1.  

    finally someone is saying this. now the hard work of figuring out what actions make sense to move things in the right direction.

    1. 6

      Interesting article, but saying we can’t truly fix free software until we destroy capitalism feels at once both a bit extreme and unhelpful.

      It’s a nice idea (Who doesn’t want to live in a world where everything is free? Oh wait. A lot of people :) but I’d rather focus on ideas that help us iteratively improve the current situation.

      1. 16

        I think the author’s point is that the free software movement is already a radical philosophy, but one which is doomed to failure by its individualist focus. As a movement, it doesn’t offer a solution for how to make free software the natural choice (where the structure of our systems inherently directs people to select it as the best option), preferring instead to focus on convincing individuals that it is the right choice (which may be true, but doesn’t scale, and will constantly fight against whatever the natural choice is, which is why open source has eaten free software’s lunch).

        So the choice is between an ineffective radical philosophy and a potentially effective one.

        1.  

          how to make free software the natural choice…the best option

          There are many things that changed since the late 1990s when free software was the dominant ideology. One is that Google, and ultimately all of big tech, co-opted open source to mean “you are free to have all of the source code to the client that talks to our centralized proprietary service.” Having done so, free software isn’t the natural choice, because the benefits of freedom in being able to change the system to do what you want is not present. Its capabilities are limited to what the proprietary service provides, and it only works if the client implements what the proprietary service requires.

          1.  

            I’m not sure in what sense it’s the case that “open source has eaten free software’s lunch”. At the moment, free software and open-source software are basically synonymous. An open-source library developed by paid programmers working for some Microsoft- or Facebook-sized corporation is free in exactly the same way that GNU Emacs or Firefox is.

            There are people who would like to change this situation - create and popularize software licenses that are “open-source” in the sense of having the source code be publicly available, but non-free in the sense of imposing four-freedoms-violating conditions on the use of that software. But the two main motivations for doing this are to prevent large cloud providers (such as Amazon specifically) from releasing products based on open-source software that might compete with smaller companies that develop such software, and to prevent organizations and people with political views specific activist programmers find distasteful from being able to freely use useful software. The former consideration is an attempt to limit the power of well-capitalized corporate institutions, and the latter is associated with “culturally leftist” politics but doesn’t directly help or hinder such institutions.

            1.  

              At the moment, free software and open-source software are basically synonymous.

              I disagree, because “free software” is actually less free (as in freedom) than open source.

              For example, let’s say that “Bob” wants to release a videogame toolkit. He starts with the Quake III Arena source code (released under the GPL). He spends months building a complete game creation toolkit around it the likes of which could be compared to any modern AAA game engine.

              But, there are still sections of code that are recognizably Quake. If he tries to sell this thing that he spend so long on, he could get a cease-and-desist (and likely will).

              Imagine a similar situation where “Alice” does the same thing with the Sauerbraten engine (zlib license). She gets to sell her work (and it is hers if she’s spent months working on it). She can then decide later that she would like to release the source on her own time.

              Who had more freedom?

              This is a contrived example, because no reasonable person would start with GPL software who wants to sell something. The point is that “Bob” can’t use the Quake source for his own gains even though ID has decided that they are done using it.

              1.  

                I don’t know how long you’ve been in the open source/free software realm, but these arguments were done to death 20 years ago.

                The difference is perspective: freedom for the developer vs. freedom for the user. When GNU started, AT&T was exercising its “freedom” to maintain exclusive control of UNIX, and RMS wanted the “freedom” to control what happened on his computer.

                From time to time this is intentionally confused by people with an agenda, as in “free software isn’t free because it doesn’t let us freely screw users.”

                1. 5

                  I don’t know how long you’ve been in the open source/free software realm, but these arguments were done to death 20 years ago.

                  Well, I’m only 20.

                  The difference is perspective: freedom for the developer vs. freedom for the user.

                  As the developer you always have the freedom to not release the source. As the user, you can choose to ignore the license (at your peril). Your freedom ends where another person’s freedom begins. It’s selfish and arrogant to think that you “deserve” to control other peoples use of your product.

                  I like to draw a parallel with firearms. You have a right to not own one, but you cannot prevent me from owning one. Substitute any politically correct item for firearm if you wish.

                  From time to time this is intentionally confused by people with an agenda, as in “free software isn’t free because it doesn’t let us freely screw users.”

                  This is attributing the (perceived) malice of large corrupt corporations to people like me who prefer to keep personal liberties intact. It’s shameful.

                  1.  

                    This is attributing the (perceived) malice of large corrupt corporations to people like me who prefer to keep personal liberties intact. It’s shameful.

                    I didn’t mean to attribute it to you. As I said at the beginning of the post, I’m not sure about your background (thanks for clarifying it.) I do mean to say that the argument you provided is also provided by people with an agenda, and I’d encourage you to think critically about it.

                    Your freedom ends where another person’s freedom begins. It’s selfish and arrogant to think that you “deserve” to control other peoples use of your product.

                    Very true, but consider what that means in the context of software. Software released without source is trying to exercise control over the use of the product by preventing the user from altering it or improving it. These days it often goes further with code signing, DRM, online activation, etc, which is increasing the degree of control.

                    The point of copyleft is that if we accept as a society that authors control the use of their product, then authors are free to prevent what they would see as misuse of that product, including distributing it without source code. There is an alternate universe where authors have much less control in general, but we happen to live in this one.

                    The genius of RMS, IMHO, was more about economics than software. He observed that in a market where fixed costs are high and marginal costs are low, which software takes to the extreme, the result will be a small number of vendors and a large number of users. In that context, users do not have a remedy through competition: they cannot choose a vendor that gives them the level of freedom they want. Market forces would push any user-respecting vendor out of existence. Taking your example, find a games publisher that releases source code [edit: to their new release game]. In the ultimate, he observed that the degree of vendor control would only increase over time, without limit, which has since proven to be true. In the last 15 years we’ve moved from a world where anyone can write a device driver or application to a world where these need to be approved by platform vendors, for example, and entire classes of software are unavailable to users as a result.

                    If competition among vendors can’t deliver the products users want, then the issue needs to be around restricting what vendors can do to ensure users can do what they want. As you put it, one person’s freedom ends where another person’s begins - but if we accept that anything which restricts the freedom of vendors is bad, then we accept that users should have no freedom whatsoever.

                    1.  

                      Prologue: This thread has ended up way longer than I thought. Thank you for your time.

                      I think we agree on a lot of principles, we just disagree on where the line between author and user freedom is.

                      Fair warning, my firearm analogies got a little out of hand. If you are unfamiliar, feel free to ask for clarification.


                      I didn’t mean to attribute it to you.

                      Yes, I re-read the comment and I think I was being a little paranoid :)

                      Software released without source is trying to exercise control over the use of the product by preventing the user from altering it or improving it.

                      The same thing happens when somebody releases a product without specifying exactly how it was put together. For example: there are a fair amount of proprietary firearm designs, but the most popular rifle (AFAIK) is the AR-15. A modular design that pretty much anybody is allowed to manufacture and sell (well, if the government lets them).

                      These days it often goes further with code signing, DRM, online activation, etc, which is increasing the degree of control.

                      I see code signing as a net good. I appreciate the assurance that when something runs with administrative privileges that the program is (sort of) verified. DRM can be done well, but most companies do it wrong. Steam is pretty good, but if they were a smaller company I wouldn’t trust them as much (mostly because I would have no guarantee that they would stick around).

                      The point of copyleft is that if we accept as a society that authors control the use of their product, then authors are free to prevent what they would see as misuse of that product, including distributing it without source code. There is an alternate universe where authors have much less control in general, but we happen to live in this one.

                      Code authors cannot control the use of their product, in the same way that a firearms manufacturer cannot prevent people from murdering people. All you can say is “we do not warranty this software if it is used for anything other than…”.

                      The genius of RMS, IMHO, was more about economics than software. He observed that in a market where fixed costs are high and marginal costs are low, which software takes to the extreme, the result will be a small number of vendors and a large number of users. In that context, users do not have a remedy through competition: they cannot choose a vendor that gives them the level of freedom they want. Market forces would push any user-respecting vendor out of existence.

                      I agree with this statement, but I believe the solution is more information. If more people knew how corrupt big tech was then they would use them less.

                      Taking your example, find a games publisher that releases source code.

                      I think the new Unreal Tournament is “public” source. UE4 and Crytek are also “public” source (with EULAs and royalties of course).

                      In the ultimate, he observed that the degree of vendor control would only increase over time, without limit, which has since proven to be true.

                      I assume by he you mean Richard Stallman.

                      In the last 15 years we’ve moved from a world where anyone can write a device driver or application to a world where these need to be approved by platform vendors, for example, and entire classes of software are unavailable to users as a result.

                      Sure anybody can write a device driver. The approval process is IMHO necessary because otherwise somebody could socially engineer people into installing a malicious driver or application (technically still possible, but more difficult). It’s like a carry permit. It (ostensibly) proves that you are competent and stable, and that you won’t use your thing (firearm, device driver) to intentionally harm an innocent person.

                      If competition among vendors can’t deliver the products users want, then the issue needs to be around restricting what vendors can do to ensure users can do what they want. As you put it, one person’s freedom ends where another person’s begins - but if we accept that anything which restricts the freedom of vendors is bad, then we accept that users should have no freedom whatsoever.

                      How does not restricting vendors lead to users having no freedom? I don’t mean to be snarky, I just don’t understand.

                      1.  

                        I think the high level observation I’d make is that each of us exist in a society that establishes certain “normal” practices. Those practices change over time. When RMS was starting in software, “normal” meant that commercial vendors provide sources, and moving away from that was a redline for him. When I was starting in software, “normal” meant closed source but no signing/activation/forced updates, and moving away from that was a redline for me. Over the next couple decades, “normal” will continue to change and the things which seem normal for you now will become more restrictive due to competitive forces. When you see it happen, RMS stops looking crazy.

                        I see code signing as a net good. I appreciate the assurance that when something runs with administrative privileges that the program is (sort of) verified.

                        “Verified” in this context means it does what the vendor intended, not that it does what you want. If it was done to verify that it does what you want, then you’d be in control of the certificates that you’re willing to trust, and would be able to use software that is trusted by anyone you trust. As it stands, you’re not allowed to run code that you wrote yourself, because the vendor doesn’t trust you.

                        Code authors cannot control the use of their product…

                        (I’m avoiding firearms comparisons since it’s a business I don’t know anything about.) Code authors have an unusually high amount of control due to things like the DMCA which give legal protection to any measure they can create. Control is just an arms race - if it can be enforced somehow, it’s legal and legitimate. The makers of devices have a lot of resources to ensure they retain control of things like the applications that run, and they are highly motivated to exercise that control since they get a 30% cut. The maker of a hammer cannot control how it is used, but the maker of a technical device can and does control the software that runs on it (although you are free to use it to drive nails into a wall, which is often its most valuable use.)

                        I believe the solution is more information. If more people knew how corrupt big tech was then they would use them less.

                        Users are given the choice to use tech or not use tech. They do not have a competitive remedy. Your cell phone company knows where you are at all times and sells that information to marketers. Your remedy is to not carry a cell phone. It is true that if everyone rejects the entire category of tech then the problem goes away, but that seems like a big societal failure that gives us a choice between dystopia or dark ages.

                        I think the new Unreal Tournament is “public” source.

                        It’s an interesting model to be sure, but note that UT4 is cancelled. You’re free to get the source code so long as anything you do with it has copyright assigned such that your contributions can be released as part of UT4. This is a volunteers-develop-a-commercial-product model. I think the reason this thread started - taking issue with the idea that “free software” is more free than “open source” - is because “open source” is often a volunteers-develop-a-commercial-product model. This one happens to be far more explicit than most.

                        Sure anybody can write a device driver. The approval process is IMHO necessary because otherwise somebody could socially engineer people into installing a malicious driver

                        To be clear, you can write a device driver, but you cannot run the thing you just wrote.

                        The argument about needing approval amounts to an argument that users cannot be trusted to make their own decisions. Logically, it applies to anything. Can you socially engineer people into installing a malicious usermode program? Can you socially engineer people to visit a website with a bitcoin miner? Can you socially engineer people to visit a phishing website? If the solution is an explicit approval step, then we’d live in a very different world - perhaps our conversation might need explicit approval, because we might be engaging in social engineering right now.

                        How does not restricting vendors lead to users having no freedom? I don’t mean to be snarky, I just don’t understand.

                        This is exactly the argument you made about one person’s freedom ending where another’s begins. It’s easy enough to illustrate by example, but that relies on examining the examples with an open mind, and remembering that in the not-that-distant past things which appear as normal today were not remotely normal.

                        Personally I’m in the strange position of developing device drivers professionally. There’s a lot of value in them - I’m paid pretty well really - but I haven’t written any open source drivers. Why not? Because nobody could run them. I have written open source applications, because people can run those. But when you’re on both sides of the same fence and realize that you have a skill which is valuable but can’t contribute it to the community, the lack of user freedom becomes very visible.

                        1.  

                          To be clear, you can write a device driver, but you cannot run the thing you just wrote.

                          I thought that (on windows at least) you could develop the driver and run in unsigned on your own machine? I’ll take your word for it if I’m wrong because I looked at your blog and it looks like you’re a lot more knowledgeable on the subject than I am.

                          This is exactly the argument you made about one person’s freedom ending where another’s begins. It’s easy enough to illustrate by example, but that relies on examining the examples with an open mind, and remembering that in the not-that-distant past things which appear as normal today were not remotely normal.

                          I would appreciate an example. My point is that practically speaking a vendor cannot limit the freedoms of a user. They can get the user to agree not to do something, but what cost would be incurred in trying to enforce that agreement?

                          Personally I’m in the strange position of developing device drivers professionally. There’s a lot of value in them - I’m paid pretty well really - but I haven’t written any open source drivers. Why not? Because nobody could run them. I have written open source applications, because people can run those. But when you’re on both sides of the same fence and realize that you have a skill which is valuable but can’t contribute it to the community, the lack of user freedom becomes very visible.

                          You have a very interesting vantage point, thank you for your contribution to the conversation.

                          1.  

                            I thought that (on windows at least) you could develop the driver and run in unsigned on your own machine?

                            The bootloader has no way to know whether the unsigned code it’s loading came from your compiler or came from a malicious source on the Internet. The “obvious” way to fix this is to allow for self signed code and allow the user to manage which certificates they trust, but attestation signing is doing the exact opposite of that.

                            The way I develop drivers is by running systems under a kernel debugger, which disables driver signing requirements. A kernel debugger runs on a second machine. So you could run arbitrary drivers if you configure a machine to run multiple VMs so one can act as a debugger for the other, but realistically there’s no point writing drivers for that set of users, and nobody is going to run in that configuration to run code that’s not written.

                            It’s hard to describe the things that don’t exist as a result of restrictions. I can’t point you to a giant repo of things you can’t run; nobody bothered to create the repo because nobody can use what’s in it. But note that every app store restriction exists to prevent some developer from doing something that users want. (If developers didn’t want to build it or users didn’t want to run it, there’d be no point preventing it, because it wouldn’t have a market.) I don’t know how you feel about this, but I don’t think my cell phone has more amazing software now than it did six years ago. Either human creativity just ended, or something is preventing that creativity from getting to our phones - and it’s not hard to find what’s between the developers and the users.

                            Edit: To be a bit more concrete, note that most commercial phones have locked bootloaders, and most PCs are capable of booting arbitrary operating systems. As a result, there’s a large PC Linux community, but a very small Android developer community. Since the community is smaller, there’s not as much benefit to a user using a community Android distribution. I don’t know exactly what we’re missing out on, but the PC Linux community has contributed a ton of value, and there’s no equivalent on the phone, because our phones have locked bootloaders.

                            1.  

                              So you could run arbitrary drivers if you configure a machine to run multiple VMs so one can act as a debugger for the other

                              But note that every app store restriction exists to prevent some developer from doing something that users want.

                              Ok, I was sorely mistaken on the kernel driver point. You’re also correct that most app store restrictions are BS. Code signing would also be a lot better if you could permanently “trust” an application like on macOS (or a driver).

                              I don’t know how you feel about this, but I don’t think my cell phone has more amazing software now than it did six years ago.

                              The crazy thing is that I feel like we go backwards in a lot of ways. I’m with you on this one.

                              1.  

                                If developers didn’t want to build it or users didn’t want to run it

                                One of the common complaints in the Windows world is bundled browser toolbars. While there are people who actually like the Ask Toolbar and Yahoo Search, does anybody want it bundled with the JRE?

                                In a strict neoliberal sense, I suppose that users do willingly run the Java installer and consent to everything it installs, but describing it as something that the end users “wants to run” doesn’t ring true. The JRE itself is usually just a means to run some other app, and the bundled toolbars are probably not part of the end-user goal.

                                After all, free software distributions like Debian and Fedora have rules about what they allow in their repositories. And plenty of people complain about those rules. But do you actually think they’re trying to be user-hostile?

                                I don’t know how you feel about this, but I don’t think my cell phone has more amazing software now than it did six years ago. Either human creativity just ended, or something is preventing that creativity from getting to our phones - and it’s not hard to find what’s between the developers and the users.

                                Or, as an alternative explanation, the easy and low-hanging fruit has already been exhausted. Web apps haven’t really gotten better now as quickly as they were improving ten years ago, yet it isn’t any more proprietary now than it was in the past (If you say “Google’s fault”, I’ll reply by reminding you of IE6).

                                1.  

                                  While there are people who actually like the Ask Toolbar and Yahoo Search, does anybody want it bundled with the JRE?

                                  No, clearly not. But as you say, there are people who want them, outside of the JRE. Platforms which restrict classes of software will invariably exclude software that some people do want. At least personally, I did use the Google toolbar back when it added value to me by displaying Pagerank. Somewhat cynically, I can’t help but notice these things are designed to redirect traffic to obtain revenue, and platform owners would like to keep that revenue for themselves, so they have an interest in preventing things unrelated to user benefit.

                                  software distributions like Debian and Fedora have rules about what they allow in their repositories…do you actually think they’re trying to be user-hostile?

                                  No, I don’t. But as distributions, they don’t have a monopoly on software, and a feedback loop exists. If some piece of software is released that breaches a repository rule but a lot of people end up going around the repository to install it, it will spark a conversation about whether the repository’s policies are correct. That’s why people are able to complain about rules. In more closed ecosystems, that new piece of software just can’t exist, so users are excluded from the feedback loop.

                                  If you say “Google’s fault”

                                  I think the comments and criticisms I’m making here apply to pretty much all of the tech majors and are comments on restrictions that exist now among multiple vendors which did not exist 15 years ago. I don’t mean to single any one of them out.

                  2.  

                    Both engines are Free Software. Both engines are Open Source. The FSF and the OSI both define their licensing criteria, and the GPL and ZLIB licenses both comply with the Four Freedoms and with the Open Source Definition.

                    You’re contrasting copyleft with permissive licensing, which is a totally different distinction.

                    1.  

                      Thank you for pointing this out. I thought Stallman’s definition of free software required copyleft.

                      I stand behind my arguments for permissive licensing though.

                      1.  
                        1.  

                          Thank you for linking it. I’ve just read it. I still disagree with a lot of Stallman’s assertions.

                          1.  

                            I’m not asking that you agree with him. I certainly don’t.

                            I just don’t want you to misrepresent him, or anyone else.

                            1.  

                              Understandable. We could do with less misrepresentation these days.

                    2.  

                      I don’t quite follow the argument you’re making, nor what distinction you’re drawing between “free software” and “open source”. It sounds like you’re saying that even though a piece of software like Quake III Arena is “free software” (that is, released under the GPL free software license), someone forking that software, writing a derivative work, and trying to sell it would be subject to legal action from Id Software for violating their Quake-related intellectual property rights - whereas some other piece of software Sauerbraten (which I’m not familiar with), released under a different-but-still-FSF-approved license, wouldn’t have this problem?

                      1.  

                        @notriddle hit the nail on the head. I am talking about copyleft vs permissive licensing, the zlib license doesn’t preclude inclusion in proprietary software. The GPL does.

                        1.  

                          I am talking about copyleft vs permissive licensing, the zlib license doesn’t preclude inclusion in proprietary software. The GPL does.

                          Interestingly, that makes GPL software less free in its own right, copyleft people seem to disagree that this matters but its the root of why some of us dislike it. Sometimes I just want to get my job done and don’t want to involve the legal team. Its also why I don’t put anything I do up as GPL unless I have to. I want others to do the same.

                          GPL’s virality is both a pro and a con. I lean to it being more of a con in that it imposes a philosophy of world upon source code that I find too extreme. We can differ on this but axiomatically they are approaching free from different starting points.

                      2.  

                        This point has been made may times, and it boils down to “localized” or “downstream” freedom. Do you give Alice the power to restrict/control their users? Alice could have extended the engine with a mechanism that requires her to be paid every month, or that (for whatever reason) only works on Intel CPUs. By not releasing the source, and allowing the software to be modified+shared, “Carol” is dependent on Alice, or is not allowed to port the engine to her Raspberry Pi. That’s certainly less freedom for her (setting aside that this is “just” a game engine we are discussing). And there are a lot more “Carol”s than there are “Alice”es.

                        I’m quite pro-copyleft, and I see it in the same terms (albeit less extreme) as we would dismiss anyone who claims that the fact he can’t own a slave limits his freedom. It’s the freedom to restrict others (“permissive”) vs the freedom from foreign control.

                        1.  

                          You can also draw an analogy (I think direct but perhaps not quite) to negative vs positive rights. Permissive licenses grant negative rights to do whatever you want with the software, while copyleft grants positive rights to have access to free software.

                          I’m rather sad that all rhetoric about rights tends toward negative rights, even though that’s not what most people care about once a baseline of negative rights is established.

                        2.  

                          remember that free software has no restrictions on commercial use. so when you say “if he tries to sell this thing that he spend so long on, he could get a cease-and-desist,” you are either mistaken, or employing a rhetorical trick.

                          it would be more honest to say that bob can’t prevent people from reading and modifying the source code of his game. this may or may not make it more difficult to make money on, depending on the circumstances.

                          with a clear view of the situation, people can decide for themselves whether the freedom to violate other peoples’ freedom is a worthy criteria for what makes a license “free.”

                        3.  

                          and to prevent organizations and people with political views specific activist programmers find distasteful from being able to freely use useful software

                          what do you mean by this exactly?

                          is there any reason releasing code under the GPL would not satisfy the wants of these smaller companies?

                          1.  

                            what do you mean by this exactly?

                            The people who promote licenses like this want to be able to write software under a license that is widely-accepted as open-source but that also bans their political enemies from using the software.

                            is there any reason releasing code under the GPL would not satisfy the wants of these smaller companies?

                            The GPL allows software licensed under it to be used for any purpose, and creating a SaaS product that competes with the SaaS product the core developers of the software use to fund themselves is “any purpose”.

                      3.  

                        challenging capitalism is perfectly compatible with iterative improvements. you can make iterative steps to put more resources and power in the hands of working people, and less in the hands of corporations. the importance of free software comes when you see that proprietary software is one lever of power that corporations can use against working people.

                        1.  

                          It’s a nice idea (Who doesn’t want to live in a world where everything is free? Oh wait. A lot of people :) but I’d rather focus on ideas that help us iteratively improve the current situation.

                          Capitalism != markets. If you’d like I’d be happy to answer questions, but this is my usual recommendation for friends who have been taught that all market systems are “capitalism”. https://m.youtube.com/watch?v=ysZC0JOYYWw

                        1. 1

                          dennis ritchie top-posts.

                          1. 2

                            Ken Thompson.

                            1.  

                              i Fucked up

                          1. 1

                            number of people i’ve recruited to join the unionization campaign

                            1. 15

                              IPv6 is just as far away from universal adoption…as it was three years ago.

                              That seems…pretty easily demonstrably untrue? While it’s of course not a definitive, be-all-end-all adoption metric, this graph has been marching pretty steadily upward for quite a while, and is significantly higher now (~33%) than it was in 2017 (~20%).

                              (And as an aside, it’s sort of interesting to note the obvious effect of the pandemic pushing the weekday troughs in that graph upward as so many people work from home.)

                              1. 7

                                I wouldn’t count it as “adoption” if it’s basically a hit or miss if your provider does it or not. So they do the natting for you?

                                Still haven’t worked at any company (as an employee or being sent to the customer) where there was any meaningful adoption.

                                My stuff is available via v4 and v6, unless I forget, because I don’t have ipv6 at home, because I simply don’t need it. When I tried it, I had problems.

                                Yes, I’m 100% pessimistic about this.

                                1. 13

                                  I adopted IPv6 around 2006 and finally removed it from all my servers this year.

                                  The “increase” in “adoption” is likely just more mobile traffic, and some providers a have native v6 and NAT64 and… shocker… it sucks.

                                  IPv4 will never go away and Jeff Huston is right: the future is NAT, always has been, always will be. The additional address space really isn’t needed, and every device doesn’t need its own dedicated IP for direct connections anyway. Your IP is not a telephone number; it’s not going to be permanent and it’s not even permanent for servers because of GEODNS anyway (or many servers behind load balancers, etc etc). IPs and ports are session identifiers, no more, no less.

                                  You’ll never get rid of the broken middle boxes on the Internet, so stop believing you will.

                                  The future is name-based addressing – separate from our archaic DNS which is too easily subverted by corporations and governments, and we will definitely be moving to a decentralized layer that runs on top of IP. We just don’t know which implementation yet. But it’s the only logical path forward.

                                  DNSSEC and IPv6 are failures. 20+ years and still not enough adoption. Put it in the bin and let’s move on and focus our efforts on better things that solve tomorrow’s problems.

                                  1. 21

                                    What I find so annoying about NAT is that it makes hard or impossible to send data from one machine to another, which was pretty much the point of the internet. Now you can only send data to servers. IPv6 was supposed to fix this.

                                    1. 8

                                      Now you can only send data to servers

                                      It’s almost as if everyone that “counts” has a server, so there’s no need for everyone to have one. This is coherent with the growing centralisation of the Internet.

                                      1. 18

                                        It just bothers me that in 2020 the easiest way to share a file is to upload to a server and send the link to someone. It’s a bit like “I have a message for you, please go to the billboard at sunshine avenue to read it.”.

                                        1. 4

                                          There are pragmatic reasons for this. If the two machines are nearby, WiFi Direct is a better solution (though Apple’s AirDrop is the only reliable implementation I’ve seen and doesn’t work with non-Apple things). If the two machines are not near each other, they need to be both on and connected at the same time for the transfer to work. Sending to a mobile device, the receiver may prefer not to grab the file until they’re on WiFi. There are lots of reasons either endpoint may remove things. Having a server handle the delivery is more reliable. It’s more analogous to sending someone a package in a big truck that will wait outside their house until they’re home and then deliver it.

                                          1. 3

                                            Bittorrent and TCP are pretty reliable. You’re right about the ‘need to be connected at the same time’ though.

                                            1. 2

                                              Apple’s AirDrop is the only reliable implementation I’ve seen and doesn’t work with non-Apple things

                                              Have you seen opendrop?

                                              Seems to work fine for me, although it’s finicky to set up.

                                              https://github.com/seemoo-lab/opendrop

                                            2. 2

                                              I think magic wormhole is easier for the tech crowd, but still requires both systems to be on at the same time.

                                              1. 1

                                                https://webwormhole.io/ works really well!

                                            3. 7

                                              This is coherent with the growing centralisation of the Internet.

                                              My instinct tells me this might not be so good.

                                              1. 4

                                                So does mine. So does mine.

                                              2. 2

                                                Plus le change…

                                                On the other hand, servers have never been more affordable or generally accessible: all you need is like $5 a month and the time and effort to self-educate. You can choose from a vast range of VPS providers, free software, and knowledge sources. You can run all kinds of things in premade docker containers without having much of a clue as to how they work. No, it’s not the theoretical ideal by any means, but I don’t see any occasion for hand-wringing.

                                                1. 1

                                                  I’ve always assumed the main thing holding v6 back is the middle-men of the internet not wanting to lose their power as gatekeepers.

                                                2. 6

                                                  Nobody in their right mind is going to use client machines without a firewall protecting them and no firewall is going to by default accept unsolicited traffic form the wider internet.

                                                  Which means you need some UPnP like mechanism on the gateway anyways. Not to map a port, but to open a port to a client address.

                                                  Btw: I’m ha huge IPv6 proponent for other reasons (mainly to not give centralized control to very few very wealthy parties due to address starvation), but the not-possible-to-open-connections argument I don’t get at all.

                                                  1. 8

                                                    Nobody in their right mind would let a gazillion services they don’t even know about run on their machines and let those services be contacted from the outside.

                                                    Why do (non-technical) people need a firewall to begin with? Mainly because they don’t trust the services that run on their machines to be secure. The correct solution is to remove those services, not add a firewall or NaT that requires traversing.

                                                    Though you were talking about UPnP, so the audience there is clearly the average non-technical Windows user, who doesn’t know how to configure their router. I have no good solution for them.

                                                    1. 8

                                                      Why do (non-technical) people need a firewall to begin with? Mainly because they don’t trust the services that run on their machines to be secure

                                                      Many OSes these days run services listening on all Interfaces. Yes, most of them could be rebound to localhost or the local network interface, but many don’t provide easy configurability.

                                                      Think stuff like portmap which is still required for NFS in many cases. Or your print spooler. Or indeed your printer’s print spooler.

                                                      This stuff should absolutely not be on the internet and a firewall blanket-prevents these from being exposed. You configure one firewall instead of n devices running m services.

                                                      1. 3

                                                        Crap, good point, I forgot about stuff on your local network you literally cannot configure effectively. Well, we’re back to configuring the router, then.

                                                    2. 1

                                                      If the firewall is in the gateway at home, then you can control it, and you can decide to forward ports and allow incoming connections to whatever machine behind it. If your home NAT is behind a CGNAT you don’t control, you are pretty much out of options for incoming connections.

                                                      IPv6 removes the need for CGNAT, fixing this issue.

                                                      1. 2

                                                        Of course but I felt like my parent poster was talking from an application perspective. And for these not much changes. An application you make and deploy on somebodies machine still won’t be able to talk to another instance of your application on another machine by default. Stuff like STUN will remain required to trick firewalls into forwarding packets.

                                                    3. 3

                                                      Yeah but this is not a fair statement. If we had no NAT this same complaint would exist and it would be “What I find so annoying about FIREWALLS is they make it hard or impossible to send data from one machine to another…”

                                                      But do you really believe having IPv6 would allow arbitrary direct connections between any two devices on the internet? There will still have to be some mechanism for securely negotiating the session. NAT doesn’t really add that much more of a burden. The problem is when people have terribly designed networks with double NAT. These same people likely would end up with double firewalls…

                                                      1. 2

                                                        Of course, NAT has been invented for a reason, and I’d prefer having NAT over not having NAT. But for those of us that want to play around with networks, it’s a shame that we can’t do it without paying for a server anymore.

                                                        1. 1

                                                          I really do find it easier to make direct connections between IPv6 devices!

                                                          Most of the devices I want to talk to each other are both behind an IPv4 NAT, so IPv6 allows them to contact each other directly with STUN servers.

                                                          Even so, Tailscale from the post linked is even easier to setup and use than IPv6, I’m a fan.

                                                      2. 17

                                                        The “increase” in “adoption” is likely just more mobile traffic

                                                        Even if so, why the scare quotes? They’re network hosts speaking Internet Protocol…do they not “count” for some reason?

                                                        You’ll never get rid of the broken middle boxes on the Internet, so stop believing you will.

                                                        Equipment gets phased out over time and replaced with newer units. Devices in widespread deployment, say, 10 years ago probably wouldn’t have supported IPv6 gracefully (if at all), but guess what? A lot of that stuff’s been replaced by things that do. Sure, there will continue to be shitty middleboxes needlessly breaking things on the internet, but that happens with IPv4 already (hard to think of a better example than NAT itself, actually).

                                                        It’s uncharacteristic because I’m generally a pessimistic person (and certainly so when it comes to tech stuff), but I’d bet that we’ll eventually see IPv6 become the dominant protocol and v4 fade into “legacy” status.

                                                        1. 4

                                                          I participated in the first World IPv6 Day back in 2011. We begged our datacenter customers to take IPv6. Only one did. Here’s how the conversation went with every customer:

                                                          “What is IPv6?”

                                                          It’s a new internet protocol

                                                          “Why do I need it?”

                                                          It’s the future!

                                                          “Does anyone in our state have IPv6?”

                                                          No, none of the residential ISPs support it or have an official rollout plan. (9 years later – still nobody in my state offers IPv6)

                                                          “So why do I need it?”

                                                          Some people on the internet have IPv6 and you would give them access to connect to you with IPv6 natively.

                                                          “Don’t they have IPv4 access too?”

                                                          Yes

                                                          “So why do I need it?”

                                                          edit: let’s also not forget that the BCP for addressing has changed multiple times. First, customers should get assigned a /80 for a single subnet. Then we should use /64s. Then they should get a /48 so they can have their own subnets. Then they should get a /56 because maybe /48 is too big?

                                                          Remember when we couldn’t use /127 for ptp links?

                                                          As discussed in [RFC7421], "the notion of a /64 boundary in the
                                                          address was introduced after the initial design of IPv6, following a
                                                          period when it was expected to be at /80".  This evolution of the
                                                          IPv6 addressing architecture, resulting in [RFC4291], and followed
                                                          with the addition of /127 prefixes for point-to-point links, clearly
                                                          demonstrates the intent for future IPv6 developments to have the
                                                          flexibility to change this part of the architecture when justified.
                                                          
                                                        2. 10

                                                          I adopted IPv6 around 2006 and finally removed it from all my servers this year.

                                                          Wait, you had support for IPv6 and your removed it? Did leaving it working cost you?

                                                          1. 3

                                                            Yes it was a constant source of failures. Dual stack is bad, and people using v6 tunnels get a terrible experience. Sixxs, HE, etc should have never offered tunneling services

                                                            1. 8

                                                              I’m running dual stack on the edge of our production network, in the office and at my home. I have never seen any interference of one stack with another.

                                                              The only problem I have seen was that some end-users had broken v6 routing and couldn’t reach our production v6 addresses, but that was quickly resolved. The reverse has also been true in the past (broken v4, working v6), so I wouldn’t count that against v6 in itself, though I do agree that it probably takes longer for the counter party to notice v6 issues than they would v4 ones.

                                                              But I absolutely cannot confirm v6 to be a “constant source of failures”

                                                              1. 3

                                                                The only problem I have seen was that some end-users had broken v6 routing and couldn’t reach our production v6 addresses, but that was quickly resolved.

                                                                This is the problem we constantly experienced in the early 2010s. Broken OSes, broken transit, broken ISPs. The customer doesn’t care what the reason is, they just want it to work reliably 100% of the time. It’s also not fun when due to Happy Eyeballs and latency changes the client can switch between v4 and v6 at random.

                                                              2. 1

                                                                Is there any data on what the tunnelling services are used for though? Just asking because some friends were just using them for easier access to VMs that weren’t public per se, or devices/services in a network (with the appropriate firewall rules to only allow trusted sources)

                                                            2. 2

                                                              This is the first time I downvoted a post so I figure I’d explain why.

                                                              For one, you point to a future of more of the status quo: More NAT, IPv4. But at the same time you also claim the world is going to drop one of the biggest status quo’s of DNS for a wholly brand new name resolution service? Also, how would a decentralized networking layer be able to STUN/TURN the 20+ layers of NAT we’re potentially looking at in our near future?

                                                              1. 1

                                                                Oh no, we aren’t going to drop DNS, we will just not use it for the new things. Think Tor hidden services, think IPFS (both have problems in UX and design, but are good analogues). These things are not directly tied to legacy DNS; they can exist without it. Legacy DNS will exist for a very long time, but it won’t always be an important part of new tech.

                                                              2. 2

                                                                The future is name-based addressing – separate from our archaic DNS which is too easily subverted by corporations and governments, and we will definitely be moving to a decentralized layer that runs on top of IP. We just don’t know which implementation yet. But it’s the only logical path forward.

                                                                So this would solve the IPv4 addressing problem? While I certainly agree with “every device doesn’t need its own dedicated IP”, the amount us usable IPv4 addresses is about 3.3 billion (excluding multicast, class E, rfc1918, localhost, /8s assigned to Ford etc.) which really isn’t all that much if you want to connect the entire world. It’ll be a tight fit at best.

                                                                I wonder how hard it would be to start a new ISP, VPS provider, or something like that today. I would imagine it’s harder than 10 years ago; who do you ask for IP addresses?

                                                                1. 1

                                                                  Some of the pressure on IPv6 addresses went away with SRV records. For newer protocols that baked in SRV from the start, you can run multiple (virtual) machines in a data center behind a single public IPv4 address and have the service instances run on different ports. For things like HTTP, you need a proxy because most (all?) browsers don’t look for SRV records. If you consider IP address + port to be the thing a service needs, we have a 48-bit address space, which is a bit cramped for IoT things, but ample for most server-style things.

                                                              3. 5

                                                                That graph scares me tbh. It looks consistent with an S-curve which flattens out well before 50%. I hope that’s wrong, and it’s just entering a linear phase, but you’d hope the exponential-ish growth phase would at least have lasted a lot longer.

                                                                1. 3

                                                                  Perhaps there’s some poetic licence there, but 13% in 3 years isn’t exactly a blazing pace, and especially if we assume that the adoption curve is S-shaped, it’s going to take at least another couple of decades for truly universal adoption.

                                                                  1. 7

                                                                    It’s not 13%, it’s 65%. (13 percentage points.)

                                                                    1. 1

                                                                      Yup, right about two decades to get to 90% with S-curve growth. I mean, it’s not exponential growth, but it’s steady and two decades is about 2 corporate IT replacement lifecycles.

                                                                    2. 2

                                                                      That seems…pretty easily demonstrably untrue? While it’s of course not a definitive, be-all-end-all adoption metric, this graph has been marching pretty steadily upward for quite a while, and is significantly higher now (~33%) than it was in 2017 (~20%).

                                                                      I think that’s too simplistic of an interpretation of that chart; if you look at the “Per-Country IPv6 adoption” you see there are vast differences between countries. Some countries like India, Germany, Vietnam, United States, and some others have a fairly significant adoption of IPv6, whereas many others have essentially no adoption.

                                                                      It’s a really tricky situation, because it requires the entire world to cooperate. How do you convince Indonesia, Mongolia, Nigeria, and many others to use IPv6?

                                                                      So I’d argue that “IPv6 is just as far away from universal adoption” seems pretty accurate; once you start the adoption process it seems to take at least 10-15 years, and many countries haven’t even started yet.

                                                                      1. 1

                                                                        How do you convince Indonesia, Mongolia, Nigeria, and many others to use IPv6?

                                                                        By giving them too few IPv4 blocks to begin with? Unless they’re already hooked on carrier grade NAT, the scarcity of addresses could be a pretty big incentive to switch.

                                                                        1. 1

                                                                          I’m not sure if denying an economic resource to those kind of countries is really fair; certainly in a bunch of cases it’s probably just lack of resources/money (or more pressing problems, like in Syria, Afghanistan, etc.)

                                                                          I mean, we (the Western “rich”) world shoved the problem ahead of us for over 20 years, and now suddenly the often lesser developed countries actually using the least amount of addresses need to spend a lot of resources to quickly implement IPv6? Meh.

                                                                          1. 2

                                                                            My comment wasn’t normative, but descriptive. Many countries already starve for IPv4 addresses.

                                                                            now suddenly the often lesser developed countries actually using the least amount of addresses need to spend a lot of resources to quickly implement IPv6?

                                                                            If “suddenly” means they were knew it would happen like 2 decades ago, and “quickly” means they’d have over 10 years to get to it… In any case, IPv6 has already been implemented in pretty much every platform out there. It’s more a matter of deployment now. The end points are already capable. We may have some routers who still aren’t IPv6 capable, but there can’t be that many by now, even in poorer countries. I don’t see anyone spending “a lot” of resources.

                                                                      2. 1

                                                                        perhaps the author is going by the absolute number of hosts rather than percentage

                                                                      1. 4

                                                                        It’s been more than a decade since the Syndications Wars but I’m still an Atom guerilla - here’s the Atom spec.

                                                                        1. 2

                                                                          I’ve mostly been a consumer, up until Google Reader shut down, and more recently with the release of NetNewsWire 5, so I haven’t really looked at the specs, nor have I formed an opinion on one or the other. (That being said, Atom does generally look like a net improvement over RSS).

                                                                          Ideally, I’d like to see more adoption for JSON feeds. Also interesting is the Indieweb take against external files: https://indieweb.org/feed

                                                                          1. 2

                                                                            why pray tell

                                                                            1. 3

                                                                              It’s less ambiguous, and has a bunch of nice additional features over RSS (links, separation of publication and modification date, a better extensibility story than RSS, &c).

                                                                              1. 2

                                                                                sounds mostly good but the “extensibility story” has me worried

                                                                                1. 2

                                                                                  In practice, it doesn’t seem to have mattered. OStatus was built on top of atom, while the iTunes podcast extensions were built on top of RSS. The relative success and failure was dominated by the usefulness and politics surrounding the extension itself, rather than the ability of the syndication format to support it.

                                                                                  1. 1

                                                                                    How so? Atom’s basic extensibility - <link> tags - is pretty straightforward and covers a lot of cases that would require ad hoc extensions. The <content> element was thoughtfully designed to allow it to be general (you could specify the MIME type of the contents of the element) while keeping the base case of text and HTML straightforward. These kind of things are thoughtfully designed and consistent.

                                                                                    1. 1

                                                                                      sometimes i worry about extensibility because whether or not an extension is “ad hoc,” it requires support from the client.

                                                                                2. 2

                                                                                  Atom is a “real” spec - it takes care of embedded HTML etc.

                                                                                  Also RSS is promoted by Dave Winer, who is a bit of a d*ck.

                                                                                  1. 2

                                                                                    what do you mean “takes care of”? i see html embedded in rss all the time.

                                                                                    1. 2

                                                                                      As the linked Profile says:

                                                                                      The specification has lacked clarity regarding whether HTML is permitted in elements other than an item’s description, leading to wide variance in how aggregators treat character data in other elements. This makes it especially difficult for a publisher to determine how to encode the characters “&” and “<”, which must be encoded in XML

                                                                                      Atom has no such lack of clarity.

                                                                              1. 10

                                                                                I think people expert in (and more or less married to) an existing text tool are the ones you don’t want to be watching if you’re developing new text editing tools. They’re not going to switch until everybody else around them has, if then.

                                                                                If you want to learn about regular people using text, and how you can improve their lives (and these are the people you should target if you’re developing something new) you’d want to look at videos of Jane Sixpack using Word, or G Docs, or an author (not a programmer) using Scrivener, things like that.

                                                                                1. 4

                                                                                  you’d want to look at videos of Jane Sixpack using Word, or G Docs,

                                                                                  I just realised the mighty G has giga-datapoints of how people type.

                                                                                  1. 3

                                                                                    what’s your reasoning?

                                                                                    1. 7

                                                                                      Because these people are almost universally married to their text editors. Not because of some innate goodness in the way they operate, just because that’s the one they’re used to, and the one they’ve customised. There’s very little knowledge about text-editing-in-general to be extracted, and they’re the worst possible market for a new text editing experience.

                                                                                      1. 2

                                                                                        Why exactly would you want to cater to people who won’t take the time to learn about features you implement? I’m not disagreeing, I actually thought of a handful of reasons while writing this, but I’m interested in the reasons you have.

                                                                                        1. 1

                                                                                          It’s not so much you want to targeting people who won’t invest time, it’s that the ones who already have are very unlikely to switch until other people have already jumped on-board with something new and are harping on about how great their new thing is.

                                                                                        2. 1

                                                                                          what knowledge would you expect to gain from observing normies using popular word processors?

                                                                                          1. 1

                                                                                            It would help you see how people do | expect to interact with text on a screen when they haven’t had their expectations moulded over years of getting into the text-editing equivalent of a butt-groove in the couch.

                                                                                            1. 1

                                                                                              this begs the question that M$ word or google docs are not just as much a butt groove in the couch.

                                                                                              are you saying the goal should be to conform to the butt grooves already made by tech giants, because those are the ones normies are used to?

                                                                                      2. 2

                                                                                        I’d think you’d want both, as these super-expert users may have customized tools or workflows that would still be useful to the normies that you might want to expose to them.

                                                                                        1. 2

                                                                                          I’m not saying there’s no value in existing editors and their users or anything like that. I too am an old hacker who’s probably too set in his ways. It’s just that people who are that much into their text editor are that way because they’ve tweaked it over years to exactly their personal tastes, the end result being more a reflection on the individual journey of that user over their career, rather than any particular features of the editor in question (besides the fact that it’s very customisable).

                                                                                      1. 10

                                                                                        My current torrenting setup is an old Dell Optiplex with some additional storage added running FreeBSD 12. Inside FreeBSD, I have 3 jails:

                                                                                        1. Transmission. All networking from this jail is sent through wireguard (the go userspace implementation is fast enough, but I’ll switch it to the kernelspace version if it materializes)

                                                                                        2. Minidlna - for streaming to my TV

                                                                                        3. Samba - for convenience and because it was so easy to set up.

                                                                                        I have an a+rw zfs dataset /zroot/media specifically for the torrents, and it’s nullfs mounted inside the three jails at their default directories, so there’s very little config file changes needed for the above software.

                                                                                        I’ll upgrade the hardware to something quieter and with more storage soon, but I’ll probably keep the same set up as it’s proved to be pretty much zero maintenance over the last several months.

                                                                                        1. 2

                                                                                          I’d love a deeper dive into your setup (some write-up on configuration of those jails, specially). I’m relatively new to FreeBSD and jails, but how you describe your use of them seems like a great way to learn more.

                                                                                          1. 4

                                                                                            I’ll see if I have time this evening to do a write-up, but it will more likely be this weekend. I manage the jails using iocage (mostly out of laziness), so I’m not sure you’ll learn much from my configuration.

                                                                                          2. 1

                                                                                            i currently use sshfs and nfs rather than samba because i found the samba setup to be more difficult. is it possible to use samba as a public read-only service, without defining user accounts?

                                                                                            1. 1

                                                                                              Yeah, it’s possible to enable guest access on samba. Here’s my entire smb4.conf:

                                                                                              [global]
                                                                                              map to guest = Bad User
                                                                                              
                                                                                              [torrents]
                                                                                              comment = Torrent Library
                                                                                              path = /media
                                                                                              browsable = yes
                                                                                              guest ok = yes
                                                                                              guest only = yes
                                                                                              read only = no
                                                                                              create mask = 0755
                                                                                              

                                                                                              sshfs and nfs

                                                                                              NFS doesn’t play well with wifi IIRC, and I have too many wireless devices. That being said, I’ll probably set up an NFS server at some point whenever I get around to fixing up my SunBlade 100 (the HDD is broken, as well as the NVRAM battery, so I may as well just boot it diskless). I use sshfs occasionally, but usually it’s easier just to scp or sftp the files I need.

                                                                                          1. 13

                                                                                            Finish reading 1984. I’m halfway through and man it feels like it was written by an oracle.

                                                                                            1. 3

                                                                                              His nonfiction books The Road to Wigan Pier and Down and Out in Paris and London are also excellent.

                                                                                              1. 1

                                                                                                Homage to Catalonia is also essential. Perhaps the best work of long-form journalism.

                                                                                              2. 1

                                                                                                I have recently started reading his book Why I Write. It pulled the curtain back a little on books like 1984 and lead me to think the problems he writes about aren’t new, they just seem to have a fresh coat of paint in the modern world.

                                                                                                Also one piece of advice given with little context to avoid any spoilers. Don’t skip reading the appendix. For anyone not worried about spoilers or without a copy on hand: Spoiler

                                                                                                1. 2

                                                                                                  Which is of course funny because we use one orwellian term in our daily lives these days: social distancing.

                                                                                                  Misusing language seems popular.

                                                                                                2. 1

                                                                                                  If you want another prophetic story J.G. Ballard’s The Intensive Care Unit is about social distancing.

                                                                                                  It’s available in The Complete Stories of J.G. Ballard.

                                                                                                  The article Why we are living in J.G. Ballard’s world discusses this story and some of his other works.

                                                                                                  1. 1

                                                                                                    Yeah, it’s a good one. I’d suggest reading some of Orwell’s other stuff too, or if you like a nice pairing go read Brave New World as a chaser…two vastly different approaches to dystopia.

                                                                                                    1. 1

                                                                                                      Thanks got the recommendation - will check it out

                                                                                                      1. 1

                                                                                                        Two vastly different approaches to describe our modem day lives.

                                                                                                        1. 1

                                                                                                          I recently read Homage to Catalonia and was very impressed - Orwell talks about his experience as a soldier in the Spanish civil war and you can see how that experience so directly influenced his thoughts and writing.

                                                                                                      1. 9

                                                                                                        A few months back ACM sent all the members finances. I don’t seem to have saved the sheet, but I remember something like 95% of their revenue coming from digital library subscriptions. They can’t afford to go completely free for that reason.

                                                                                                        On the other hand, I vaguely remember most of that 95% being institutional subscriptions, so making it free for individuals might be doable.

                                                                                                        EDIT: found it!

                                                                                                        1. 4

                                                                                                          then let’s just fund the ACM directly rather than funding research that we then have to pay for again in order to access it.

                                                                                                        1. 40

                                                                                                          If you absolutely have to use reddit, for the love of all that’s good, use old.reddit.com.

                                                                                                          1. 14

                                                                                                            I also recommend the the old reddit redirect addon: https://addons.mozilla.org/en-US/firefox/addon/old-reddit-redirect/

                                                                                                            IDK if it still happens, but there was a time when you would suddenly be dumped onto the new reddit while browsing old reddit, and this solves that issue.

                                                                                                            1. 1

                                                                                                              it happens when clicking a link from modmail on mobile. very annoying since I can’t even see how to moderate a post in the new UI; I have to manually edit the URL first and add back the ‘old’.

                                                                                                              1. 2

                                                                                                                if you phone is anything but iOS i think you can install the addon

                                                                                                              2. -1

                                                                                                                Thanks, but I don’t use Firefox anymore, nor install it, except for occasional testing.

                                                                                                                The only time I get dumped back into new reddit, at this time, is when I’m on mobile, and then “Request Desktop site” fixes it.

                                                                                                                However, this happens despite me requesting that it doesn’t in the preferences, so I think it’s going to keep happening more and more often.

                                                                                                                1. 12

                                                                                                                  Thanks, but I don’t use Firefox anymore, nor install it, except for occasional testing.

                                                                                                                  Why?

                                                                                                                  1. 10

                                                                                                                    You should probably create an “Ask Lobsters: Why don’t you use Firefox anymore?” thread. Otherwise we’ll just end up hijacking this thread with off topic information.

                                                                                                                    1. 4

                                                                                                                      In my opinion, outside of internal technologcal advances, which are many, Firefox has become Google’s lackey, and most of their UI design decisions are led by Chrome. I don’t like what they’re doing with the UI, and I don’t like how there is a shitton of “telemetry”; I am neither skilled enough, nor dedicated enough to disable all of it.

                                                                                                                      Also, I think it’s not the best idea to use it from a security standpoint, due to it being in the top 3 most popular browsers.

                                                                                                                      1. 1

                                                                                                                        The same can be said for any flavor of chromium, what are you using where you feel comfortable in the amount of data collection without changing default settings regarding telemetry and error collection?

                                                                                                                        1. 1

                                                                                                                          I’m using qutebrowser, which, out of the box, by default, collects and sends no personal data to anyone.

                                                                                                                          Nor does it even have features to do this.

                                                                                                                          The only “telemetry” is the optional crash report, which I am given the option to send on a crash.

                                                                                                                          I think it is illustrative of the sad state of affairs in the browser world that you expect a browser to send personal data to the developer by default.

                                                                                                                          And let’s not beat around the bush here. “Telemetry” is just a deceptive way of saying “personal data”.

                                                                                                                          Anonymization is bullshit, and all kinds of personal details can be recovered from “anonymized” “telemetry” data sent to Google, Mozilla, Apple, Brave, and whoever else.

                                                                                                                          Also, I don’t think that Ungoogled collects personal data, so what you said is not entirely true.

                                                                                                                          1. 2

                                                                                                                            Fair, I use Firefox mainly because I could not find a browser that could handle my day-today development needs outside of a Chromium branch and Firefox. I have really come to enjoy Firefox containers because I do have several identities that are cookie based and using the containers to divide sessions has worked very well. I’ll take a look at the couple browsers you mentioned. Thanks

                                                                                                                    2. 2

                                                                                                                      There are greasemonkey scripts if you’re using a browser that supports using those (I use one with the browser, luakit, I use fulltime)

                                                                                                                      1. 1

                                                                                                                        Thank you for telling me that.

                                                                                                                        My browser does support GreaseMonkey scripts, from what I know.

                                                                                                                        I am not motivated enough to figure out how to install them, nor am I going to try to fix broken websites. I’d rather just avoid them, because I think they are a waste of my time.

                                                                                                                      2. 2

                                                                                                                        there’s also a chrome extention if you’ve heard of that browser

                                                                                                                        1. 3

                                                                                                                          I have heard quite a bit about Chrome, and that’s why it’s not allowed to be installed on my computers.

                                                                                                                          1. 3

                                                                                                                            holding out for edge on linux i see

                                                                                                                            1. 3

                                                                                                                              haha!

                                                                                                                              Yes, I heard through the grapevine Microsoft will be releasing a completely FOSS Edge for Linux with no telemetry any day now.

                                                                                                                    3. 7

                                                                                                                      I am always fascinated by these antiquated interfaces, such as youtube’s &disable_polymer=1, m.facebook.com, text.npr.org, lite.cnn.io. They limit spying opportunities greatly and often allow being free of javascript and still have a worthwhile experience. Interestingly, none of these services offer official RSS despite making sites much more scrapable.

                                                                                                                      Probably shouldn’t talk about it, cause they start taking them down for reasons mentioned above :).

                                                                                                                      1. 14

                                                                                                                        I always have a suspicion that these kind of “antiquated” interfaces as you call them might actually exist when the developers of the system like to use the system but dislike all the crap that marketing and sales makes them put into the UI. You know, to have a usable system for themselves.

                                                                                                                        1. 3

                                                                                                                          I agree. I think mbasic is kept around because otherwise a significant portion of users would quit Facebook.

                                                                                                                        2. 7

                                                                                                                          I’m surprised there is a m.facebook.com, because Facebook has had a mbasic.facebook.com that’s even more stripped down.

                                                                                                                          1. 5

                                                                                                                            When you have a database, you can build many different interfaces for the same data.

                                                                                                                            For example, have you heard of Facebook API?

                                                                                                                            Also, there’s 0.facebook.com. Facebook pays ISPs in poor areas to provide free access to it.

                                                                                                                          2. 4

                                                                                                                            such as youtube’s &disable_polymer=1,

                                                                                                                            Do you just append this to the URL? It doesn’t seem to change anything on my system.

                                                                                                                            1. 7

                                                                                                                              I think that has been removed now. It used to do something and I even have a Firefox plugin that automatically adds it, since the Polymer version used to work really badly in Firefox.

                                                                                                                              1. 5

                                                                                                                                It sadly seems to be true, a shame.

                                                                                                                                You can try out idiotbox.codemadness.org and invidio.us for unofficial solutions.

                                                                                                                              2. 4

                                                                                                                                I don’t think they’re antiquated, I think accessibility is a modern concept, and they work very hard to keep them accessible.

                                                                                                                                I think mbasic is way more impressive than www.facebook.com.

                                                                                                                                1. 3

                                                                                                                                  It is a joke from perspective of the ‘modern’ design. I think they are the most impressive and probs the best solutions for people who care from usable and accessible sites.

                                                                                                                              3. 1

                                                                                                                                I do, and I do.

                                                                                                                                There’s a setting in the global preferences that works almost always, except on unmasked mobile.

                                                                                                                              1. 1

                                                                                                                                VPN services are generally misleading. This isn’t anything new. Either put services that can hold immense control over your data under intense scrutiny before touching them, or run your own.

                                                                                                                                Especially with WireGuard, running your own VPN isn’t at all difficult anymore. If you must use a service, I can vouch for cryptostorm.

                                                                                                                                1. 3

                                                                                                                                  run your own

                                                                                                                                  How do you plan on doing that without giving up more personal data than you would have to for a VPN? A VPS usually requires a credit card or something like that, and physically hosting a server usually requires a ISP.

                                                                                                                                  1. 3

                                                                                                                                    Personally, I’m under the impression that a given VPS provider has less incentive to read your data than a company explicitly advertising VPNs – depends on the provider. However, that’s extremely fair.

                                                                                                                                    1. 1

                                                                                                                                      Preventing people from reading your data is your own responsibility, using a VPN doesn’t make up for encryption. You want to be protected from people collecting your metadata, by obscuring the path and connecting the flow back to you.

                                                                                                                                      I know (or so I’ve heard) that if I were to torrent a movie using a VPN, and some lawyer would request data on who this or that IP was, that they wouldn’t give it out. Doing so would compromise their business, and a lot of people would switch. Try this with a VPS and they’d just forward the accusation on to you. This is even easier when you’re hosting your own hardware. So even if I can imagine a VPN provider would have it easier to make use of the data, I don’t see any alternative that would be less susceptible to that attack, especially when you’re not a rando someone’s trying to scare with strongly worded letters but people are trying to go after you, and your privacy is essential.

                                                                                                                                      1. 1

                                                                                                                                        yeah i would think the opposite, considering that many VPN providers specifically advertise that they don’t keep logs, whereas few if any VPS providers do.

                                                                                                                                    2. 2

                                                                                                                                      I don’t think it’s easy to run your own VPN in a way that doesn’t give immense control over your data to a third party.

                                                                                                                                      1. 4

                                                                                                                                        Immense control over your data may or may not be a bad thing depending on what you are doing. If I live in North Korea and I want to post articles critical of Kim Jong Un, I don’t care if the VPN provider has my blog account password—as long as they are not sharing that data with North Korea. Nowhere else criticizing Kim Jong Un is illegal, so they can have control over all my data, but no power over me.

                                                                                                                                        However, if I live in say Canada and I’m doing something that is illegal in most of the world, I may as well give my data to a hypothetical JucheVPN located in North Korea and let them have all my data since as long as I don’t go to North Korea personally, they have no power over me. They can blackmail me of course, but if they want to make money on VPN services, it’s not in their best interests.

                                                                                                                                        1. 3

                                                                                                                                          man I wish there was a JucheVPN, that’d be awesome

                                                                                                                                        2. 3

                                                                                                                                          So it goes. It’s all dependent on how motivated that third party is to read your data.

                                                                                                                                      1. 12

                                                                                                                                        I always considered it a pity that the tldr project didn’t reuse existing infrastructure by writing the documents in troff and placing them in their own section. So you’d run something like

                                                                                                                                        man 1tldr curl
                                                                                                                                        

                                                                                                                                        that could then easily be aliased to tldr.

                                                                                                                                        1. 1

                                                                                                                                          what would the tldr project be then? a convention for a man page section with a new name? that doesn’t sound like a very impressive resume bullet.

                                                                                                                                          1. 2

                                                                                                                                            Why not? The content is the same, it just doesn’t depend on an additional client to render the document?

                                                                                                                                            1. 0

                                                                                                                                              yeah if you don’t have a custom client the github repo would be awfully bare. if a hiring manager asks to see a personal project, am i supposed to submit just a README?

                                                                                                                                              1. 1

                                                                                                                                                The meat of the project are the documents, regardless of the fact if they were written in markdown or troff, so I still don’t really get your point. The clients aren’t even part of the main repository.

                                                                                                                                                1. 0

                                                                                                                                                  well i didn’t know that. but a true github user would never pass up the opportunity to write a custom command-line tool in their language of choice.

                                                                                                                                        1. 36

                                                                                                                                          There are good reasons for the complexity of text rendering. Developers don’t just add complexity for no reason. In general, if one says “why not just”, one is probably oversimplifying the problem.

                                                                                                                                          1. 7

                                                                                                                                            This article is arguing against “Why not just assume everyone has a high-DPI display since then we can ignore existing solutions and focus on the one that requires everyone to replace the equipment they already have which works fine.”

                                                                                                                                            1. 14

                                                                                                                                              It doesn’t require you to replace anything. I use vector fonts on a non-hidpi display just fine and, I figure I’m not the only one who has been doing this for at least a couple decades? I am however looking forward to upgrading to a hidpi display, not because I need to but because it’s simply better.

                                                                                                                                            2. 3

                                                                                                                                              Well, cause the problem used to be simpler. Using ‘why not just’ also calls into questioning the presuppositions and the nature of issues. The font rendering for typesetting is much less difficult as it is more predictable. Yes, fonts are weird and there are edge cases, but code is still mostly written in pure ASCII set.

                                                                                                                                              Also, it is a rant and not a technical text for a reason.

                                                                                                                                              1. 9

                                                                                                                                                The problem was never simpler, the solutions were merely incomplete, incorrect, and exclusionary.

                                                                                                                                                1. 1

                                                                                                                                                  I think you’re being uncharitable. But, @lich also has a lot of unstated assumptions here. I think they are talking about font usage in a text-only programming environment in a terminal emulator, on a low-DPI display. So yeah, that’s a pretty narrow use case compared to, say, a web browser for use with every possible combination of typographic style and language in the Unicode universe, which is what @mwcampbell ‘s link is about. But it’s a valid enough use case, and relevant in this forum, where people are interested in OS development and simpler solutions in general. The modern typographic rendering libraries are not being threatened here, and of course they’re not going away. But they are so massive and complex as to be exclusionary in their own way.

                                                                                                                                              2. 2

                                                                                                                                                Developers don’t just add complexity for no reason.

                                                                                                                                                HAHAHAHA AHAHAHAHA AAAAHAHAHAHA! ahhhhgh…

                                                                                                                                              1. 13

                                                                                                                                                Dynamic linking is crucial for a proper separation between platform and applications, especially when one or both are proprietary. Would Win32 applications that were written in the 90s still run (more or less) on Windows 10 if they had all statically linked all of the system libraries? I doubt it. And even if they did, would we really want to require applications to be rebuilt, on their developers’ release cycles, before their users could take advantage of improvements in system libraries? I think this concern also applies to complex free-software platforms like GNOME. (And platforms that target a broad user base do need to be complex, because the real world is complex.)

                                                                                                                                                1. 16

                                                                                                                                                  I don’t think it’s a binary choice; in the case of Windows, most applications use the system’s system32.dll, user32.dll, and whatnot, but include other libraries like libwhatnot.dll in the application itself. It’s still “dynamically linked”, but ships its own libraries.

                                                                                                                                                  This is also something that the Linux version of Unreal Tournament does for example: it uses my system’s libc, but ships with (now-antiquated) versions of sdl.so and such, which is how I’m still able to run a game from 1999 on a modern Linux machine.

                                                                                                                                                  I think this kind of “hybrid approach” makes sense, and tries to get the best of both. I think it even makes sense for open source programs that distribute binary releases, especially for programs where it doesn’t really matter if you’re running the latest version (e.g. something like OpenTTD). I think this is also what systems like flatpak and such are doing (although I could be wrong, as I haven’t looked at it much).

                                                                                                                                                  1. 8

                                                                                                                                                    My understanding was that the OP was arguing for a binary choice. I think @ddevault’s reply reinforces that. I actually agree with you about the benefits of a hybrid approach: dynamic linking for platform libraries, static linking for non-platform libraries.

                                                                                                                                                    1. 1

                                                                                                                                                      especially for programs where it doesn’t really matter if you’re running the latest version (e.g. something like OpenTTD)

                                                                                                                                                      Looks like you never played the OpenTTD multiplayer, right? :)

                                                                                                                                                      1. 1

                                                                                                                                                        I didn’t even know there is a multiplayer, haha; I actually haven’t played it in years. It was just the first fairly well-known project that came to mind 😅

                                                                                                                                                        1. 1

                                                                                                                                                          So, to clarify - OpenTTD requires the same version on client and the multiplayer server to participate in game. And it’s pretty strict in that, you can’t even patch the game retaining the same version number. Same thing goes to the list of installed NewGRFs (gameplay extensions/content), but at least this one can be semi-automatically downloaded at clientside before joining.

                                                                                                                                                          1. 1

                                                                                                                                                            Yeah, I assumed as much. I think the same applies to most online games. Still, I can keep using the same old version with my friends for 20 years if it’s distributed as described above, because I want to play it on Windows XP for example, or just because I like that version more (and there are many other applications of course, George RR Martin using Word Perfect 6 is a famous example).

                                                                                                                                                    2. 3

                                                                                                                                                      In the case where an ABI boundary exists between usermode libraries, then a lot of the arguments Drew is making here go away. When that occurs 100% of programs are going to need those dynamically linked libraries, so the benefits of code sharing start to become apparent. (It is true though that dynamically resolving functions is going to slow down program loading on that system compared to one where programs invoke syscalls by index and don’t need a dynamic loader.)

                                                                                                                                                      That said, I think statically linking on Windows is going to offer higher compatibility than you’re suggesting. The syscall interface basically is stable, because any Win32 program can invoke it, so when it changes things break. The reason I’m maintaining my own statically linked C library is because doing so allows my code to run anywhere, and allows the code to behave identically regardless of which compiler is used to generate that code. I’m using static linking to improve compatibility.

                                                                                                                                                      One thing to note about Win32 also is to compare the commit usage of processes when running across different versions of the OS. The result is huge disparities, where new OSes use more memory within the process context. Just write a simple program that calls Sleep(INFINITE) and look at its memory usage. The program itself only needs memory for a stack, but it’s common enough to see multiple megabytes that’s added by system DLLs. Those DLLs are initializing state in preparation for function calls that the program will never make, and the amount of that initialization is growing over time.

                                                                                                                                                      1. 0

                                                                                                                                                        especially when one or both are proprietary

                                                                                                                                                        Proprietary software is bullshit and can be safely disregarded.

                                                                                                                                                        Would Win32 applications that were written in the 90s still run (more or less) on Windows 10 if they had all statically linked all of the system libraries?

                                                                                                                                                        If Win32 had a stable syscall ABI, then yes. Linux has this and ancient Linux binaries still run - but only if they were statically linked.

                                                                                                                                                        would we really want to require applications to be rebuilt, on their developers’ release cycles

                                                                                                                                                        Reminder that the only programs that matter are the ones for which we have access to the source code and can trivially rebuild them ourselves.

                                                                                                                                                        And in any case, this can be turned around to work against you: do we really want applications to stop working because they dynamically linked to library v1, then library v2 ships, and the program breaks because the dev wasn’t around to patch their software? Software which works today, works tomorrow, and works the day after tomorrow is better than software which works today, is more efficient tomorrow, and breaks the day after tomorrow.

                                                                                                                                                        1. 29

                                                                                                                                                          Reminder that the only programs that matter are the ones for which we have access to the source code and can trivially rebuild them ourselves.

                                                                                                                                                          I don’t know, I’ve gotten a lot of mileage out of the baseband code in my phone even though I don’t have access to the source. It’s a security issue, but one whose magnitude is comically smaller than the utility I get out of it. I similarly have gotten a lot of mileage out of many computer games, none of which I have access to the source for. Also, the microcontroller code on my microwave is totally opaque but I count on it every day to make my popcorn.

                                                                                                                                                          If you want to argue “The only programs that respect your freedoms and don’t ultimately lead to the enslavement of their users are the ones for which we have access to the source code”, that’s totally reasonable and correct. By picking hyperbolic statements that are so easily seen to be so, you make yourself a lot more incendiary (and honestly sloppy-looking) than you need to be.

                                                                                                                                                          And maybe coming off as a crank wins you customers, since there’s no such thing as bad press, but don’t be surprised when people point out that you’re being silly.

                                                                                                                                                          1. 1

                                                                                                                                                            I don’t know, I’ve gotten a lot of mileage out of the baseband code in my phone even though I don’t have access to the source. It’s a security issue, but one whose magnitude is comically smaller than the utility I get out of it. I similarly have gotten a lot of mileage out of many computer games, none of which I have access to the source for. Also, the microcontroller code on my microwave is totally opaque but I count on it every day to make my popcorn.

                                                                                                                                                            And this is supposed to be evidence that proprietary programs matter and shouldn’t be disregarded? The context in discussion sites like this is that we can decide to change our programming practices for the programs that we have control over. The defining characteristic of proprietary software is that programmers do not have control, so discussion is irrelevant. Bring the production of baseband code into the public sphere and we can debate whether it should be using dynamic linking (I doubt it even does now).

                                                                                                                                                            1. 1

                                                                                                                                                              whoops I only meant to post one version of this comment…. my b

                                                                                                                                                            2. 1

                                                                                                                                                              I don’t know, I’ve gotten a lot of mileage out of the baseband code in my phone even though I don’t have access to the source. It’s a security issue, but one whose magnitude is comically smaller than the utility I get out of it. I similarly have gotten a lot of mileage out of many computer games, none of which I have access to the source for. Also, the microcontroller code on my microwave is totally opaque but I count on it every day to make my popcorn.

                                                                                                                                                              So you would like to be able to dynamically link a binary with the microcontroller code in your microwave? Come on. If anything these examples reinforce the point that proprietary programs can be disregarded in discussions like this. I don’t think it’s hyperbolic or silly to say so.

                                                                                                                                                            3. 19

                                                                                                                                                              If Win32 had a stable syscall ABI, then yes. Linux has this and ancient Linux binaries still run - but only if they were statically linked.

                                                                                                                                                              Except Windows and everyone solved this at the dynamic linking level, and this goes far beyond just the syscall staples like open/read, and towards the entire ecosystem. Complex applications like games that APis for graphics and sound are far likelier to work on Windows and other platforms with stable whole-ecosystem ABIs. The reality is real-world applications from 1993 are likelier to work on Win32 than they are on Unices.

                                                                                                                                                              That, and Linux (and Plan 9) are the aberration here, not the rule. Everyone else stopped doing this in the 90s if not earlier (SunOS added dynamic linking in the 80s and then as Solaris banned static libc in the early 2000s because of the compat issues it caused). FreeBSD and Mac OS technically allow it, but you’re on your own - when Mac OS changed a syscall or FreeBSD added inode64, the only broken applications were static Go binaries, not things linked against libc.

                                                                                                                                                              That, and some OSes go to more extreme lengths to ban syscalls as static ABI. Windows scrambles syscall numbers every release, OpenBSD forbids non-libc pages from making syscalls, AIX makes you dynamic link to the kernel (because modules can add new syscalls at runtime and get renumbered).

                                                                                                                                                              1. 4

                                                                                                                                                                The reality is real-world applications from 1993 are likelier to work on Win32 than they are on Unices.

                                                                                                                                                                Or the 2000s. Getting Loki games like Alpha Centauri to run now is very hard.

                                                                                                                                                                1. 1

                                                                                                                                                                  Complex applications like games that APis for graphics and sound are far likelier to work on Windows and other platforms with stable whole-ecosystem ABIs. The reality is real-world applications from 1993 are likelier to work on Win32 than they are on Unices.

                                                                                                                                                                  There are half a dozen articles about WINE running and supporting old Windows programs better than Windows 10.

                                                                                                                                                                  Examples:

                                                                                                                                                                  “I have a few really old Windows programs from the Windows 95 era that I never ended up replacing. Nowadays, these are really hard to run on Windows 10.”.

                                                                                                                                                                  “Windows 10 does not include a Windows XP mode, but you can still use a virtual machine to do it yourself.”

                                                                                                                                                                  I specifically remembering there being a shitshow when Windows 10 came out because many applications straight up didn’t work anymore, that runs under Wine.

                                                                                                                                                                  Try again.

                                                                                                                                                                  1. 8

                                                                                                                                                                    Sure, we can play this game of hear-say, but it’s hard to argue if you have an application from 1993, Windows 10 will almost certainly be likelier to run the binary from 1993 than almost any other OS would be - and it does so with dynamic linking.

                                                                                                                                                                    Not to discredit Wine, they do a lot of great, thankless work. I’m more shocked the claim I’m replying to was made, since it seems like it was ignorant of the actual situation with Windows backwards compatibility to score a few points for their pet theory.

                                                                                                                                                                    1. 2

                                                                                                                                                                      I’m more shocked the claim I’m replying to was made, since it seems like it was ignorant of the actual situation with Windows backwards compatibility to score a few points for their pet theory.

                                                                                                                                                                      I’ve never been too interested in Windows as a platform, what I do know is that a whole pile of people in my social group and the social groups I listen to, who use old Windows programs frequently, were ridiculously frustrated that their programs no longer work. And it became a case of “Windows programs I want to run are more likely to work on WINE than they are on Windows”.

                                                                                                                                                                      Sure, that has since been mitigated, but that doesn’t change the fact that for a time, WINE did run programs better than Windows. I’m deeply hurt by the idea that you think it was made to score points.

                                                                                                                                                                      1. 1

                                                                                                                                                                        I’m deeply hurt by the idea that you think it was made to score points.

                                                                                                                                                                        No, I referred to the parent of my initial comment.

                                                                                                                                                                    2. 5

                                                                                                                                                                      Would Wine have ever worked if all Windows programs were statically linked?

                                                                                                                                                                      1. 5

                                                                                                                                                                        Wine does take advantage of dynamic linking a lot (from subbing in Microsoft versions of a library to being able to sub in a Wine version in the first place)

                                                                                                                                                                        1. 1

                                                                                                                                                                          I think, yes. The more interesting question is, would Wine be easier to write if Windows programs were statically linked. My initial guess is yes, because you can ignore a lot of the system and just sub out the foundations. However, I do know that the Windows team did a lot of really, really abysmal things for the purpose of backwards compatibility, so who knows what kind of monstrosity wouldn’t run on static-Windows Wine simply because of that?

                                                                                                                                                                          We’ll never know.

                                                                                                                                                                          1. 1

                                                                                                                                                                            How would you even write wine if Windows programs were statically linked? As far as I know, Wine essentially implements the system DLLs, and dynamically links them to each exe. Without that, Wine would have to implement the kernel ABI and somehow intercept syscalls from the exe. It can be done, that’s how gvisor works, but that sounds harder to me.

                                                                                                                                                                            1. 1

                                                                                                                                                                              I am very likely wrong (since they didn’t decide to go this route in the first place) but I feel that it might be easier to do that. The Kernel ABI is likely a much smaller surface to cover and you have much, much more data about usage and opportunities to figure out the behaviour of the call. As opposed to a function that’s only called a handful of times, kernel calls are likely called hundreds of times.

                                                                                                                                                                              Of course, this doesn’t account for any programs that {do/rely on} some memory / process / etc. weirdness. Which I gather probably a lot, given on what Chen put down in Old New Thing

                                                                                                                                                                    3. 4

                                                                                                                                                                      ancient Linux binaries still run - but only if they were statically linked

                                                                                                                                                                      Or if you have a copy of the whole environment they ran in.

                                                                                                                                                                      I guess that’s more common in the BSD world — people running FreeBSD 4.x jails on modern kernels.

                                                                                                                                                                      1. -9

                                                                                                                                                                        Proprietary software is bullshit and can be safely disregarded.

                                                                                                                                                                        Ah yes, the words of someone who doesn’t use computers to do anything anyone would consider useful.

                                                                                                                                                                        1. 12

                                                                                                                                                                          I disagree with @ddevault’s position, but can we please not let the discussion degenerate this way? I do think the work he’s doing is useful, even if I don’t agree with his extreme stances.

                                                                                                                                                                          1. -3

                                                                                                                                                                            I don’t give leeway to people who are abusive.

                                                                                                                                                                            1. 21

                                                                                                                                                                              But responding with an obvious falsehood, in such a snarky tone, just causes tensions to rise. Or do you truly believe that nothing @ddevault does with computers is useful?

                                                                                                                                                                              I think a more constructive response would be to point out that @ddevault is very lucky to be in a position where he can do useful work with computers without having to use proprietary software. Most people, and probably even most programmers (looking at the big picture), don’t have that privilege. And even some of us who could work full-time on free software choose not to, because we don’t all believe proprietary software is inherently bad. I count myself in the latter category; I even went looking for a job where I could work exclusively on free software, got an offer, and eventually turned it down because I decided I’m doing more good where I’m at (on the Windows accessibility team at Microsoft). So, I’m happy that @ddevault is able to do the work he loves while using and developing exclusively free software, but I wish he wouldn’t be so black-and-white about it. At the same time, I believe hyperbolic snark isn’t an appropriate response.

                                                                                                                                                                              1. 12

                                                                                                                                                                                Much of my career was spent writing “bullshit” software which can, apparently, be “disregarded”. This probably applies to most of us here. Being so disrespectful and dismissive of people’s entire careers and work is more than just “incorrect” IMHO.

                                                                                                                                                                                I like the word “toxic” for this as it brings down the quality of the entire conversation; it’s toxic in the sense that it spreads. I don’t want to jump to mdszy’s defence here or anything, and I agree with your response, but OTOH … you know, maybe not phrase things in such a toxic way?

                                                                                                                                                                              2. 3

                                                                                                                                                                                If I had to add a tag to those comments I’d use ‘idealist’ and that’s not necessarily bad. What do you find abusive in his comments?

                                                                                                                                                                                1. 2

                                                                                                                                                                                  Abuse is about a mixture of effect and intent, and it depends on the scenario and the types of harm that are caused to determine which of those are important.

                                                                                                                                                                                  I don’t think ddevault’s comment was abusive, because of the meaning behind it, and because no harm has been caused. I think the meaning of “Proprietary software is bullshit and can be safely disregarded” was, “I can’t interact or talk about proprietary software in a useful way, so I’ll disregard it”. The fact that it was said in an insulting form doesn’t make it a form of abuse, especially in context.

                                                                                                                                                                                  In context, software made proprietary, is itself harming people who are unable to pay for it, and in a deep way. It’s also harming the way we interact with computers, and stifling innovation and development severely. I don’t think insulting proprietary software, which is by far the most dominant form of software, and the method of software creation that is supported by the deeply, inherently abusive system known as “capitalism”, that constantly exploits and undermines free software efforts, can be meaningfully called abuse when you understand that context. And I think people who are so attached to working on proprietary software that they get deeply hurt by someone insulting it, should take a good long introspective period, and rethink their attachment to it and why they feel they need to protect that practice.

                                                                                                                                                                                  1. 1

                                                                                                                                                                                    Proprietary does not mean that it costs money.

                                                                                                                                                                                    1. 2

                                                                                                                                                                                      Of course not, but monetarily free software that does not provide the source code is worse, because there’s literally no excuse for them not to provide it. They do not gain anything from not providing the source code, but still they choose to lock users into their program, they do not allow for inspection to ensure that there is no personal data being read from the system, or that the system is not altered in harmful ways. They do not allow people to learn from their efforts, or fix bugs in what will soon be an unmaintained trash heap. And they harm historical archival and recovery efforts immensely.

                                                                                                                                                                                      Every example of “Monetarily free but proprietary software” that I can think of, either does very, very dubious things (like I-Orbit’s software, which is now on most malware scanners lists), or is old and unmaintained, and the only reason why people use it is because either they’re locked into it from their prior use, or because it is the only thing that does that task. Those people will experience the rug being pulled from under them after a year or two as it slowly stops working, and might never be able to access those files again. That, is a form of abuse.

                                                                                                                                                                                      1. 0

                                                                                                                                                                                        This is absolutely not as much of a massive societal issue as you make it seem. Perhaps spend your time thinking about more important things.

                                                                                                                                                                                        1. 1

                                                                                                                                                                                          That’s a nice redirect you have there. Flawlessly executed too, I literally would not have noticed it if I did not have intimate experience with the way abusers get you off topic and redirect questions about their own actions towards other people.

                                                                                                                                                                                          Anyway, I’ll bite.

                                                                                                                                                                                          I live with two grown adults, neither of which touch computers except when they absolutely have to, and I have observed the mental strain that they go to because programs they spent decades using, and had a very efficient workflow with, have stopped working. I also know dozens of other people who experience the same thing.

                                                                                                                                                                                          One of them literally starts crying when they have to do graphics work, which is part of their job as an artist, because there’s not enough time in the day for them to learn newer image editors, and because all of the newer options for use that actually do what they need, are ridiculously intimidating, badly laid-out, and work in unexpected ways with no obvious remedy, and conflicting advice from common help-sources. True, this could (and should) be solved by therapy, but it’s foolish to disregard the part that proprietary software has to play in this. Maybe you just don’t live around people whose main job is not “using a computer”?

                                                                                                                                                                                          I do not see what you have invested in proprietary software, such that you feel the need to call someone’s offhand insult against it, “abusive”.

                                                                                                                                                                                          1. 1

                                                                                                                                                                                            Kindly tell me more about how anyone who isn’t neurotypical has been welcomed with open arms into FOSS communities. I’ll wait.

                                                                                                                                                                                            1. 2

                                                                                                                                                                                              I myself am a neuro-atypical and queer software developer. Do you want to talk down to me some more?

                                                                                                                                                                                              Again you are redirecting the question towards a different topic. The topic we were originally talking about is “Is insulting proprietary software abusive”, and now you want to talk about “Queer and Neuro-atypical acceptance in Free Software communities”.

                                                                                                                                                                                              You still haven’t told me how insulting proprietary software is abusive. I’m still very interested in reading your justification for that.

                                                                                                                                                                                              Just because the culture that’s grown around free software (and, to be honest, that free software has grown around) is very, very shitty, doesn’t mean that non-free software is good, or something worthy of protection. The culture around free software is fundamentally one of sharing, that’s literally the core tenet. The culture around proprietary software is worse, since it’s literally only about gate-keeping, that’s the only foundation it has. Free software can be improved by changing the culture. There is nothing to change about proprietary software.

                                                                                                                                                                                              It’s a real shame that many of the more prolific founders of free software were libertarians, but that is still a mistake that we can correct through social, cultural changes and awareness.

                                                                                                                                                                                              Proprietary software is fundamentally an offshoot of Capitalism, and wouldn’t exist without that. It literally only exists under an abusive system, and supports it. The contributions of free software members are preyed upon by capitalist companies for gain, so that they can profit off the backs of those people without giving back.

                                                                                                                                                                                              1. 1

                                                                                                                                                                                                Fun fact: not once did I say that ddevault is abusive by saying proprietary software is shit. He’s just abusive. I’ve witnessed him be abusive to my friends by saying they’re awful people for using non-free software.

                                                                                                                                                                                                Fuck capitalism, fuck ddevault.

                                                                                                                                                                                                1. 1

                                                                                                                                                                                                  Fun fact: not once did I say that ddevault is abusive by saying proprietary software is shit. He’s just abusive. I’ve witnessed him be abusive to my friends by saying they’re awful people for using non-free software.

                                                                                                                                                                                                  Fuck capitalism, fuck ddevault.

                                                                                                                                                                                                  Ah! I didn’t pick up on that, sorry!

                                                                                                                                                                                                  1. 1

                                                                                                                                                                                                    I apologize as well.

                                                                                                                                                                                  2. -1

                                                                                                                                                                                    Labeling ddevault’s position as abusive is itself absusive, even if you think his position is wrong.

                                                                                                                                                                                    1. 1

                                                                                                                                                                                      I don’t think someone who genuinely believes that someone was being abusive, and calling that out, can themselves be called “abusive”. Abuse is about a mixture of effect and intent, and it depends on the scenario and the types of harm that are caused to determine which of those are important.

                                                                                                                                                                                      I don’t think ddevault’s comment was abusive, because of the meaning behind it, and because no harm has been caused. I think the meaning of “Proprietary software is bullshit and can be safely disregarded” was, “I can’t interact or talk about proprietary software in a useful way, so I’ll disregard it”. The fact that it was said in an insulting form doesn’t make it a form of abuse, especially in context.

                                                                                                                                                                                      In context, software made proprietary, is itself harming people who are unable to pay for it, and in a deep way. It’s also harming the way we interact with computers, and stifling innovation and development severely. I don’t think insulting proprietary software, that is supported by the deeply, inherently abusive system known as “capitalism”, that is by far the most dominant form of software, and the method of software creation that exploits and undermines free software efforts, can be meaningfully called abuse when you understand that context. And I think people who are so attached to working on proprietary software that they get deeply hurt by someone insulting it, should take a good long introspective period, and rethink their attachment to it and why they feel they need to protect that practice.

                                                                                                                                                                                    2. -8

                                                                                                                                                                                      Seems like you don’t deserve any leeway yourself, then.

                                                                                                                                                                                      1. 0

                                                                                                                                                                                        Okay.

                                                                                                                                                                              3. 1

                                                                                                                                                                                How many binaries from Windows 95 are useful today? I’m not sure that’s a strong argument.

                                                                                                                                                                                Software that is useful will be maintained.

                                                                                                                                                                                1. 3

                                                                                                                                                                                  This is a short-sighted argument. Obscure historic software has its merit, even if the majority of people won’t ever use it.

                                                                                                                                                                              1. 25

                                                                                                                                                                                A lot of statistics here that, amusingly, would have been difficult or impossible to gather on a system that had followed this article to its logical conclusion.

                                                                                                                                                                                Over half of your libraries are used by fewer than 0.1% of your executables.

                                                                                                                                                                                It’s unclear to me that this supports a general conclusion that shared libraries aren’t. 1000 out of 1338 (75%) of libraries are shared by at least two binaries. The median and mean number of sharers per library are 4 and 50 respectively.

                                                                                                                                                                                Incidentally, I have fewer shared libraries than ddevault with 724, of which 542 are shared, with median sharers 4 and mean 27.

                                                                                                                                                                                Is loading dynamically linked programs faster? Findings: definitely not

                                                                                                                                                                                Hopefully not news to anyone.

                                                                                                                                                                                On average, dynamically linked executables use only 4.6% of the symbols on offer from their dependencies. A good linker will remove unused symbols.

                                                                                                                                                                                On the assumption that everything with 2340 symbols depends on exactly linux-vdso, ld-linux and libc, the average for these alone is 5.3%. There are 535 such binaries using 66761 symbols. I don’t really want to get into measuring the sizes of these symbols, particularly since I can’t get them from the source, but that sounds like at least a few full copies of libc to me. And that’s only the binaries that depend on libc alone.

                                                                                                                                                                                Will security vulnerabilities in libraries that have been statically linked cause large or unmanagable updates? Findings: not really

                                                                                                                                                                                1 GiB might be a large update for some. But I think the bigger problem here is that it’ll be harder to find the dependents of statically linked libraries, and you’ll be relying on packagers to rebuild those dependents—not a given if you use unpackaged or third-party-packaged software.

                                                                                                                                                                                1. 13

                                                                                                                                                                                  1 GiB might be a large update for some.

                                                                                                                                                                                  I am actually cloning the git source right now. I started it almost 25 minutes ago and the current status is:

                                                                                                                                                                                  Receiving objects:  46% (133068/288976), 89.50 MiB | 76.00 KiB/s
                                                                                                                                                                                  

                                                                                                                                                                                  Not everyone is on a high-speed link – a large number of people aren’t – and minimizing file size has quite some value in its own right IMO.

                                                                                                                                                                                  edit: it finished, started at 23:09, finished at 23:41; download size 138M. I have actually forgotten what I wanted to check in the git source now haha

                                                                                                                                                                                  I do kind of like static linking, but it certainly comes with its own downsides. As with many things, it’s all about trade-offs.

                                                                                                                                                                                  1. 5

                                                                                                                                                                                    If you don’t need commit history, use:

                                                                                                                                                                                    git clone --depth 1 <repo>
                                                                                                                                                                                    

                                                                                                                                                                                    it significantly reduces the time and cost of download.

                                                                                                                                                                                    1. 2

                                                                                                                                                                                      Yeah, thanks; I use it often. In this case I wanted to get some data on the Perl usage, but I’ve also been planning to do some authorship statistics on various popular open source projects, so I figured I might as well grab the full history.

                                                                                                                                                                                    2. 4

                                                                                                                                                                                      Not everyone is on a high-speed link – a large number of people aren’t – and minimizing file size has quite some value in its own right IMO.

                                                                                                                                                                                      I imagine shipping binary diffs could bring down the size considerably.

                                                                                                                                                                                      1. 3

                                                                                                                                                                                        or shipping code diffs and compiling locally

                                                                                                                                                                                    3. 18

                                                                                                                                                                                      A lot of statistics here that, amusingly, would have been difficult or impossible to gather on a system that had followed this article to its logical conclusion.

                                                                                                                                                                                      The ecosystem has been all-in on shared objects for well over a decade and the tooling has been built alongside it. If we went all-in on static linking we might have similar tools for it. Already now I can think of several alternative approaches to determine most of these stats for statically linked programs, though they’re more time-consuming and would be improved by access to a theoretical tooling ecosystem which would exist around static linking.

                                                                                                                                                                                      It’s unclear to me that this supports a general conclusion that shared libraries aren’t. 1000 out of 1338 (75%) of libraries are shared by at least two binaries. The median and mean number of sharers per library are 4 and 50 respectively.

                                                                                                                                                                                      Okay, but the number of binaries on my system is 5,688. To translate your figures proportionally, 2 binaries is 0.04%, 4 binaries is 0.07%, and 50 binaries is 0.8%.

                                                                                                                                                                                      Is loading dynamically linked programs faster? Findings: definitely not

                                                                                                                                                                                      Hopefully not news to anyone.

                                                                                                                                                                                      Believe it or not someone actually made this claim on Mastodon while I was preparing this page, which is why I included it. Dynamic linking definitely suffers from some cargo culting.

                                                                                                                                                                                      1 GiB might be a large update for some

                                                                                                                                                                                      It’s not an update, it’s the sum of all updates for 2019. And that’s before using differential updates, which could theoretically reduce this to negligible amounts.

                                                                                                                                                                                      it’ll be harder to find the dependents of statically linked libraries

                                                                                                                                                                                      This information exists in your package manager. If you’re using third-party or hand-compiled software, aye, this is not going to help you, but it was also never going to help you with vulnerabilities in that software itself.

                                                                                                                                                                                    1. 1

                                                                                                                                                                                      I’m totally wierded out that I have never heard about NUCs until a few months ago, although they have existed for years, apparently. Since I have recently moving back from a laptop-orienter workflow to a desktop (but for technical and health/posture reasons), I have found NUCs quite interesting, and it’s great to see that free software works well on them – to a certain degree.

                                                                                                                                                                                      And I’m glad to finally see a “review” from a developers perspective. Most of what I found until now was “Not good enough for games” and “Great for Office Work”, especially this part:

                                                                                                                                                                                      that isn’t the fastest in the world, but it is about an 1:15 faster than my x270 with its 2015 i5-6300U. The difference 5ish years makes.

                                                                                                                                                                                      I have a x230 from 2012 with a i5-3320MT, so the difference would be even more noticeable.

                                                                                                                                                                                      On that note, is there any real-world difference between the fat-NUC with the extra HDD space and the thin one? Like is one louder or warmer?

                                                                                                                                                                                      1. 1

                                                                                                                                                                                        On that note, is there any real-world difference between the fat-NUC with the extra HDD space and the thin one? Like is one louder or warmer?

                                                                                                                                                                                        I’ve used both types. There may be slight differences but I didn’t notice any. I think it comes down to whether you to be able to fit a 2.5” drive (a major convenience which is worth the extra height IMO).

                                                                                                                                                                                        1. 1

                                                                                                                                                                                          So I guess that if you have an external hard-drive, the difference is negligible.

                                                                                                                                                                                          1. 2

                                                                                                                                                                                            Note that both variants also have an M.2 slot with PCIe X4 lanes. I have a BEH and initially used a 2.5” SATA SSD that I had lying around already. Later I replaced it with an NVMe SSD.

                                                                                                                                                                                            When I got the NUC, the price difference between the BEH and BEK was really small, so you may want to get a BEH for the extra expansion option.

                                                                                                                                                                                            1. 1

                                                                                                                                                                                              having an external hard-drive doesn’t necessarily mean you have no use for an internal 2.5” drive. but if you aren’t using the internal drive then yes.

                                                                                                                                                                                              1. 1

                                                                                                                                                                                                The only difference between is the enclosure size. One has room for a 2.5 HD, the other doesn’t. The board is exactly the same for both variants, so the “short” variant still has a SATA port, just no room for anything to plug into it.

                                                                                                                                                                                                I tried to find the tall one but then thought with current SSD prices and reliability I can go with a 500GB SSD and just bought the short one that was in stock.

                                                                                                                                                                                            2. 1

                                                                                                                                                                                              Glad to hear it helped. It is remarkably hard to find good comparisions for build workloads, CPU bench marks do help though. If I look at my build machine Xeons, laptops and this NUC on passmark the realitive single core performances do compare reasonably well.

                                                                                                                                                                                            1. 6

                                                                                                                                                                                              I feel like it’s worse in that the text is bigger, “about” is squeezed into a very small column in my browser, it just looks cluttered. The curved edges are nice though.

                                                                                                                                                                                              1. 2

                                                                                                                                                                                                I feel like it’s worse in that the text is bigger,

                                                                                                                                                                                                For me, the text is significantly smaller. It looks like they’re overriding my font size selection – which I’d bumped up so that I would be able to read it more easily.

                                                                                                                                                                                                Other than that, meh; it looks low contrast and lopsided on wide screens, but I’m not really using github for pretty looks.

                                                                                                                                                                                                1. 0

                                                                                                                                                                                                  of course it’s worse. still better than GitLab though.

                                                                                                                                                                                                1. 5

                                                                                                                                                                                                  DNS names map to IP addresses. In principle, it is possible to have multiple IP addresses for a single computer, and make each process listen on a different IP address.

                                                                                                                                                                                                  Hard to make a concrete suggestion without knowing more of the requirements, but for example you could have each process on the application server run a script on the DNS server via SSH, which changes the DNS configuration to point to the IP address that the process is using.

                                                                                                                                                                                                  1. 3

                                                                                                                                                                                                    DNS names map to IP addresses

                                                                                                                                                                                                    Some of them do. SRV records; however, map to a port and DNS record name. If you have a DNS updating API, you can publish SRV records that advertise the location of the service. You can have multiple SRV records for the same resource, so you could do a single DNS query to get a complete list of all of the nodes if it’s small enough.

                                                                                                                                                                                                    1. 1

                                                                                                                                                                                                      SRV records sound interesting, I’m only familiar with CNAME, A, and AAAA so far. Do you know of any particularly great resources / tutorials to read / code more about SRV records along my use case or similar?

                                                                                                                                                                                                      1. 2

                                                                                                                                                                                                        The Wikipedia page is actually pretty good. It describes the format. For your use case, I imagine that you’d want to set a very short (1-10 second) TTL so that they were quickly invalidated, though you may set something longer and just handle the case that some nodes drop out in your system.

                                                                                                                                                                                                        Note that this can be complicated if you want these to be run on consumer connections. If you’re behind a NAT you may need to do some more clever work to figure out your public IP and the port that’s being forwarded (e.g. via a STUN server or UPnP / IGDP). From your post below, it sounds as if you’re just exposing a public server that multiple clients connect to, so DNS SRV records might be a good choice.

                                                                                                                                                                                                        If you’re providing a (potentially) different connection endpoint for each spreadsheet, then you can use this as your addressing layer. If you name sheets as something like {sheet name}.{username}.{your domain}, then you’d look up something _yingw787sheet._tcp.{sheet name}.{username}.{your domain} to get the host IP and port of the server. Or, if you want to give users the ability to transfer ownership of sheets and rename them, you’d do use a CNAME entry for {sheet name}.{username}.{your domain} that would then return a domain in the form {UUID}.{your domain}, and then you’d do the SRV lookup on _yingw787sheet._tcp.{UUID}.{your domain}. That also makes it fairly trivial for other people to host instances of the service and even lets people do their own namespace management while using your hosted version.

                                                                                                                                                                                                        Of course, like most other uses of DNS, this is a horrible abuse and not what DNS was designed for. You may find that free DNS providers start to object when they see that you have 100,000 DNS entries in a single domain with short TTLs and thousands of requests per second.

                                                                                                                                                                                                    2. 1

                                                                                                                                                                                                      I’m thinking about using Route 53 as my DNS server, and I don’t think I have SSH access. I think I do have API access to create and destroy records though. If I use DNS-based service discovery (which I know nothing about currently), would it be possible to register an EC2 instance with a master process to DNS upon provisioning, then have the master process issue API calls to DNS for each process? If this stack does work, how might this change if I add in a proxy layer?

                                                                                                                                                                                                    1. 1

                                                                                                                                                                                                      can anyone summarize the differences between caddy 1 and 2? i did a little searching but didn’t turn up anything.

                                                                                                                                                                                                      i know both support http/2 (a minus for me) so there must be something else that made a new version worth writing.

                                                                                                                                                                                                      1. 1

                                                                                                                                                                                                        From what I can tell it’s just a rewrite to avoid the hacky decisions made in v1.

                                                                                                                                                                                                        https://caddyserver.com/docs/v2-upgrade

                                                                                                                                                                                                        What could go wrong :)?

                                                                                                                                                                                                        1. 2

                                                                                                                                                                                                          looks like the old config files were black and white while the new ones use syntax highlighting. that’s… something.