1. 13

    If you’re like most people in America, you use a text editor nearly every day. Whether it’s your basic Apple Notes, or something more advanced like Google Docs, Microsoft Word or Medium

    These are not text editors but “word processors”.

    1. 6

      Word processors are a special case of text editors imo. They’re definitely not optimized for programming, but most programming editors I’ve used share more with Word than they share with, say, vim or ed.

    1. 1

      As a developer who moved from Linux to the macOS platform, this made me think about how many non-native apps I use as replacements for the Apple version. The obvious ones I’m thinking of:

      • Alfred instead of Spotlight
      • iTerm2 instead of Terminal
      • Dropbox instead of iCloud
      • Chrome instead of Safari
      • Gmail instead of Mail
      • Google Maps instead of Maps
      • VLC instead of iMovie
      • Spotify instead of iTunes
      • Signal instead of Messages

      &c. This surely isn’t a good trend for Apple to allow to continue.

      1. 13

        That’s not what’s meant by “native” in this case. Alfred, iTerm, Dropbox, Chrome, and VLC are native. Spotify is Electron, and I’m not sure about Signal. I’m guessing it’s probably a native app that does most of its UI in a WebView.

        1. 5

          Signal for Desktops is Electron.

          1. 2

            As it might be useful to describe what is meant by native, it means something on a spectrum between “using the platform-supplied libraries and UI widgets”, i.e. Cocoa and “not a wrapped browser or Electron app”, so it’s not clear whether an application using the Qt framework would be considered “native”. It could be delivered through the App Store and subject to the sandbox restrictions, so fits the bill for a “native” app in the original post, but it would also not be using the native platform features which are presumably seen as Apple’s competitive advantage for the purpose of the same post.

            1. 2

              I’d call QT native. It doesn’t use the native widgets, but then neither do most applications that are available on multiple platforms.

              1. 2

                It may be native, but it’s not Mac-native in the sense Gruber was talking about. You will find that all three uses of “native” in his article appear as “native Cocoa apps” or “native Mac apps”. He is talking about a quite specific sense of native: apps that integrate seamlessly with all of the MacOS UI conventions (services, system-wide text substitutions, native emoji picker, drag & drop behaviours, proxy icons, and a myriad more). Qt apps do not.

          2. 5

            Why is it not a good trend? You are still using a Mac .. they sold you the hardware. Should they care about what apps you run?

            1. 3

              Apps with good experiences that aren’t available on other platforms keep users around. Third-party iOS apps do a better job of moving iPhones than anything else Apple does, because people who already have a pile of iOS apps they use generally buy new iPhones.

              Electron is just the latest in a long series of cross-platform app toolkits, and it has the same problems that every other one has had: look & feel, perceived inefficiency, and for the OS vendor, doesn’t provide a moat.

              1. 1

                Counterpoint, their apps have always been limited and really for people who weren’t willing to learn and use more robust tooling. I mean how many professionals use iMovie.

                1. 1

                  iMovie is a good example. I’m guessing a lot of us prefer VLC.

              2. 1

                It’s good for the end user but not a good trend for their business model, part of which is to have best-in-class apps. Don’t get me wrong, I like having choice and I think they shouldn’t force you into their own app ecosystem.

            1. 10

              Our goal is to deliver the best experience for customers, which includes overall performance and prolonging the life of their devices. Lithium-ion batteries become less capable of supplying peak current demands when in cold conditions, have a low battery charge or as they age over time, which can result in the device unexpectedly shutting down to protect its electronic components.

              Last year we released a feature for iPhone 6, iPhone 6s and iPhone SE to smooth out the instantaneous peaks only when needed to prevent the device from unexpectedly shutting down during these conditions. We’ve now extended that feature to iPhone 7 with iOS 11.2, and plan to add support for other products in the future.

              Come on. If this is really about managing demand spikes, why limit the “feature” to the older phones? Surely iPhone 8 and X users would also prefer that their phones not shut down when it’s cold or the battery is low?

              1. 6

                I would assume most of those phones are new enough where the battery cycles aren’t enough to cause significant enough wear on the battery to trip the governor, and/or battery technology improved on those models.

                It’s really a lose-lose for Apple whichever way they do it, and they IMHO picked the best compromise: run the phone normally on a worn battery and reduce battery life further, and risk just shutting off when the battery can’t deliver the necessary voltages on bursty workloads; or throttle the performance to try to keep battery life consistent and phone running with a battery delivering reduced voltages?

                1. 6

                  Apple could have also opted to make the battery replaceable, and communicate to the user when to do that. But then that’s not really Apple’s style.

                  1. 3

                    I believe that’s called “visiting an Apple store.” Besides, as I’ve said elsewhere in this thread, replacing a battery on an iPhone is pretty easy; remove the screen, (it’s held in with two screws and comes out with a suction cup) and the battery is right there.

                  2. 4

                    and plan to add support for other products in the future.

                    They probably launched on older phones first since older phones are disproportionately affected.

                    1. 2

                      Other media reports indicate that battery performance loss is not just a function of age but of other things like exposure to heat. They also indicate that this smoothing doesn’t just happen indiscriminately but is triggered by some diagnostic checks of the battery’s condition. So it seems like making this feature available on newer phones would have no detrimental effect on most users (because their batteries would still be good) and might help some users (whose batteries have seen abnormally harsh use or environmental conditions). So what is gained by limiting it only to those using older models? Why does a brand new iPhone 7 bought new from Apple today, with a brand new battery, have this feature enabled while an 8 does not?

                      1. 2

                        Probably easier for the test team to find an iPhone 7 or 6 with a worse battery than an 8. the cpu and some other components are different.

                        1. 3

                          There are documented standards for rapidly aging different kinds of batteries (for lead-acid batteries, like in cars, SAE J240 says you basically sous-vide cook them while rapidly charging and draining them), and I’d be appalled if Apple didn’t simulate battery aging for two or more years as part of engineering a product that makes or breaks the company.

                  1. 6

                    I’m curious as to why some drawing commands are nondeterministic across machines, even running the same software.

                    1. 5

                      I surveyed some finger printing algorithms a few months ago and I learned that the fingerprinting algorithms gather information about your machine and browser capabilities: the OS, the screen resolution, the screen size, the font list, and machine specifications (3d extensions, graphics accelerations, etc.). WebGL would be especially rich for exposing this information. Drawing to a canvas could be a way to sniff some of these capabilities out even if they the browser is not letting 3rd party JS know about them. This is all conjecture but seems likely.

                    1. 4

                      I can be found at @tscs37@mastodon.social, though not very active since it’s my public non-shitposting account to some extend (I’ve been heavily using my shitposting account, should change that)

                      Does anybody know of a good web client that supports multiple accounts?

                      1. 4

                        Do you mind sharing your shitposting account? I’m honestly more interested in that than anything else.

                        1. 4

                          that would be this one

                      1. 3

                        I just set up mine a week or two ago, I’m bonzoesc@m.bonzoesc.net, probably going to end up as a typical shitpost zone.

                        1. 7

                          I’ve been using a Samsung ARM Chromebook (1st generation) as my daily driver for the past 4 years. It’s a lowend, underpowered machine with nothing to write home about, but it can support a full Arch Linux ARM installation, run a web browser just fine, and have an adequate number of terminals. I love it. The battery life hasn’t changed at all since I bought it, it’s still consistently getting >7 hours. I have other friends with ARM laptops from other manufacturers, the battery life story is one I hear consistently.

                          1. [Comment removed by author]

                            1. 6

                              dz, I wrote up a blog post about this: http://blog.jamesluck.com/installing-real-linux-on-arm-chromebook I completely replaced ChromeOS with Archlinux ARM on the internal SSD. The gist of the process is that you make a live USB, boot to that, and then follow the same procedure for making the bootable USB onto the SSD. You just have to untar the root filesystem, edit /etc/fstab, and correct the networking config!

                              1. 2

                                Thanks so much for writing and sharing!

                              2. 1

                                If it’s anything like my Samsung ARM Chromebook, you can boot a different os off external storage (i.e. an SD card), or possibly replace Chrome OS on the internal solid-state storage.

                                1. 1

                                  You can replace ChromeOS. Here’s the Arch wiki on the 1st gen Samsung ARM Chromebook and the Samsung Chromebook Plus.

                              1. 1

                                Can’t you just option+click on Update and select the IPSW file? I don’t think any of the spoofing apple servers is required.

                                1. 1

                                  Only if you both have the IPSW file (not easy to download for a non-iOS-administrator) and know to option-click update (it’s completely undiscoverable).

                                  1. 1

                                    I thought the ipsw download links were common knowledge …

                                1. 3

                                  irreversibility, an essential design feature of cryptocurrency blockchains, is the fatal flaw of cryptocurrency that is responsible for most cryptocurrency and smart contract disasters

                                  If people wanted repudiation, they would use PayPal.

                                  Repudiation is one of the worst parts of the existing financial system, because it encourages horrendous failure-prone system design (since we can just roll it back no problem!). On a practical level, repudiation is fundamentally incompatible with the goals of a trustworthy, mechanized, objective finance system.

                                  (Although arguably it makes sense for ethereum since they’ve already given up on all three of those things by manually reversing the DAO “hack” even though it was a perfectly valid contract. So much for “code is law”.)

                                  On a philosophical level, Bitcoin is all about giving you more control at the expense of no one holding your hand. That’s the way it was designed, and that’s the way we want it. Repudiation fundamentally means loss of trust or loss of control. If anyone can reverse their own transactions, we lose trust. If there’s some centralized party that can choose to reverse transactions, we lose control.

                                  1. 5

                                    as long as human will build computer system, you will have to have way to recover against human errors. The only systems that don’t support this recovery system is human endangering systems which are gambled to be error free.

                                    1. 6

                                      Yes, I’m saying that’s unworkable for anyone who just wants to move value around in a money-like manner and isn’t ideologically committed to dealing with the brittleness of the resulting system.

                                      1. 0

                                        Is cash unworkable? It has basically the same non-repudiation properties as Bitcoin, and yet people seemed to do OK with it for a long time (and before that, same deal with specie, and before that with commodities, etc.).

                                        The existence of repudiation is a consequence of the emergence of unreliable credit systems, not something people sought out.

                                        1. 13

                                          Actually no, repudiation in the sense of contracts existed long before unreliable credit systems. Courts would “rollback” a contractual transaction for various different reasons. Among them failure on one party to understand what the other party meant in the wording of a contract. This could be due to one or both parties interpreting the language of the contract differently. This is a feature and not a bug of contract law.

                                          As the bugs in smart contracts indicate it’s frequently possible for both the author of the contract and the counterparties to not fully understand what the contract actually says. This is for most people a bug and not a feature. Only idealists and thiefs would look at it as a feature. The idealist is willing to sacrifice assets for the ideal of an unbiased contract enforcer. The other likes the idea that they can take money from people who didn’t think it was possible with no consequences.

                                          Thiefs were exploiting the legal system long before this of course but since smart contracts are obviously capable of quite serious bugs. You’ve just traded one group of exploiters for another which certainly hasn’t moved us in a direction of progress, and may in fact have moved us a few steps backwards since the smart contract by definition doesn’t allow for any kind of remediation of the exploit.

                                          1. 0

                                            Contract invalidation risk is related to, but not the same as, counterparty and settlement risk in trading.

                                            Modern credit systems didn’t exist until the late 1600s. Credit existed long before this, but its scope was strictly limited. Fungible obligations, short selling, futures, and all the other staples of modern trading are for the most part less than 500 years old.

                                            As the bugs in smart contracts indicate it’s frequently possible for both the author of the contract and the counterparties to not fully understand what the contract actually says

                                            You can’t blame human failures on the system they’re failing with. It’s not a “bug”, it’s the entire point.

                                            1. 10

                                              You can’t blame human failures on the system they’re failing with. It’s not a “bug”, it’s the entire point.

                                              The entire point of systems engineering is to understand how system design leads to human failures.

                                              1. 9

                                                Fungible obligations, short selling, futures, and all the other staples of modern trading are for the most part less than 500 years old.

                                                That’s not true. The ancient Babylonians had grains futures markets. Credit instruments, in many cases, predate cash.

                                                1. 8

                                                  You can’t blame human failures on the system they’re failing with.

                                                  You can when literally Gavin Wood can’t write a contract that won’t lose him literally tens of millions of dollars. This strongly suggests the ideological imperative in question fails when it hits reality. “[ideology] cannot fail, it can only be failed” is the stuff of cults.

                                                  1. 0

                                                    You can when literally Gavin Wood can’t write a contract that won’t lose him literally tens of millions of dollars.

                                                    Sounds like Gavin Wood is one of the original developers of ethereum, which is exactly the sort of person I would expect to lose tens of millions of dollars due to lack of rigor.

                                                    “[ideology] cannot fail, it can only be failed” is the stuff of cults.

                                                    Are mathematics and formal logic cults?

                                                    That’s what this comes down to; I agree ethereum in particular is unsuitable as a financial system, but all that means is that we have to increase our expectations of formality in financial system design.

                                                    1. 5

                                                      Are mathematics and formal logic cults?

                                                      No, but the idea of wiring them into a financial system in a way that quite efficiently separates less-rigorous people from their investments sure is. People have a hard time dealing with formalized logic systems, and get tremendous value from a squishy financial system with chargebacks and courts and mutable rules.

                                                      1. 4

                                                        Also, we’re really bad at doing math good :(

                                                        1. 0

                                                          Good thing grandma doesn’t need to write a proof every time she sends Bitcoin; only expert imementers need to care about this stuff.

                                                          1. 6

                                                            This is categorically not true. Because when Grandma wants to send money via a smart contract on a blockchain she must either trust that the writer of the contract was a benevolent expert or be an expert herself. This continued insistence that math will protect less math savvy people from more math savvy people is why every conversation with the idealist breaks down.

                                                            Grandma isn’t an idealist. She just wants to be one of the parties in a smart contract. But grandma can’t safely do it. Period.

                                                            1. 4

                                                              A good example is the EtherDelta hack. Approximately 0 crypto users can audit their software, let alone do audit it; they trust that someone else has done the security legwork to decompile and inspect a smart contract or a huge pile of minified JavaScript.

                                                              One could then answer “well they deserve what happens to them, doing that in cryptocurrency” - but then you’re back to the problem that this is substantially only a problem if you insist on using cryptocurrency for things that are currently done without it. The primary use case is ideological, ‘cos it sure isn’t practical.

                                                    2. 4

                                                      A bug is code that doesn’t work they way you meant it to. Blame lies with the Humans absolutely. But that’s the whole problem. Humans have to write the contracts. Humans also have to trust the contracts. Since Humans have to write them Humans also can’t trust them.

                                                      This make smart contracts considerably more risky. That is the entire point of their critics.

                                                      1. 0

                                                        Humans have to write the contracts. Humans also have to trust the contracts. Since Humans have to write them Humans also can’t trust them.

                                                        This would all be true in the absence of formal methods, which people whom I actually trust to build a working financial system are currently trying to fix.

                                                        I agree that existing “smart” contract systems suck, but the fundamental idea is perfectly sound.

                                                        1. 4

                                                          We probably would need to agree to disagree. I suspect the above would still be true even if you had formal methods.

                                                          1. 2

                                                            I think so too. The issue here seems to have been a combination of the following:

                                                            1. code sharing (“external library”) to reduce deployment cost in the form of gas
                                                            2. not knowing or realizing the library was actually a multi-sig wallet contract and thus vulnerable to the previously fixed vulnerability
                                                            3. not considering the ill effects of calling a “kill function” on such a wallet
                                                          2. 3

                                                            formal methods only prove what you specified. usually the way to hack formal proven programs is to play on unspecified things.

                                                    3. 4

                                                      Is cash unworkable? It has basically the same non-repudiation properties as Bitcoin, and yet people seemed to do OK with it for a long time

                                                      The widespread use of cash is actually a pretty recent invention. “Cash” as we currently conceive of it (paper money, gold coins, silver bars, etc) has not historically been the primary financial instrument in people’s lives. The primary financial instrument has been credit. Historically, people would ring up a tab, and then pay it off. Even as late as the 1600s, it was possible for English kings to recall all of the coins in circulation and have it reminted with their likeness.

                                                      This was workable because people lived in close-knit communities, and social and legal remedies could be effectively used against people who failed to pay off their debts. Cash was used when trading with people who could not be trusted, usually because they were merchants who were from outside the community.

                                                      It’s only as we move to a more atomized, anonymous society that cash becomes more widely used. But even in a highly cash-oriented society, if you actually looked at the transactions, most “large” transactions were conducted in a repudiable medium, like cheques or bank transfers.

                                                      1. 3

                                                        I’d rather trade some repudiation potentially happening to having to lug around gold coins when I want to buy something. I find the arguments against repudiation a bit overblown. There was no lack of fraud, insolvency or straight-up moral hazard in the “good old days” of the gold standard.

                                                        1. 0

                                                          I’d rather trade some repudiation potentially happening to having to lug around gold coins when I want to buy something.

                                                          Bitcoin allows you to keep both. It’s easy to transport and non-repudiable. That’s the point.

                                                        2. 4

                                                          Two problems with the cash analogy:

                                                          1. Someone can’t pick your pocket from the other side of the world.
                                                          2. Bitcoin acts much more like a balance in an electronically-accessible bank account. Except with no customer service and a terrible user experience. And ridiculously high fees. And long transaction delays.

                                                          It combines the worst of both worlds.

                                                          The existence of repudiation is a consequence of the emergence of unreliable credit systems, not something people sought out.

                                                          This is completely historically false, as zaphar points out below.

                                                          1. 3

                                                            Actually, bitcoins have lot of less problems than ethereum. It has an only point of failure which is to keep the private key secret. (There is several variation on how this secret key can be stolen, but it is far smaller problem than the way bug can be introduced in smart contract)

                                                            1. 2

                                                              Someone can’t pick your pocket from the other side of the world.

                                                              Someone also can’t steal your cryptocurrencies from the other side of the world unless you’re acting stupid and trust a third-party wallet service.

                                                              Bitcoin acts much more like a balance in an electronically-accessible bank account.

                                                              “Cash acts much more like a balance in a physically-accessible bank account.” What are you trying to communicate with this statement?

                                                              Except with no customer service

                                                              You don’t need one; anything that’s possible you can do on your own. Sure, if you’re totally clueless it might be harder for you, but it’s a massive improvement for people who know what they’re doing.

                                                              and a terrible user experience.

                                                              Right, because banks score so highly for customer satisfaction. The reason I tried bitcoin was because banks kept fucking me over in ridiculous ways. The state comptroller stole thousands of dollars from my Wells Fargo account because of a paperwork error (not possible with bitcoin), and after I got it fixed and had the money refunded, Wells Fargo charged me hundreds in “legal fees” for the pleasure of helping the government steal my money.

                                                              And ridiculously high fees.

                                                              Compared to what? Even with the current insane transaction volume, it’s still cheaper than PayPal or credit cards, for any purchase over, say, $50. It’s only going to get cheaper as we find ways to take the pressure off (a la lightning network).

                                                              And long transaction delays.

                                                              I thought you were the one who liked repudiation? A transaction “going through” just means it’s no longer repudiable. Bitcoin transactions clear to the level of a credit card transaction instantly, and to the level that credit card transactions do after ~6 months on an average of ten minutes.

                                                              This is completely historically false,

                                                              No, it’s really not. For some historical context look up Hawala (early credit system) and then read about the emergence of modern financial instruments in the Netherlands in the late 1600s, including modern notions of settlement.

                                                              1. 5

                                                                Someone also can’t steal your cryptocurrencies from the other side of the world unless you’re acting stupid and trust a third-party wallet service.

                                                                Except the article in question is exactly that with no one acting stupid. A contract had an unintended effect that allowed someone playing around to accidentally revoke access to assets guarded by that contract. That is demonstrably the entire thing that a smart contract is for. Are you suggesting that your money is safe as long as you don’t use a smart contract and don’t be stupid? I would agree but the context of this conversation isn’t crypto-currency. It’s smart contracts.

                                                                1. 6

                                                                  Someone also can’t steal your cryptocurrencies from the other side of the world unless you’re acting stupid and trust a third-party wallet service.

                                                                  see, you say this, but it turns out that “be your own bank” also means “be your own financial institution chief security officer”, and that turns out in repeated practice to be really hard, hence the repeated tales on /r/bitcoin of people losing their holding to user error or computer mishaps.

                                                                  Here’s the Bitcoin Wiki guide to being your own bank: https://en.bitcoin.it/wiki/Securing_your_wallet Give that to your favourite nontechnical relative and see how they do.

                                                                  it’s still cheaper than PayPal or credit cards, for any purchase over, say, $50.

                                                                  This is entirely false in the UK.

                                                                  The rest of your post is a Gish gallop of non sequiturs.

                                                                  1. -1

                                                                    hence the repeated tales on /r/bitcoin of people losing their holding to user error or computer mishaps

                                                                    Yes, you expect some level of failure in a population of millions.

                                                                    Give that to your favourite nontechnical relative and see how they do.

                                                                    Any idiot can use a phone app like Mycelium and be sufficiently secure. Give them a Trezor if you’re really worried.

                                                                    This is entirely false in the UK.

                                                                    Are you claiming that credit cards don’t charge fees in the UK?

                                                                    The rest of your post is a Gish gallop of non sequiturs.

                                                                    Everything I said was a direct response to one of your points, so I think you mean “I don’t know how to refute what you said so I’m going to dismiss it instead”.

                                                        1. 2

                                                          Big thing missing from that comparison was price…

                                                          1. 1

                                                            The price for the Qualcomm part may not be public yet.

                                                            1. 3

                                                              https://www.qualcomm.com/news/releases/2017/11/08/qualcomm-datacenter-technologies-announces-commercial-shipment-qualcomm

                                                              list price of $1,995, the 48 core Qualcomm Centriq 2460 processor offers greater than 4X better performance per dollar and up to 45% better performance per watt versus Intel’s highest-performance Skylake processor, the Intel Xeon Platinum 818[1].

                                                          1. 3

                                                            Not even a full year after the DAO hack.

                                                            Will Ethereum ever manage to develop a programmable blockchain without bugs?

                                                            1. 6

                                                              This is functionally equivalent to developing software in general without bugs.

                                                              We all know how easy that is.

                                                              1. 4

                                                                I.e. it’s doable if the work is competent and thorough. I would not use either of these terms to describe anything about ethereum.

                                                                On the other hand, a promising development here, which will hopefully be applied to Bitcoin in the future: https://blockstream.com/simplicity.pdf

                                                                1. 2

                                                                  I think the challenge comes from the complexity of smart contracts. Bitcoin has never had bugs this bad, but Bitcoin is not programmable.

                                                                  Ethereum changes too quickly for me to keep up - are these programmable contracts Turing-complete? Their chain might be more secure if the smart contract language was less powerful. Simple languages are a lot easier to reason about, and to prove the safety of.

                                                                  1. 2

                                                                    Bitcoin is programmable to a certain extent (you can do escrow for example) but it has not a turing complete language. I totally agree that their smart contract language should not be turing complete

                                                                  2. 2

                                                                    John Nagle (Animats) suggested Decision Tables since they can be setup to be quite intuitive and analyzed by machines:

                                                                    https://en.wikipedia.org/wiki/Decision_table

                                                                    One can also apply lessons from Design by Contract to embed constraints. One might also have the transaction generate traces that have to be sanity checked in a pre-agreed-upon way. There’s stuff that blockchains might explore that don’t require fancy programming languages so much as increasing clarity for people writing the contracts.

                                                                    1. 1

                                                                      it is a beautiful idea

                                                                  3. 3

                                                                    It’s the same problem as any other programming environment: people will build programs that have bugs, and while the environment can and should work to eliminate software errors, we will always invent new classes of bugs that will require extensive research to understand, detect, and prevent.

                                                                  1. 9

                                                                    It turns out the machines that feel quick are actually quick, much quicker than my modern computer – computers from the 70s and 80s commonly have keypress-to-screen-update latencies in the 30ms to 50ms range out of the box, whereas modern computers are usually in the 100ms to 200ms range.

                                                                    This makes me sad.

                                                                    Updated to add: if the original author is reading this, I have some 1990s Models M and a modern Unicomp (Model M remake built by the original IBM contractor) and I’d be really interested in seeing how they compare. I am in NYC and would be happy to lend them to you. But your “please contact me” link goes to Twitter (of which I am not a member), so please e-mail me if you are interested.

                                                                    1. 3

                                                                      For the 90s keyboards, you might want to measure the latency coming out of the original interface, then as it goes through a PS/2->USB converter (or in my case, an AT->PS/2->USB converter).

                                                                      1. 1

                                                                        Heh. I used a single “Windows 98 ready!” Logitech NewTouch ergo keyboard with an integrated touchpad for the bulk of my career, taking it with me from job to job. Best keyboard feel I ever found, and completely indestructible. I can’t speak to its latency, but its longevity was legendary – six jobs, sixteen years, and who knows how many lines of code.

                                                                        The series of keyboard connectors that I had to use to keep it running got pretty ludicrous though, and I remember that a crummy ps/2 to usb converter did seem to change how responsive the keyboard felt. It was worth it to suffer the return line at Fry’s to find good ones.

                                                                      2. 2

                                                                        Models M

                                                                        Thank you for your proper pluralization.

                                                                      1. 1

                                                                        I’m noticing that the Das 3 and the Filco Majestouch both link to the “clicky” MX blue variant. Could this be why they placed higher than other MX counterparts? It would be nice to see switch data.

                                                                        1. 1

                                                                          Aren’t the latencies due to electronics and not mechanical? That would explain why the ErgoDox places so average - because the firmware can do so many different things.

                                                                          1. 1

                                                                            The latency measurements are the time from when the key starts moving to the time when the USB packet associated with the key makes it out onto the USB bus.

                                                                            The Apple keyboard in first place has very little key travel, while the Planck and Ergodox in the middle of the heap probably have full-travel mechanical switches that have a way to move before closing the circuit.

                                                                            1. 2

                                                                              Which also makes the results surprising because the Filco has quite a lot of key travel. It would be interesting if this could be broken down further by activating the switches directly and comparing that to the overall time.

                                                                        1. 3

                                                                          Yubikey has a page up for their hardware, some of which is vulnerable: https://www.yubico.com/keycheck/

                                                                            1. 5

                                                                              This response confuses me. There’s an appeal that they exist in a kind of useless corner of PACELC (“sometimes we’re consistent and slow, and sometimes we’re inconsistent,”) a diagram that I feel wants to bamboozle me but just makes me cringe, some Java Jargon about data grids, and a bit of backing off on availability for future versions of particular object types.

                                                                              1. 0

                                                                                Yep, they’re butt-hurt over someone exposing the fact that their software doesn’t do what people expect it to do.

                                                                              2. 2

                                                                                “Before going into that[,] lets[sic] go into how common network partitions are.”

                                                                                This sentence, or something like it, is a pretty sure sign that what you’re going to read in a few seconds contains some (or is entirely) bullshit.

                                                                                1. 1

                                                                                  The best I can interpret from this is that the author seems to believe that a PA system requires losing writes. The blog seems to be saying “Yes, we are PA/EC, so of course these are the results you’d expect”. Which is clearly not true.

                                                                                1. 12

                                                                                  I don’t understand why “With Ruby’s syntax” is such a selling point. There are a lot of gotchas in it, it doesn’t seem to be any more ergonomic than other syntactic styles, and it seems a particularly bad fit for a statically typed language.

                                                                                  1. 10

                                                                                    /me gets ready to burn some Internet credibility

                                                                                    I’m a fan of Ruby’s syntax, despite being a big FP nerd. I don’t know why I like it, to be honest. I think it is the preference of English-y words over sigils.

                                                                                    1. 2

                                                                                      I like that it reads really nicely with the standard formatting and long/descriptive variable and function names:

                                                                                      def initialize(client, keys)
                                                                                        raise ArgumentError, t('client_type', :client => client.inspect) unless client.is_a? Riak::Client
                                                                                        raise ArgumentError, t('array_type', :array => keys.inspect) unless keys.is_a? Array
                                                                                      
                                                                                        self.thread_count = client.multi_threads
                                                                                        validate_keys keys
                                                                                        @client = client
                                                                                        @keys = keys.uniq
                                                                                        self.result_hash = {}
                                                                                        @finished = false
                                                                                      end
                                                                                      

                                                                                      It’s pure preference, but it feels more welcoming to me than any other language I’ve learned.

                                                                                    2. 3

                                                                                      I guess the syntax itself is OK, what I have a problem with is the whole “implicit” nature of Ruby code. I always get confused when things happen in my code that I didn’t ask for or didn’t know of.

                                                                                      1. 1

                                                                                        That’s a problem with using any featureful library without fully understanding it beforehand, though ruby makes it harder by having nonlocal imports.

                                                                                    1. 5

                                                                                      I’ll be going this year, my first ever Def Con and I’m super excited.

                                                                                      If anyone has tips for getting the most out of it I’d love to hear it.

                                                                                      1. 6

                                                                                        This thread on twitter is good: https://twitter.com/tarah/status/886323500419436544

                                                                                        In my experience: say hello to randos that look bored/lonely, do contests, save the talks for when they show up on youtube, drink lots of water (not booze, not soda, not coffee, yes water), and don’t forget to eat, shower, and sleep.

                                                                                        1. 5

                                                                                          The talks are important and make sure to hit the ones that interest you the most, but the social aspect is the part that sets security cons apart. Over the years I’ve ended up going to less and less of the talks and instead watching them when I get back from the con. Talk to people! I wonder if there is enough interest to have an impromptu meetup for lobsters at DefCon/BSidesLV.

                                                                                        1. 10

                                                                                          I’ve read many people say that dvorak was fine for the vim movement keys.

                                                                                          And as for the keycaps, I’m not sure I see the problem, why not just use a blank keyboard and switch at will?

                                                                                          1. 5

                                                                                            Although I am in theory capable of typing without looking at the keys, in practice I do a lot of key stabbing as well. And a lot of one handed typing as well. I’ve practiced this some in the dark, and it’s no fun. Definitely not interested in a blank keyboard.

                                                                                            Anyway, same experience as the author. Learned dvorak because there were people who didn’t know dvorak, used it for a while, then found I had trouble using a qwerty keyboard. Now I just use qwerty full time, but go back and practice dvorak for a week or so at a time to maintain the skill in case I ever have a compelling reason to switch.

                                                                                            I like dvorak for English, but find it substantially more annoying for code. And it’s a disaster for passwords. I usually set up hotkeys so I can quickly change on the fly depending on what and how much I’m typing.

                                                                                            1. 2

                                                                                              I love Dvorak for code! Having -_ and =+ much closer is so convenient.

                                                                                              1. 1

                                                                                                More than { [ ] }?

                                                                                                1. 2

                                                                                                  For sure, think about where it’s now positioned. Typing …) {… is so easy when ) and { are side by side. And for code that doesn’t use egyptian braces, )<enter>{ is easier for me too. When I hit enter with my pinky, and follow up with { with my middle finger, that’s natural. But trying to squeeze my middle finger into the QWERTY location for { while my pinky is still on enter totally sucks.

                                                                                                  Meanwhile -_=+ are all typed in line with other words (i.e. variable names). And - and _ are frequently part of filenames and variables, so it’s great that they’re closest to the letter keys.

                                                                                              2. 2

                                                                                                I like dvorak for English, but find it substantially more annoying for code.

                                                                                                Exactly! If I were a novelist I would probably just continue using Dvorak.

                                                                                                1. 2

                                                                                                  in practice I do a lot of key stabbing as well

                                                                                                  I recently bought a laptop with a Swiss(?) keyboard layout. (It really is a monstrosity with up to five characters on one key). I thought I wouldn’t need to look at the keys at all and I could just use my preferred keymap, but I’ve been caught ought a few times. I’m just about used to it now, though.

                                                                                                2. 4

                                                                                                  When I am typing commands into a production machine I feel like it is only responsible of me to use a properly labelled keyboard.

                                                                                                  This is really important when you’re on your last ssh password/smartcard PIN attempt, because you can go slow and look at what you’re doing.

                                                                                                  1. 5

                                                                                                    I got a blank keyboard, and I must admit that I still look at it from time to time. like for numbers, or b/v, u/i… I only do so when I start thinking “OMG this is a password, don’t get it wrong!”

                                                                                                    Having a blank keyboard doesn’t stop you from looking at your hands. It only disappoint you when you do.

                                                                                                    1. 5

                                                                                                      As a happy Dvorak user I’d have to say there are better fixes to that problem. Copy it from your password manager? (You use one, right?) Type it into somewhere else, and cut and paste? Or use the keyboard viewer? (Ok that one is macOS specific, perhaps.)

                                                                                                      Specifically re: “typing commands into prod machines” I don’t buy the argument. Commands generally don’t take effect until you hit ENTER and until then you’ve got all the time you need to review what you’ve typed in. Some programs do prompt for yes/no without waiting for Enter but it’s not like Dvorak or Qwerty’s y or n keys have a common location in either layout, so I don’t really see that as an issue either.

                                                                                                      1. 2

                                                                                                        Yes, the “production machines” argument is a strange one. I’d imagine it would only be an issue on a Windows system (if you’re logging in via ssh it’s immaterial) and then it would be fairly obvious quite quickly that the keyboard map is wrong. And if the keyboard map is wrong in the Dvorak vs QWERTY sense you’d quickly realise you’re typing gibberish. Or so I’d think?

                                                                                                        Ignoring the whole issue of “you shouldn’t be logging in to a production machine to make changes”…

                                                                                                      2. 1

                                                                                                        In this case, I find the homing keys, reorient myself, and type whatever I need to type. (Or just use a password manager & paste). Haven’t mistyped a password in years, and I’m using Dvorak with blanks.

                                                                                                        Homing keys are there for a reason.

                                                                                                        Labels are only necessary when you don’t touch type. If you do, they serve no useful purpose.

                                                                                                      3. 2

                                                                                                        I’ve read many people say that dvorak was fine for the vim movement keys.

                                                                                                        Dvorak is fine for Vim movement keys, but not as nearly as nice as Qwerty.

                                                                                                        And as for the keycaps, I’m not sure I see the problem, why not just use a blank keyboard and switch at will?

                                                                                                        The problem is, when I’m entering a password or bash command sometimes I want to slow down and actually look at the keyboard while I’m typing. In sensitive production settings raw speed isn’t nearly as valuable as accuracy. A blank keyboard would not solve this problem :)

                                                                                                        1. 6

                                                                                                          Dvorak is fine for Vim movement keys, but not as nearly as nice as Qwerty.

                                                                                                          They actually work better with Dvorak for me, because the grouping feels more logical than on qwerty to me.

                                                                                                          1. 1

                                                                                                            Likewise: vertical and horizontal movement keys separated onto different hands rather than all on the one (and interspersed) works much better for me.

                                                                                                          2. 2

                                                                                                            I hate vim movement in QWERTY. I think it’s because I’m left handed, and Dvorak puts up/down on my left pointer and middle finger. For me, it’s really hard to manipulate all four directions with my right hand quickly.

                                                                                                            1. 1

                                                                                                              Would it make sense to use AOEU for motion then (or HTNS for right handed people)? I guess doing so may open a whole can of remapping worms though?

                                                                                                              That won’t help with apps that don’t support remapping but which support vi-style motion though (as they’ll expect you to hit HJKL)…

                                                                                                        1. 7

                                                                                                          I am a fan of Foobar2000.

                                                                                                          1. 2

                                                                                                            How does it perform?

                                                                                                            I haven’t thought about it, but if I’m stuck on Windows, this is my preferred player as well.

                                                                                                            1. 3

                                                                                                              It worked just fine on my 2005-spec machine in 2005, and it doesn’t look like it’s had much feature creep or a disastrous acquisition since then.

                                                                                                              1. 3

                                                                                                                Foobar2000 Is the best music player ever written, with support for themes and plugins.

                                                                                                                It performs great even on low-end hardware, and can output to ASIO in bit-perfect mode.

                                                                                                                I’ve been a Linux user for 10 years now, and Foobar2000 Is the only software which hasn’t a comparable alternative.

                                                                                                                I you’re lucky enough, searching for “what.cd foobar” will lead you to the best theme/plugin combo ever composed.

                                                                                                                1. 2

                                                                                                                  HN recommended DeaDBeeF as an alternative for Linux http://deadbeef.sourceforge.net/

                                                                                                              2. 1

                                                                                                                I hope the story on configuring this has gotten better. Many years ago it seemed like a total pain to set up, even if it is super fast and efficient.

                                                                                                              1. 5

                                                                                                                This seems like useful behavior if the clocks on the system you edit inputs on and the system you run webpack on aren’t synchronized, such as they might be with Vagrant or Docker. Spending some cheap CPU time to avoid much more expensive user confusion seems like a valid strategy.

                                                                                                                1. 9

                                                                                                                  Good lord, stupid workarounds for stupid systems are why we’re drowning in shitty software.