1. 5

    What’s with the weird subdomains https://https.www.google.com.tedunangst.com ?

      1. 2

        Search lobsters for past posts for past discussions

        1. 6

          Can we please stop using the “Make X Y Again” schema for advertising things? I know there is no ill intent behind this but some of us are directly affected by the policies and rhetoric that comes out of the very much sincere desire to roll back progressivism by decades.

          1. 12

            Your comment is off-topic.

            You reasonably observe that the name of the project is derivative, acknowledge that the author bears you no ill intent, but nevertheless suggest the project name is harming you and yours.

            You don’t address the author, you don’t talk about Medium as a platform, you don’t talk about blogging or anything apparently connected to the article. Your comment is a generic complaint. (Applies to any submission matching your pattern.)

            We’re a community of practitioners. We show (create, invest, fix), rather than tell (scold, beg, demand).

            1. 26

              The title of this project is a riff on a political slogan that itself is a riff on various fascist slogans throughout history. Making a joke of it by using it as the name of a browser extension is, at the very least, in poor taste. The commenter you responded to made a polite request to the community to stop doing this thing that is in poor taste. There was no need for them to address the substance of the project because the comment was only concerned with the choice of title. In terms of scolding/begging/demanding, I see more of that in your comment than in the one you responded to.

              1. 1

                Apologies for the off-topicness, but are Mel Brooks’ Hitler jokes/comedy in bad taste? Can something horrible be alleviated by ridiculing it?

                This is a philosophical question that doesn’t wven account for the author’s intent with the naming.

                And on the other side, would “Medium we can believe in” or “Medium we can” be more acceptable or less, and to whom?

                A rose by any other name… It seems to be a somewhat useful browser addition regardless.

                1. 2

                  Can something horrible be alleviated by ridiculing it?

                  Yes, somewhat, and only if actually done well. (And even then, sometimes the supposed object of ridicule can miss the point entirely and embrace whatever the “joke” was about.)

                  I guess the point is, naming entirely unrelated things with the same pattern (“Make X Y again” here) is not comedy! It’s literally just spreading the slogan.

              2. 19

                You can’t ignore politics when they are no longer ignoring you. However much you may think that Lobsters is a domain of pure, unadulterated reason and everything unreasonable is offtopic, the linked software decided to make a political slogan ontopic.

                You’re grandstanding here about how neutral Lobsters is, but there’s no neutrality on this moving train, and telling people to shut up about the politics that affects them isn’t nice.

                1. 9

                  We’re a community of practitioners. We show (create, invest, fix), rather than tell (scold, beg, demand).

                  I like this a lot! The internet would be a better place if there were more places that followed this philosophy.

                  1. 0

                    Yeah, wouldn’t that be something…

                    :-/

                  2. 8

                    I also happen to feel playful takes on MAGA is putting googly eyes on swastika, and was about to post similar comment. Didn’t post as the earlier exchanges OT exchanges like this on Lobsters suggest ethics is a taboo subjects to many here.

                    But seriously, screw this.

                    1. -6

                      Fine, let’s discuss ethics.

                      Calling a playful riff on the MAGA slogan”putting googly eyes on a swastika” is bullshit. It’s the same authoritarian communist rhetorical technique that the East German government used when they called the Berlin Wall the “anti fascist defense wall”. I’m not a huge fan of Trump myself, but I’m even less of a fan of the anti-Trumpist faction in American politics characterizing Trump’s policies as literally Nazi-like so they can feel justified in weaponizing the social norm that “Nazis=bad” in western society against their poltiical enemies.

                      Nothing the Trump administration is doing is in any meaningful way close to the bad things that the Nazis did - frankly most of what he’s been doing are the same things that every post-WWII American presidential administration has done, just with less high class verbiage to describe it. The people who claim otherwise are doing so in order to make themselves feel like they’re morally-righteous crusaders instead of people having ordinary political disagreements in the American political system.

                      Lobsters isn’t a political discussion forum, but if people are going to say that nonpolitical articles that happen to reference the current US President’s campaign slogan should be considered forbidden, you’re already bringing politics into the space, and you shouldn’t expect that your particular poltics must go unchallenged. There’s nothing wrong with the title of the article, and people claiming otherwise are making a backhanded political argument that Trump is Bad on a technical forum.

                      1. 3

                        Now this is an off-topic comment.

                        1. 10

                          And yet despite being in good company, it is the only one flagged to death, because it comes from the perspective of the wrong tribe.

                          You see why I object to politics and “ethics” discussions? This is sort of the reason why–people don’t get a fair shake.

                          1. 0

                            This is a tough problem to solve, for sure.

                            I am among those who have flagged it as off-topic, as per @alynpost ’s comment here

                            https://lobste.rs/s/f4t0y2/make_medium_readable_again#c_ty2pp6

                            (based on my understanding, posted here: https://lobste.rs/s/f4t0y2/make_medium_readable_again#c_szkkme)

                            As both this downvote and the one I made on the other post were made in affect, I have removed them both.

                            1. -1

                              This whole discussion is a response to unnecessarily politicised title. Ironically, it’s the objection to the title was attacked by no ethics pls crowd.

                          2. 2

                            I’m not taking the bait. Would just remark that my reply, and your rant could be precisely avoided if the author stuck to fucking technicals for technical write up.

                        2. 6

                          How does one show, create, invest or fix in response to a negative pattern like the “Make X Y Again” headline?

                          1. 4

                            Indeed. I suppose one could suggest an alternate name for the project, in which case I will propose “Readable Medium” as a straightforward name for a browser extension that would entirely avoid any political connotations that only serve to distract from the substance of the project.

                            1. 1

                              I like that also because I find it humorous – a medium is a person who may do a “reading”, so “readable medium” sounds backward to me.

                            2. 0

                              If the title of the project bothers you, open an issue and try to convince the author of your point. If not possible, fork it.

                            3. 3

                              I downvoted this comment as “incorrect” but I have since reconsidered and removed my downvote.

                              I initially read the comment to mean “never discuss anything political, (as defined by us the community*) on this site”.

                              I know hope it reads “please feel free to discuss things political, but the focus should be on the technical contents of the submitted post”.

                              In this spirit, I will submit a comment that both reflects my opinion on the linked content, and will serve as a template for an acceptable comment that also addresses the political/ethical implications.

                              [start comment]

                              This project strikes me as useful for now, but ultimately reactive. It’s easy for Medium to redesign their site to defeat the circumvention, and the developer and users will engage in a game of whack-a-mole to keep up.

                              It’s a similar situation with ad blockers, with the significant difference that the market for ad-free browsing is much larger than the market for reading Medium without a bunch of banners.

                              This segues nicely into the problems with Medium’s business plan. Ultimately, it’s just Wordpress.com with a nicer editor and draconian rules about CSS. There’s really no reason to pay for Medium apart from the content, and the content, for me personally, seems mostly to be cryptocurrency boosters nowadays. Essentially it’s content as a commodity… there has to be a critical mass of writers who are only available on Medium for it to be worth paying for.

                              If Medium promised a cleaner reading experience as part of a paid tier, that would maybe help?

                              As to the name of the linked project - it’s unfortunately hard to detect irony on the web, and considering the “alt-right” has had some success in shifting the conversation by “pretending” to be racist, saying it’s for the “lulz”, I am prepared to automatically assume that someone who seems to do the same is either on the same side as this political faction, or insensitive to how they appear by choosing this name.

                              Personally I would add the name choice as a negative in evaluating this project.

                              [end comment]

                              If anyone upvotes or downvotes this comment, please let me know if it was because of the content, or the presentation, or the meta-narrative on how to handle political/ethical/sensitive submissions to the site.


                              * who represents this community is another question that deserves discussion but that’s for another time.

                              1. 0

                                Good comment, upvoted. You address the content of the article first, make good points and analysis, and close with minor but reasonable speculation and an opinion–and you don’t go on a screed.

                              2. 2

                                @gerikson, @jamesmacaulay, @JordiGH, @varjag I’ll reply to all of you at once in the interest of my time.

                                I have had folk observe that I’m prone to understatement. I may have done that here describing the project name as derivative, when I could have said political slogan (h/t jamesmacaulay) or dog whistle (h/t gerikson). Both would have been more accurate.

                                The de minimis statement I made supporting my off-topic claim was “Your comment is a generic complaint.” I then provided a test so the claim can be falsified: “[Your comment] applies to any submission matching your pattern.” This same test holds without regard to the sentiment of the comment. A similarly context-free comment supporting, rather than detracting, this political slogan, dog whistle, or derivative name would also be off-topic.

                                We know that naming things is hard. The problem is featured in a widely known joke. (“There are two hard problems in computer science…”) We also know that names can be chosen because they’re provocative. (“There’s no such thing as bad publicity.”) Discussing names gets the benefit of the doubt regarding topicality. The comment in question is off topic qua a kind of behavior.

                                Thank you all for your replies.

                              3. 1

                                I suppose to a progressive, the title would sound like “make medium awful again” – the exact opposite of what the author is trying to convey!

                                (I didn’t even pick up on the political reference until you pointed it out.)

                                1. 1

                                  Can’t speak for others, but to me the original intent was clear given the context. But it’s hard to divorce the connotations of opression and hate from it. As @JordiGH said so eloquently, at this point it’s impossible to ignore politics as they won’t ignore you. Using this language will hurt people. I assume this wasn’t anyone’s intention by choosing this name, so I’m just trying to point this out hoping that when the next time comes around people can make a more informed decision.

                              1. 4

                                What can Medium do to prevent stuff like this? Because I bet they’re going to go after people using these things if too many people start using them.

                                1. 4

                                  Usually sites take the legal route and go after the use of the name. Another site did that a few weeks ago and made minor tech news, but I’m at a loss as to which one at this very moment.

                                  1. 3

                                    They could start focusing on readability again, which is probably the reason why things like this happen in the first place.

                                    1. 2

                                      I meant, what nasty things can they do? Obviously they’re already on a nasty path and very keen to continue on it.

                                      1. 3

                                        They can employ the same methods other sites have been using to prevent adblocking: changing the markup frequently to escape whatever filter is popular.

                                    2. 2

                                      I don’t think they can do much to prevent it other than adding more and more changes that regularly break the extension, but this will always be a cat-and-mouse game.

                                    1. 4

                                      I can’t look at this teardown without hearing AvE in my head.

                                      1. 3

                                        I’ve just sent him the link. Let’s hope he decides to do a review of this magnificent example of overengineering.

                                        1. 4

                                          Don’t forget to put your ____ in a _____!

                                          1. 2

                                            Skookum as frig!

                                            1. 1

                                              Milled aluminum choochers!

                                              1. 1

                                                Same here! I can’t help but feel AvE would do a much better teardown, not only looking at what’s there right now, but considering what’s blatantly missing from this article; what can be improved in the future! If those are machined gears then there’s no reason they can’t cut cost by sintering. The article says it’s so expensive to apply “thousands of pounds of pressure” completely ignoring that any home-gamer clamp can do the same.

                                                It’s still an over engineered and expensive clamp, but I feel like the article is dishonest about where it is and where it can go.

                                                1. 3

                                                  A lot of these “unnecessarily machined” parts look to me like they were designed for casting but the tooling wasn’t ready for the scheduled first run (typical). They would be a lot cheaper in mass production.

                                                  The gears are OEM, they are not that expensive when you buy them by the thousand. You’d need to sell a lot of juicers to break even on sintering tooling for them (and machined gears are stronger), doesn’t make sense for a commodity part.

                                                  Overall I refuse to believe that the engineers who had enough skill and experience to design this and get it working are so blissfully unaware of production process costs. Simply doesn’t happen IRL.

                                              1. 2

                                                I’m curious if a locked down CSP Header would help prevent sites from being exploited, although I guess it would depend on where the JS got loaded from. If the attacker was able to get malicious JS served from the site or an approved origin then this would still be exploitable.

                                                1. 1

                                                  It would certainly reduce the attack surface. I think using something like uMatrix is also a good idea.

                                                1. 47

                                                  When someone makes a typo there are 2 possible outcomes. Outcome 1: they are informed of their error and they can correct it or make an alias in their shell. Outcome 2: npm grows a new help option for every reported typo and eventually begins calculating the Levenshtein distance between the nearest valid option (an actual suggestion in the issue). Eventually typos make it into source code and scripts. Good luck grepping your codebase for usages of npm install.

                                                  Introducing this “affordance” to the user results in a cascade of increased complexity. Furthermore it’s not “just” complexity in the toolset, but an increased cognitive load on the programmer. What’s next? I can only imagine how frightening using node would be if npm install package installed some other random package off the internet.

                                                  Please keep “did you mean” functionality limited to search UIs.

                                                  1. 13

                                                    I guess if the user has such a problem with accidentally typing “npm isntall”, “npm unisntall” or “npm verison”, they should just create aliases in their own shell config instead of bloating the software.

                                                    1. 3

                                                      Good luck grepping your codebase for usages of npm install.

                                                      This is easily fixed by making grep default to matching on small Levenshtein distances too! (Yes, this is sarcasm.)

                                                      1. 2

                                                        Well, it probably wouldn’t be so hard to extend regexes to compute a Levenshtein DFA during the compilation stage for fuzzy matching.

                                                        [Is it bad that I’m wondering how hard it would be to implement, as a fun regex hack?]

                                                    1. 17

                                                      This is a good complaint, but I think we need some suggestions on how we can convince programmers to be less stupid, because telling them to be less stupid just isn’t working.

                                                      1. 4

                                                        Use tools with less features and more interoperability. Fork complicated projects and rip out useless features and call it “Lite/Secure”.

                                                        1. 4

                                                          Alas, interoperability is often itself a problem.

                                                          1. 1

                                                            In what way? I thought do one thing well was all about delegating out tasks to programs which have devoted the time and energy into being secure. Could you please elaborate?

                                                            1. 7

                                                              The “delegation” is itself a potential vulnerability. That’s not to say it has to be, but once tools can interoperate, people expect them to interoperate, and that causes trouble. Consider the venerable less program, which can execute dozens of not entirely secure helpers. They are each individually vulnerable, but less, through the powers of delegation and interoperability, has found a way to become the sum of their vulnerabilities.

                                                              http://marc.info/?l=full-disclosure&m=141678420425808&w=2

                                                        2. 3

                                                          Well, the funny thing is that while we can create tools to enforce security with an application (that is, to make sure an application is doing what it wants to do correctly, without introducing security holes), it is harder to restrict ourselves as programmers to stop our tools from growing options outside of their original scope (that is, to make sure our applications do only what they should do, from a philosophical perspective).

                                                          Both of these are security problems, and it’s something people try to get at with the term “attack surface.” When you add options, or add semi-out-of-scope convenience features to applications, you also increase the complexity of verifying the application is free of security flaws, and you increase the likelihood that some interaction between the application’s components or between the application and other applications will introduce security flaws.

                                                          All of this is to say that I don’t know if there is a way to do this that’s any better than teaching people, through hard-learned examples from history, that there are right and wrong ways to do this. If we start to view security flaws like failures in civil engineering, covering them in education with case studies and discussions of what went wrong, and with real care for pre and post deployment review of correctness and failures, then we might start to see things improve. In this light, something like Heartbleed becomes the Tacoma Narrows Bridge collapse. Something we teach new developers about, not just for the specific lessons of the failure, but the learned wisdom of how to avoid the same mistakes in a systemic fashion.

                                                          1. 2

                                                            Thinking of a list of non goals (e.g. https://github.com/martanne/vis#non-goals) at the beginning of a project sure helps.

                                                          1. 11

                                                            I’m brazilian.

                                                            The first case I remember of this happening was in 2007, when a brazilian actress was filmed having sex in a beach in Europe and that video was posted to YouTube many times. She sued (in Brazil) and some judge took YouTube down for one or two days.

                                                            At the time (if I remember correctly) it was implemented as some sort of DNS change, and those of us that used custom DNS servers could visit the site. I was able to help a few of my friends.

                                                            This time the WhatsApp servers seem to have been blacklisted. I’m not sure about port blocking or packet inspection. It was most likely a small change just to block the majority of the population that doesn’t know how to circumvent.

                                                            It is also interesting to remember a few facts:

                                                            1) The cellphone service providers in Brazil (Oi, Vivo, Tim, Claro) are also the largest fixed internet providers for the country;

                                                            2) These companies have seen a lot of profits vanish due to the overwhelming use of WhatsApp by the users (titles were translated by me):

                                                            Why brazilian providers are in war with WhatsApp http://epocanegocios.globo.com/Informacao/Dilemas/noticia/2015/12/por-que-operadoras-brasileiras-entraram-em-guerra-contra-o-whatsapp.html

                                                            Brazil loses 10 million cell lines due to ‘WhatsApp Effect’ http://link.estadao.com.br/noticias/empresas,brasil-perde-10-milhoes-de-linhas-de-celular-por-culpa-do-efeito-whatsapp,10000028765

                                                            To stop WhatsApp, providers ask for conservative regulation http://www.tribunadabahia.com.br/2016/01/02/para-frear-whatsapp-operadoras-pedem-regulamentacao-conservadora

                                                            Providers have lost US$ 13.9 billion due to WhatsApp, Facebook Messenger and similar apps https://tecnoblog.net/91908/operadoras-whatsapp-facebook/

                                                            3) These same companies own the majority of market share for cable TV and were recently pushing HARD for data caps to prevent YouTube and Netflix from stealing more profits from them;

                                                            I wouldn’t be surprised if this judge turned out to be friends with some of those companies.

                                                            I’m not too familiar with the US market, but I think this corporativist agreement between large companies and the State is a problem we all we’ll have to deal with if we want the Internet to stay (relatively) free.

                                                            1. 8

                                                              Great time to announce, right after their recent twitter rampage. Inspires lots of confidence.

                                                              1. 2

                                                                Careful or you might get blocked.

                                                              1. 8

                                                                Guess I won’t be using grsec anymore.

                                                                # pacman -Rs linux-grsec linux-grsec-common linux-grsec-headers
                                                                
                                                                1. 2

                                                                  Just because of some grumpyness on Twitter? Man, I hope for your own sake that whomever supplied the locks on your doors never gets grumpy.

                                                                  1. 33

                                                                    If the company who made the locks on my door blocked a bunch of people who retweeted “hey, these locks open right up if you stick any old key in upside down” it’d sure as hell make me reevaluate my opinions of their approach to making secure locks.

                                                                  1. 12

                                                                    Eldritch.

                                                                  1. 5

                                                                    I’m going through CIS 194: Introduction to Haskell. Loving it so far.