                                                                    That ship has sailed, but I am not convinced Open Source should be held to the standards of “professional behavior”. For instance, should we stop accepting underage contributors? What about anonymous or pseudonymous contributions?

                                                                                                                                    Moreover what constitutes “professional behavior” differs wildly between countries and even companies within countries. For instance, “don’t ask don’t tell”-style policies are still the norm at some workplaces; do we want that in our communities? Or should we just accept that the average (non-Trump voter) U.S. sentiment should be the norm in Open Source?

                                                                                                                                    Regarding Linus, he does (did?) have a very strong way of reacting when people disregarded things that he considered important principles of the kernel such as “do not break userspace”. He isn’t shy to use strong language to criticize companies either :)

                                                                                                                                    Whether this has a positive or a negative effect is hard to say. It certainly antagonizes some people, and especially some potential new contributors, but at the scale of Linux should that still be the main concern of the project?

                                                                                                                                    In any case Linus knows he reacts too strongly too fast already. This is not the first time he says something like that. We should wait and judge the long-term effects in a few months or years.

                                                                                                                                    1. 14

                                                                                                                                      Treating people professionally does not imply employment. A proprietor of a store treats a customer professionally by not insulting them, or refusing service. A teacher treats a student professionally by not verbally denigrating them, for example. A maintainer of an open source project treats bug reports professionally by attempting to reproduce them and applying a fix, even though the submitter of the issue may as well be anonymous.

                                                                                                                                      It’s basically the 21st century formulation of the Categorical Imperative, as far as I am concerned.

                                                                                                                                  2. 23

                                                                                                                                    Why? Do you truly believe that it is impossible to reject bad patches without telling someone that they should be “retroactively aborted”?

                                                                                                                                    1. -3

                                                                                                                                      Language as harsh as that is used daily in normal speech between developers. I’ve seen much worse slack channels in terms of use of language, and you wouldn’t believe the language I’ve seen used on IRC to describe bad code.

                                                                                                                                      I do indeed think that if you start censoring peoples’ language they’re going to change the way they contribute for the worse. If all you did was ban the absolute worst things like that, nobody would complain. But the reality is that’s not what will happen. Anything ‘offensive’ will be banned. Offensiveness is completely subjective.

                                                                                                                                      1. 20

                                                                                                                                        Language as harsh as that is used daily in normal speech between developers

                                                                                                                                        That’s a rash generalisation. At none of the places I’ve worked as a developer would that sort of language be acceptable.

                                                                                                                                        Offensiveness is completely subjective

                                                                                                                                        That’s also untrue. While there will be grey areas, there are some things that are objectively offensive if interpreted literally - and if they’re not meant literally, why not use another expression?

                                                                                                                                        1. 3

                                                                                                                                          I’m going to guess you’re an American, correct me if I’m wrong. EDIT: stand corrected

                                                                                                                                          The American cultural norm of ‘compliment sandwiches’ and being obsequiously polite is cancer to the ears of most people that aren’t Americans. I find it quite funny that Americans have this idea of Japanese as being very polite culturally, while Americans are insanely polite culturally compared to most other English-speaking countries.

                                                                                                                                          The typical British, Australian or Kiwi software developer swears like a trooper. It’s not uncommon, it’s not offensive. You wouldn’t do it in an email, but this is the key point: my emails are not Linus’s emails. The context is different. All his communication is by email, so naturally email carries a much lower average level of formality.

                                                                                                                                          That’s also untrue. While there will be grey areas, there are some things that are objectively offensive if interpreted literally - and if they’re not meant literally, why not use another expression?

                                                                                                                                          I don’t even know how to respond to this. Why would one only ever say things you mean literally? Speaking entirely literally is something I would expect of someone with extreme levels of Asperger’s syndrome, I believe it’s a common symptom.

                                                                                                                                          1. 11

                                                                                                                                            I’m going to guess you’re an American, correct me if I’m wrong

                                                                                                                                            The typical British, Australian or Kiwi software developer swears like a trooper

                                                                                                                                            You are wrong; I’m Australian, currently working in England, and I disagree. Regardless, swearing by itself is not something that I find offensive.

                                                                                                                                            Why would one only ever say things you mean literally?

                                                                                                                                            That’s not what I suggested. If you have a choice between a highly offensive figurative or metaphorical expression and some other expression - whether literal or also figurative - which is not highly offensive, why go for the former?

                                                                                                                                            1. 2

                                                                                                                                              You are wrong; I’m Australian, currently working in England, and I disagree. Regardless, swearing by itself is not something that I find offensive.

                                                                                                                                              I see

                                                                                                                                              That’s not what I suggested.

                                                                                                                                              I must have misinterpreted you. Sorry.

                                                                                                                                              If you have a choice between a highly offensive figurative or metaphorical expression and some other expression - whether literal or also figurative - which is not highly offensive, why go for the former?

                                                                                                                                              People say things that others find offensive, sometimes on purpose and sometimes not. Offensiveness is subjective. I genuinely don’t think I’ve ever been offended. Why go for one expression over another knowing that someone will get their knickers in a twist over it? Because you don’t care if someone finds it offensive? Because you enjoy it?

                                                                                                                                              I have to admit that I actually quite enjoy knowing that someone got self-righteously offended over something I’ve said. It hasn’t happened too often, but when it does it’s just great.

                                                                                                                                              EDIT: to be clear, there is ‘offensiveness’ that I don’t like. If someone is racist, I’m not offended, I just think that being racist is wrong and stupid and that they are wrong and stupid. I guess you could call this ‘offense’ but it’s really not the same thing.

                                                                                                                                              1. 5

                                                                                                                                                Why go for one expression over another knowing that someone will get their knickers in a twist over it? Because you don’t care if someone finds it offensive? Because you enjoy it?

                                                                                                                                                I was not intending for you to provide an answer for the “why” - it was a rhetorical question. The point was that I do not think you should say something that may well offend someone, when there is a way to communicate without doing so.

                                                                                                                                                Offensiveness is subjective. I genuinely don’t think I’ve ever been offended

                                                                                                                                                I suspect this is why you’re having difficulty seeing the problem, and while I envy you never having experienced the feeling of being offended I can see that this could lead to lack of empathy for those who were.

                                                                                                                                                Maybe you wouldn’t get offended by something, but that doesn’t mean it’s “not offensive” per se. I don’t agree that offensiveness is entirely subjective. Implying (or stating directly) that someone is stupid in communication to them, for example, is generally considered offensive. Statements can be intended to cause offense. There may be disagreement on specific cases, but I think in general that there would be good agreement in a survey of a random portion of the population that certain statements were offensive.

                                                                                                                                                1. 1

                                                                                                                                                  I think the reality is that I would be closest to feeling hurt or offended by someone calling me stupid if I really had done something stupid. I’ve been called stupid when I haven’t been stupid many times, doesn’t bother me. I’ve been called stupid when I really have been stupid, and it does indeed make you feel bad.

                                                                                                                                                  I’ll acknowledge that the best way to deal with some bad code getting into the Linux kernel isn’t to make the person that wrote it feel bad.

                                                                                                                                            2. 5

                                                                                                                                              The typical British, Australian or Kiwi software developer swears like a trooper.

                                                                                                                                              As a kiwi, I have not had this experience at all, quite the opposite. Everyone I work with is polite and respectful. This is just my experience, but I’m very surprised by your comment.

                                                                                                                                              it’s not offensive

                                                                                                                                              Sure, if it’s just swearing in general (though I’d still prefer to keep it to a minimum). The problem is when it becomes personal. Your argument is that people use ‘language just as harsh is used daily’, but there’s a line between bad language and abusive language. I don’t think the latter should be acceptable in a professional environment (at least one I’d want to work in). You can’t use one to justify the other.

                                                                                                                                              1. 4

                                                                                                                                                The typical British, Australian or Kiwi software developer swears like a trooper. It’s not uncommon, it’s not offensive.

                                                                                                                                                I work in software development in the UK and many of Linus’ comments would be seen as completely unprofessional in either emails or conversation - certainly far past the bar where HR would get involved. There’s a massive gap between swearing and direct personal insults.

                                                                                                                                        2. 15

                                                                                                                                          No one said you have to be an asshole when being firm about rejecting patches.

                                                                                                                                          1. -1

                                                                                                                                            A lot of people will interpret anything firm as being an arsehole. If you don’t put smiley faces at the end of every sentence, some people will interpret it as you being an arsehole. If you don’t couch every negative thing you say between two positive things, people will react very aggressively.

                                                                                                                                            1. 17

                                                                                                                                              But saying someone should be “retroactively aborted” for some bad code?

                                                                                                                                              1. 11

                                                                                                                                                If you don’t put smiley faces at the end of every sentence, some people will interpret it as you being an arsehole. If you don’t couch every negative thing you say between two positive things, people will react very aggressively.

                                                                                                                                                This sounds like a very broad generalization to me.

                                                                                                                                            2. 22

                                                                                                                                              I think there’s no causal link between “being nicer when responding to patches” and code quality going down. If anything I’d suspect the opposite; you get people who learn and improve rather than giving up after feeling insulted, and then continue to submit quality improvements.

                                                                                                                                              1. 3

                                                                                                                                                Linus Torvalds is nearly always nice when responding to patches. In 0.001% of emails he’s rude. Unfortunately he sends a lot of emails, and people cherry-pick the worst of the worst.

                                                                                                                                                1. 21

                                                                                                                                                  His own apology and admission of a problem would indicate that the issue is significant. That “0.001%” is a made-up number, isn’t it? While I’m sure that only a small number of his emails are insulting, that small number still has - and has had - a detrimental effect on the mind-state of other developers. This is what’s come out of a discussion between Linus and a number of developers.

                                                                                                                                                  Don’t get me wrong, I like Linus generally (not that I know him personally) and I think he does a great job in general, but it’s clear that this personality problem has been a growing problem. A number of people - even quite prominent developers - have left the kernel development arena because of this kind of behaviour from Linus and others and/or issues around it.

                                                                                                                                                  I think this is a great step on Linus’ behalf, it must have been hard to make the admissions that he has and it’s a sign that things really could be better going forward.

                                                                                                                                                  1. 5

                                                                                                                                                    His own apology and admission of a problem would indicate that the issue is significant.

                                                                                                                                                    I disagree. I think the issue is massively overblown and that he’s been worn down by the endless bullshit about something that really isn’t an issue.

                                                                                                                                                    That “0.001%” is a made-up number, isn’t it?

                                                                                                                                                    If you’d like to go do sentiment analysis on every LKML email he’s sent, be my guest. I’d love to see the real numbers. But I chose the number to make a point: it’s a vanishingly small number of emails. It’s about half a dozen well known rude emails over two decades or more. They’re really not that bad taken in the context of the number of emails he sends and the context in which he sends them. He doesn’t say ‘this code is shit’ out loud to his coworker and then send a nice polite email. The LKML is the entire communication layer for all of Linux kernel development (plus the other lists of course). The context of those emails includes a lot more than what you’d normally include in emails in a normal development environment.

                                                                                                                                                    While I’m sure that only a small number of his emails are insulting, that small number still has - and has had - a detrimental effect on the mind-state of other developers. This is what’s come out of a discussion between Linus and a number of developers.

                                                                                                                                                    I mean frankly I think that if someone is going to be detrimentally affected by a few emails they are no great loss. I’ve seen a few people that say things like ‘I’d never contribute to Linux even if that were in my skill set, because they’re always rude to new people’ and then cite Linus’s emails as evidence of this. I’ve seen that sort of comment a lot. Dozens of times on /r/linux, dozens of times on /r/programming, many times on HN. It’s rubbish! The LKML isn’t obsequious: the email culture there is the traditional techy one of saying what you need to say straightforwardly rather than the traditional corporate one of layering everything in sugar to avoid sounding rude to people that expect every criticism to be wrapped in three layers of compliments.

                                                                                                                                                    The LKML is especially not rude to newcomers. Linus has been rude, in the past, sure, but only to people that are expected to know better. Long term, hardcore maintainers that have been around for years. Is it okay? No, but it’s not anything to get worked up about. It’s a really really minor issue.

                                                                                                                                                    There are way bigger issues in Linux kernel development, like the really scary amount of control and input some companies have in its development.

                                                                                                                                                    Don’t get me wrong, I like Linus generally (not that I know him personally) and I think he does a great job in general, but it’s clear that this personality problem has been a growing problem. A number of people - even quite prominent developers - have left the kernel development arena because of this kind of behaviour from Linus and others and/or issues around it.

                                                                                                                                                    They probably would have left anyway. People don’t change careers because someone said ‘retroactively aborted’ in an email once.

                                                                                                                                            3. 10

                                                                                                                                              funny, I almost avoided a potential security report to OpenBSD because I saw the contact is theo. I didn’t want to get flamed.

                                                                                                                                            1. 1

                                                                                                                                              How likely is your stack implementation to break after it’s initially written?

                                                                                                                                              Very. If you - for whatever reason - find yourself implementing a stack class instead of using an existing one, you’re probably going to come back and optimize or improve it to better fit the specific needs that required it in the first place.

                                                                                                                                              1. 2

                                                                                                                                                I don’t have anything useful to say about this, but I really really love it. There’s a lot of cool data that I always thought would be hard to collect, and it’s very nicely presented.

                                                                                                                                                It’d be nice to be able to just show “known” influences instead of “known” and “inferred” influences.

                                                                                                                                                1. 1

                                                                                                                                                  I’ll probably never use this, but I’m really glad it exists - whenever I’ve managed a Slack instance I’ve had people who don’t want to use it without a non-GUI option.

                                                                                                                                                  1. 11

                                                                                                                                                    I don’t claim to understand the nitty gritty of HTTPS but I feel like it should be possible to cache HTTPS requests by having clients recognize the caching server as a certificate authority. My employer has managed to snoop on my HTTPS traffic somehow and I assume it has to do with the root CA my installed on my workstation that no one outside the organization has ever heard of. I’m guessing the proxy is generating a phony certificate for my target domain and then signing it itself while using publicly acknowledged CAs on the other side. I can’t say I enjoy being MitM’d by my employer but if there’s a use case that justifies it, the situation described in the article seems to be it.

                                                                                                                                                    Is this not actually what’s happening? Is it impossible to do given the resource constraints of rural Ugandan computing?

                                                                                                                                                    1. 11

                                                                                                                                                      What you’ve described is right - it’s not uncommon for companies to snoop on HTTPS traffic by installing their own CA on employees machines. I don’t think it’s a good practice, but it does work in cases where companies insist on doing so, and there’s no reason it shouldn’t work for a caching server.

                                                                                                                                                    1. 3

                                                                                                                                                      I’ve wanted something like this for a while - the idea of mixing documentation/checklists and a record of going through them really appeals to me.

                                                                                                                                                      Not sure about GitHub-as-storage, but I can see how other approaches might be more work. I was expecting it to be more like a wiki (self-hosted, database backend) on first glance, but I’m not sure if that would actually be an improvement rather than just what I’m used to.

                                                                                                                                                      1. 2

                                                                                                                                                        Yes, checklisted documentation is helpful, but also notice the context-collection capabilities via comments on steps. The motivation use case: A person is working on a complex process for several months, then leaves the company. Another person takes over and has to get up speed quickly. By looking at the graph they can immediately understand what have been done, what haven’t been done and what’s blocking what. By looking at individual unfinished step they can read the comments and understand what was already done.

                                                                                                                                                      1. 41

                                                                                                                                                        It’s also developer-friendly because of its excellent wiki.

                                                                                                                                                        I learned Linux doing everything by hand on a Slackware system, then moved to Ubuntu after ~8 years when I realized I’d stopped learning new things. Then a couple years ago I realized I didn’t understand how a bunch of things worked anymore (systemd, pulseaudio, Xorg, more). I looked at various distros and went with Arch because its wiki had helped me almost every time I’d had an issue.

                                                                                                                                                        Speaking of distros, I’m currently learning Nix and NixOS. It’s very nice so far. If I can learn to build packages I’ll probably replace lobsters-ansible with it (the recent issues/PRs/commits tell a tale of my escalating frustration at design limitations). Maybe also my personal laptop: I can experiment first with using nix to try xmonad first because it’s mostly configured by editing + recompiling) and deal with python packaging, which has never worked for me, then move completely to NixOS if that goes well.

                                                                                                                                                        1. 9

                                                                                                                                                          I switched from Mac to NixOS and couldn’t be happier. At work we use Nix for building Haskell projects as well.

                                                                                                                                                          1. 9

                                                                                                                                                            The Arch wiki actually seems to be the only good documentation for using the advanced functionality of newer freedesktop components like pulseaudio, or much older software like Xorg.

                                                                                                                                                            But I’ve noticed it’s documentation for enterprise software like ZFS is usually hot garbage. Not surprising given the community. The recommendations are frequently hokey nonsense: imaginary micro-optimizations or blatantly incorrect feature descriptions.

                                                                                                                                                            What do you find better about nix for making packages than, say, making an rpm or deb? I’ve found those package systems valuable for large scale application deployment. Capistrano has also been nice for smaller scale, with its ability to deploy directly from a repo and roll back deployments with a simple symlink swap. And integration libraries are usually small enough that I’m comfortable just importing the source into my project and customizing them, which relieves so many minor tooling frustrations overall.

                                                                                                                                                            Of course in the end the best deployment system is the one you’ll actually use, so if you’re excited about packaging and deploying with nix, and will thus devote more time and energy to getting it just right, then that’s de facto the best option.

                                                                                                                                                            1. 3

                                                                                                                                                              What do you find better about nix for making packages than, say, making an rpm or deb?

                                                                                                                                                              I don’t, yet. The “If I can learn to build packages” sentence links to an issue I’ve filed. I was unable to learn how to do so from the official documentation. I’ve almost exclusively been working in languages (PHP, Python, Ruby, JavaScript) that rpm/deb have not had good support for, prompting those languages to each implement their own package management systems that interface poorly or not at all with system packaging.

                                                                                                                                                              I’ve used Capistrano, Chef, Puppet, and currently use Ansible for deployment. Capistrano and Ansible at least try to be small and don’t have a pretensions to being something other than an imperative scripting tool, but I’ve seen all of them break servers on deployment, let servers drift out of sync with the config, or fail to be able to produce new deployments that match the existing one. Nix/NixOS/NixOps approach the problem from a different direction; it looks like they started from what the idea of system configuration is instead of scripting the manual steps of maintaining one. Unfortunately nix replicates the misfeature of templating config files and providing its own config file on top of them instead of checking complete config files into a repo. Hopefully this won’t be too bad in practice, though it’s not a good sign that they implemented a programming language.

                                                                                                                                                              I appreciate your closing sentiment, but I’m not really trying to reach new heights of system configuration. I’m trying to avoid losing time to misconfiguration caused by services that fundamentally misunderstand the problem, leading to booby traps in common usage. I see almost all of my experience with packaging + deployment tools as a loss to be minimized in the hopes that they waste less time than hand-managing the global variables of public mutable state that is a running server.

                                                                                                                                                              1. 1

                                                                                                                                                                Hmmm. I don’t think the problems you listed are 100% avoidable with any tool, just easier in some rather than others.

                                                                                                                                                                I like Puppet and Capistrano well enough. But I also think packaging a Rails application as a pre-built system package is definitely the way to go, with all gems installed and assets compiled at build time. That at least makes the app deployment reproducible, though it does nothing for things like database migrations.

                                                                                                                                                              2. 1

                                                                                                                                                                What do you find better about nix for making packages than, say, making an rpm or deb?

                                                                                                                                                                Let me show you a minimal nix package:

                                                                                                                                                                pkgs.writeScriptBin "greeter" "echo Hello $1!"
                                                                                                                                                                

                                                                                                                                                                Et voila! You have a fine nix package of a utility called greeter that you can let other nix packages depend on, install to your environment as a user or make available in nix-shell. Here’s a function that returns a package:

                                                                                                                                                                greeting: pkgs.writeScriptBin "greeter" "echo ${greeting} $1!"
                                                                                                                                                                

                                                                                                                                                                What you have here is a lambda expression, that accepts something that you can splice into a string and returns a package! Nix packages in nixpkgs are typically functions, and they offer an a great amount of customizability without much effort (for both the author and the user).

                                                                                                                                                                At work, we build, package and deploy with nix (on the cloud and on premises), and we probably have ~1000 nix packages of our own. Nobody is counting though, since writing packages doesn’t feel like a thing you do with nix. Do you count the number of curly braces in your code, for instance? If you’re used to purely functional programming, nix is very natural and expressive. So much so that you could actually write your application in the language if it’s IO system were designed for it.

                                                                                                                                                                It also helps a lot that nix can seamlessly be installed on any Linux distro (and macOS) without getting in the way of its host.

                                                                                                                                                                1. 1

                                                                                                                                                                  If only ZFS from Oracle hadn’t had the licensing compatibility issues it currently has, it would probably have landed in the kernel by now. Subsequently, the usage would have been higher and so would the quality of the community documentation.

                                                                                                                                                                2. 4

                                                                                                                                                                  If I can learn to build packages I’ll probably replace lobsters-ansible with it

                                                                                                                                                                  Exactly. I don’t have much experience with Nix (none, actually). But in theory it seems like it can be a really nice OS-level replacement for tools like Ansible, SaltStack, etc.

                                                                                                                                                                  1. 1

                                                                                                                                                                    This is exactly what NixOps does! See here.

                                                                                                                                                                    1. 2

                                                                                                                                                                      Thanks for the video. I’ll watch it over the weekend!

                                                                                                                                                                      Curious - are you also running NixOS on your personal machine(s)? I’ve been running Arch for a long time now but considering switching to Nix just because it makes so much more sense. But the Arch documentation and the amount of packages available (if you count the AUR in) is something that’s difficult to leave.

                                                                                                                                                                      1. 1

                                                                                                                                                                        Yes, I’m using it on my personal machine :). I wouldn’t recommend switching to NixOS all at once, what worked for me was to install the Nix package manager, use it for package management and creating development environments, and then only switch once I was fully convinced that NixOS could do everything I wanted from my Ubuntu install. This took me about a year, even with me using it for everything at work. Another approach would be to get a separate laptop and put NixOS on that to see how you like it.

                                                                                                                                                                        1. 1

                                                                                                                                                                          Interesting. I’ll try it out for some time on a VM to get a hang of it. Thanks for the info!

                                                                                                                                                                  2. 3

                                                                                                                                                                    Even as a Ubuntu user, I’ve frequently found the detailed documentation on the Arch wiki really helpful.

                                                                                                                                                                    1. 2

                                                                                                                                                                      I really want to use Nix but I tried installing it last month and it doesn’t seem to have great support for Wayland yet which is a deal breaker for me as I use multiple HiDPI screens and Wayland makes that experience much better. Anyone managed to get Nix working with Wayland?

                                                                                                                                                                      1. 2

                                                                                                                                                                        Arch’s wiki explaining how to do everything piecemeal really seems strange given its philosophy is assuming their users should be able to meaningfully help fix whatever problems cause their system to self-destruct on upgrade. It’s obviously appreciated, but still…confusing, given how many Arch users I’ve met who know nothing about their system except what the wiki’s told them.

                                                                                                                                                                        1. 1

                                                                                                                                                                          I gave up on my nix experiment, too much of it is un- or under-documented. And I’m sorry I derailed this Arch discussion.

                                                                                                                                                                          1. 1

                                                                                                                                                                            I’m happy to help if I can! I’m on the DevOps team at work, where use it extensively, and I did a presentation demonstrating usage at linux.conf.au this year. All my Linux laptops run NixOS and I’m very happy with it as an operating system. My configuration lives here.

                                                                                                                                                                            1. 2

                                                                                                                                                                              Ah, howdy again. I’m working my way through the “pills” documentation to figure out what’s missing from the nix manual. If you have a small, complete example of how to build a single package that’d probably be pretty useful to link from the github issue.

                                                                                                                                                                              1. 2

                                                                                                                                                                                I made a small change to the example to get it to build, and I’ve added it as a comment to your issue.

                                                                                                                                                                          1. 10

                                                                                                                                                                            The author suggests that you could take linux cgroups, namespaces, packaging tools and filesystems to build something that would let you package and run isolated services.

                                                                                                                                                                            I suggest that a group of people have already done that, and called it Docker.

                                                                                                                                                                            1. 1

                                                                                                                                                                              I don’t know much about this, but it seems like the author’s saying that while Docker does abstract over these utilities, it also adds some new overhead & complexity in exchange. And from what I can see, reduce flexibility and interoperability on top of all of that.

                                                                                                                                                                              Is Docker’s implementation truly as simple as you suggest? And if so, is unifying & packaging this functionality a better solution than writing a guide on how to configure the set-up yourself? After all, we developers don’t go around saying our computers’ built-in utilities are too complex for web functionality and we should use entire browsers to do the same thing instead! …oh wait.

                                                                                                                                                                              1. 2

                                                                                                                                                                                Docker is not simple (it’s 10 million+ lines of code!), and you absolutely get new overhead and complexity, as you do with anything that abstracts over a set of components and adds features on top of them. It reduces flexibility, as many abstractions do. But those things are not inherently downsides of Docker - that complexity adds features on top, and it’s able to provide a standard approach and set of features.

                                                                                                                                                                                The author’s suggestion that you could put those components together in a couple of scripts and get the same results as Docker is pretty silly - people have done exactly that, resulting in projects like bocker (docker in 1000 lines of bash) which is neat but avoids implementing any of the actually hard parts of docker, like networking, filesystems or system setup.

                                                                                                                                                                                And if so, is unifying & packaging this functionality a better solution than writing a guide on how to configure the set-up yourself?

                                                                                                                                                                                It think it absolutely is, in almost any situation. Giving people tools they can use without needing to understand the details is incredibly useful, as it means they can spend their time working on more important things. I find it hard to imagine any situation where the answer to that isn’t yes.

                                                                                                                                                                                1. 1

                                                                                                                                                                                  I understand. In that case, what would be missing if the “hard parts” were implemented in the scripts as well? Or, from another perspective, why couldn’t Docker itself consist of a bunch of shellscripts? Wouldn’t using existing system utilities be a boon for modularity?

                                                                                                                                                                                  1. 2

                                                                                                                                                                                    I think you’re conflating “uses existing system utilities” (which Docker does) with “written in shell scripts” (which Docker is not). There’s not really any good reason to write things in sh/bash other than it’s ease of use for small tasks - it’s certainly not suited for writing anything at all complex.

                                                                                                                                                                                    1. 1

                                                                                                                                                                                      Oh. If it already uses system utilities (such as chroot or systemd-nspawn, as the author suggests), then what on earth is the author complaining about? It seems like he’s saying that Docker goes about doing this in a roundabout fashion, but to hear you say it, that is false.

                                                                                                                                                                            1. 8

                                                                                                                                                                              This seems almost entirely a reaction to a set of values (“new shiny technology is good!”) rather than a set of values that stands on it’s own merits. The examples in particular list a set of technologies - microservices, NoSQL, single-page apps - that while possibly used often where they don’t need to be still have real cases where they are appropriate, valuable solutions.

                                                                                                                                                                              1. 3

                                                                                                                                                                                I like most of this, save for unquoted string values - as lines like x: true become ambiguous (could be either the string "true" or the boolean true). YAML does this, but with a whole list of words that evaluate to true or false which can easily lead to subtle mistakes.

                                                                                                                                                                                1. 1

                                                                                                                                                                                  I found that in practice it works surprisingly well, and is less error prone than Yaml – I never got bitten by the unquoted strings, for what it’s worth. It’s a syntax that deserves to be more well known, and a good alternative to *ml languages.

                                                                                                                                                                                1. 7

                                                                                                                                                                                  I do something very similar with Ansible. I’ve found it a lot more effective than bash scripting or tools that symlink dotfiles into a home directory, since it not only manages configuration but also installing the applications that use that configuration - I think more of my setup is installing apps over configuring them now.

                                                                                                                                                                                  I also use peru to download applications I can’t install from a standard package repository and store them in my git repo, so that I’m relying on fewer external downloads at setup time, and can easily control when they update.

                                                                                                                                                                                  1. 1

                                                                                                                                                                                    Thanks for the hat tip to peru. I’ll have to check that out.