1.  

    Might I recommend replacing:

    cscope */*.c */*.h */*/*.c */*/*.h */*/*/*.c */*/*/*.h
    

    with

    cscope **/*.{c,h}
    

    Still a fantastic article, just hoping to make your UNIX life a bit better :)

    1.  

      Thank you! I didn’t know about **.

      Still a fantastic article, just hoping to make your UNIX life a bit better :)

      Wow… thanks!!!

      1.  

        Wouldn’t [ch] also work?

      1. 40

        I’ll never be a fan of JavaScript.

        Funny to read this on a website that doesn’t load if JavaScript is disabled :).

        1. 15

          What is especially odd since it’s mostly text.

          1. 1

            This is to ensure the text doesn’t jump around when the fallback font is replaced by the webfont after it finished loading. I don’t think there is a way to do this without JS, since even font-display: block results in “a short block period”.

            So basically you have to choose between two suboptimal options, and when you consider that practically all users see the text swapping and roughly 99.8% of users have JS, the JS requirement isn’t so odd.

            1. 29

              If you use Javascript to add the webfont and the display:none (or whatever), it should Just Work.

              Progressive enhancement has been a thing for over 20 years. I was using these techniques as an intern in 2005.

              1. 14

                This.

                It’s not that it’s impossible, or even that it’s hard. It’s that people don’t care.

                1.  

                  I think it’s fair to assume the author cares. That doesn’t mean they had time to figure it out. It’s obvious in hindsight, but not necessarily trivial to think of or to find such a jewel in the growing cesspit of bad advice that is the Internet.

              2. 20

                There is another option here and it rhymes with “don’t use web tonts”

                1. 22

                  He’s a typographer, and sells both fonts and books about typography. There’s no way he can serve his business properly with shitty default web typography.

                  1.  

                    Given the experience, I’d suggest that web fonts are the ‘shitty’ option here.

                    My browser (on all my devices) comes with a font that’s literally optimised for better display on a high PPI screen.

                    That one page, of pure text with a single video embedded (ok so one image because it loads a preview) is 5.8MB. 4MB of that is CSS embedding fonts.. that is shitty.

                    1. 5

                      Having a web page that crashes PageSpeed Insights sure helps.

                      1. 5

                        web typography that changes as you are reading it is shitty web typography. the only non-shitty web typography is that which is built into the client. if anyone should understand this, a web typographer should.

                        CSS lets you suggest the use of fonts which may or may not be installed. beyond that, typography can be showcased via file formats such as GIF, JPEG, and PNG.

                        1. 9

                          web typography that changes as you are reading it is shitty web typography. the only non-shitty web typography is that which is built into the client. if anyone should understand this, a web typographer should.

                          He’s not a “web typographer.” But, I digress. Progressive loading of documents on the web is part of the problem here. If we didn’t have shitty browsers, shitty networks, shitty people who have no patience, then a browser could blit the entire rendered page to the screen and you’d see the right thing, the right way.

                          But, things are imperfect. Quite imperfect. But, I can assure you that the state of the web has improved a lot over the last 25 years, so maybe the state of the art for putting good typography on the web can/will, too.

                          typography can be showcased via file formats such as GIF, JPEG, and PNG.

                          The whole point of typography is to arrange text to be accessible and appealing (i.e. you worry about kerning and leading to ensure that the text can be read without confusion). Putting it in images might make it “appealing” but certainly reduces the accessibility of it, and the usefulness of it.

                          1. 6

                            But do I really want to wait half a minute to load a page and start reading because the author demands I have the exact presentation? I’d rather start reading usably as early as possible, then enhance when my connection gets to it.

                            1. 5

                              I don’t think da Vinci would prefer that you see the Mona Lisa one square inch at a time…

                              Why do we not consider the author’s presentation choices valid? Why do we treat creators of content so abusively?

                              Prince (the musician) pretty famously defended his copyrights so that he could control the experience of listeners. That’s well within his rights to do so…why not authors of web content?

                              (I don’t believe Butterick has a license that requires you to view his content only in the way it is presented, but does ask that you pay to support him if you can)

                              1.  

                                CSS is not and has never been about making pixel perfect layouts.

                                If you want to control the layout to the pixel, deliver an SVG, or a PDF, or if you must, an image.

                                1.  

                                  It may not have been intentional, but you can actually get 95% of visitors to see the exact pixels you wanted without a tremendous amount of work if you know the platform well.

                                  1.  

                                    “Pixel perfect” requirements enforced via glorified screenshot comparison type integration testing is not really uncommon in the industry

                                    1.  

                                      Even 10-12 years ago I was working with frontenders who could reliably get a design to look right in both the browsers clients cared about - IE6 and Firefox.

                                      TBH, if I could figure out how to reliably turn off font antialiasing, I’d use screenshot comparisons all the damn time.

                                2.  

                                  I don’t think da Vinci would prefer that you see the Mona Lisa one square inch at a time…

                                  One of best comebacks of the year. Great way to make the point.

                                  1.  

                                    The Mona Lisa is one of the most famous paintings in the world.
                                    A web page with tracking scripts isn’t remotely comparable.
                                    Why do the author’s presentation choices trump the right of the client to render the page?
                                    I don’t think it’s abusive to use high contrast mode, disable JavaScript, use NVDA or use Lynx for that matter.

                                    1.  

                                      Why do you think the point was that blog posts were equatable artistically with Mona Lisa and not that artists ideally should universally be respected for their intentions? Sure, you could say those intentions are stupid, and maybe even from that, that the art sucks. But the point is that it’s still the work of the artist at the end of the day, and you should be judging them on those terms, and not taking the work at nothing more than surface value, such as by assuming that some random person on the internet has any tenable control over how the standards of their livelihood are negotiated such as to not permit correct rendering as a page loads without the use of javascript.

                                3.  

                                  He’s not a “web typographer.”

                                  If he’s not web typographing, I don’t know what he’s doing.

                                  But, I can assure you that the state of the web has improved a lot over the last 25 years, so maybe the state of the art for putting good typography on the web can/will, too.

                                  I can assure you it’s gotten much worse, and the state of the art for web typography has along with it. Think how well the linked website accomplishes the goal of allowing text to be “read without confusion,” compared to a 25 year old web site.

                                  1.  

                                    If he’s not web typographing, I don’t know what he’s doing.

                                    This was bad phrasing on my part. Yes, he’s doing typography on the web. But, to my knowledge he’s not on the standards body that defines how that works. He designs fonts. He wants to make them available to use on the web, and uses the standards by which to do that with. Does that make more sense?

                          2. 6

                            I don’t think there is a way to do this without JS

                            Surely a small jump is better than not having text at all ? You could always load a fallback in a <noscript> block.

                        2. 9

                          You don’t have to like JS to use it.

                          1.  

                            Yeah, but if he’s using it as the basis of an argument that Eich does stupid stuff, doesn’t that cut both ways?

                            “WHOA WHOA, you can’t come in here without wiping your feet! OK, now that you’re in: I think Eich’s invention of wiping your feet before you walk in has a lot of stupid in it. Even Eich admits it has a lot of stupid, and therefore his other idea of wearing slippers indoors is also stupid.”

                            That page is blank for me if I turn of JavaScript. If it’s stupid, and Butterick’s making me do it, doesn’t that make Butterick complicit in the stupid too?

                          2.  

                            Isn’t this sort of the same joke as https://thenib.com/mister-gotcha

                            1.  

                              This wasn’t intended in this way, I just actually found it funny that the author dislikes JavaScript but forced readers to use it.

                              Now that I see the off-topic discussion my comment spawned, I regret writing it. I’ll refrain from writing such comments in the future.

                              1.  

                                I don’t think so. This isn’t Butterick trying to improve JavaScript and getting criticism for using it while trying to improve it. I tried turning off JavaScript (because after all, Butterick says it’s stupid) and the page was blank. If it’s so stupid, why is it also mandatory on the page?

                                I think it’s an appeal to authority. “Eich agrees with me that JavaScript is stupid sometimes, so if you agree with Eich, you agree with me. Now I’m going to give you something else to agree with me on.”

                              2.  

                                How else would you get those wonderfully difficult to tap footnote links things. Certainly a linked, js-free number thingy wouldn’t have the same functionality.

                                I can only hope that soon Brave starts blocking and replacing this with a js-free, faster version.

                                1.  

                                  Furthermore, screen readers read those little circles as “degrees”. I had no idea they were supposed to be footnotes.

                              1. 1

                                What’s the context for this?

                                1. 1

                                  Nginx founder used to work for Rambler. Some decade later Rambler sends police apparently claiming that Nginx was developed by the founder during the tenure.

                                  1. 1

                                    17 years ago too….

                                  2. 1

                                    Maybe they set fire to the Адмирал Кузнецов.

                                  1. 23

                                    the way i see it,

                                    • there was a bsd-licensed osxfuse project
                                    • fleischer was the maintainer and pretty much sole developer of it
                                    • lots of companies maintained their own private forks of it, bundling it with proprietary apps and not contributing anything back upstream
                                    • fleischer also maintained his own private fork
                                    • his fork happens to work on catalina
                                    • he is offering companies whose forks do not work on catalina the opportunity to access his source code, as a commercial deal

                                    other than the fact that he deliberately concealed the fact that he was no longer developing a bsd version (presumably so that no one else would bother working on catalina support until it was too late) i have no issues with what he did.

                                    1. 27

                                      I have yet to encounter a free software or open source license that guarantees the freedom to be informed of the author’s otherwise private business plans in advance. :-)

                                      osxfuse became de facto non-free software once the Kernel Extension Signing Certificate was required, much like Linux on the TiVo. Sure, you can change it but then you can’t run it. The fact that it’s no longer gratis isn’t a setback for software freedom at all.

                                      1. 10

                                        An interesting fact about tivoisation that shouldn’t be forgotten is that Linus Torvalds is outspokenly okay with the method.

                                        1. 5

                                          My impression is that opposition to tivoization was mostly from Stallman/FSF.

                                          1. 5

                                            At times I wonder if the FSF’s push against Tivoization was the beginning of their decline. Linus and the Linux kernel ignored them, big companies got cold feet on “free software” and moved to “open source” (and the symptoms of it like say, Mac OS not shipping modern bash, the rise of LLVM, etc.), and the GPLv3 is seen as overreach by lawyers.

                                        2. 1

                                          I have yet to encounter a free software or open source license that guarantees the freedom to be informed of the author’s otherwise private business plans in advance. :-)

                                          that’s a good point :) and if the companies really cared they could have reached out to him and asked if there would be a catalina version, at which point he could have asked them to pay him to work on it.

                                          1. 1

                                            The fact that it’s no longer gratis isn’t a setback for software freedom at all.

                                            It’s a kernel extension for an OS that isn’t free (AFAICT only Mojave source is available and it’s not like you can build MacOS) and seeks to restrict what you can do with it (via Gatekeeper, which can be turned off but is harder to do so than before - this is why I say seeks rather than restricts). I’m not sure there’s that much software freedom to begin with.

                                          2. 12

                                            lots of companies maintained their own private forks of it, bundling it with proprietary apps and not contributing anything back upstream

                                            This is exactly the reason why we have GNU GPL and copyleft.

                                              1. 16

                                                Of course. But „private“ means that you are using given software for your own purposes (at your household or at your company/organization). It is OK that you do not have to publish your changes.

                                                However if someone is „bundling it with proprietary apps“ (which is the case we are talking about), then he is distributing the software to his customers – and at this point GNU GPL comes into play and says that he must share also the source codes with his customers (not with public, but the customers can publish them because GNU GPL grants them this right).

                                                P.S. For the software that is not distributed to the users but is used over the network, there is GNU Affero GPL. And TiVoization is avoided by GNU GPLv3 (since 2007).

                                                1. 1

                                                  Yep, it also does not require upstream commits. Your only obligation to the maintainer is credit and preserving the freedom of the user.

                                                2. 0

                                                  There may not have been anything to commit back upstream (i.e. no changes to osxfuse were made), and the source code for the application is probably not very useful for this osxfuse developer.

                                                  1. 2

                                                    “Maintaining a private fork” implies making changes to the source. If you’re just downloading the code but not making changes to it, you aren’t “maintaining” it.

                                                    1. 1

                                                      “Maintaining a private fork”

                                                      Where is that claim being made? All I see being claimed is that companies are “using” it, not modifying it.

                                                      1. 1

                                                        https://lobste.rs/s/2alill/osxfuse_is_no_longer_open_source#c_1mh8hv:

                                                        lots of companies maintained their own private forks of it, bundling it with proprietary apps and not contributing anything back upstream

                                                        This is exactly the reason why we have GNU GPL and copyleft.

                                                        The very comment you replied to discusses it.

                                                        1. 1

                                                          That’s just the summary/paraphrasing of someone (“the way i see it [..]”); I think they were just making assumptions? I read the article and all linked issues, and don’t see a mention of anything like a “fork”, just “using”, but perhaps I missed it?

                                                          As I understand it forking – private or otherwise – would actually be rather hard (though not impossible) because of the special kernel module signing certificate, which are not so easy to obtain.

                                              1. 2

                                                I have downloaded their repositories and it seems OK. Was some source code or commits deleted? Or just some tags were deleted or redirected to nowhere?

                                                As long as they share the complete source code under a free software license, we could call it free software. But „free“ as in „freedom“ does not equal „free“ as in „free beer“. Free software does not mean that the author is obligated to provide you services (like packages or support) at zero price.

                                                If they have deleted some commits/branches (I see last commit one year ago), it is not nice, but they can do it. This is one of reasons why I run my own Mercurial and Git servers and why I backup/clone interesting software into it. I do not use Mac OS (a proprietary software) so I have not backed this up, but you will probably find someone who has a complete backup.

                                                I would recommend you using a free operating system like GNU/Linux. It has much more friendly culture than proprietary systems and besides the „free as in freedom“ you can usually also get more „free as in free beer“ here.

                                                1. 10

                                                  friendly culture

                                                  I think this very up for debate.

                                                  Also, this doesn’t deal with the core problem - is the economics for free as in beer enforced by free as in freedom sustainable? It seems this closing is a last-ditch reluctant move.

                                                  1. 1

                                                    I think this very up for debate.

                                                    In GNU/Linux I can e.g. install my own kernel module without asking for a permission (a digital signature). And however it does not forbid you using proprietary software, the free software is the norm here which gives you all the rights (to study, modify, distribute, run for any purpose…).

                                                    free as in beer enforced by free as in freedom

                                                    No, „free as in freedom“ does not imply „free as in free beer“ and it does not force you to provide your services or distribute the software at zero price.

                                                    The „free as in freedom“ and copyleft just require you to do the business in an ethical way and be respectful and kind to others (regarding the software).

                                                    1. 2

                                                      In GNU/Linux I can e.g. install my own kernel module without asking for a permission (a digital signature). And however it does not forbid you using proprietary software, the free software is the norm here which gives you all the rights (to study, modify, distribute, run for any purpose…).

                                                      This is not what is meant by culture. There have been known controversies when it comes to “friendliness” in the free software community, involving toxic working environments.

                                                      No, „free as in freedom“ does not imply „free as in free beer“ and it does not force you to provide your services or distribute the software at zero price.

                                                      The „free as in freedom“ and copyleft just require you to do the business in an ethical way and be respectful and kind to others (regarding the software).

                                                      The problem is if I have the freedom to distribute and modify, I have the freedom to distribute it for free (That is, if I sell people a CD with GPLed source, then they have the freedom to distribute it and not give me money.). It’s easy to say “ethical way” without specifying one that can sustain a developer.

                                                      1. 1

                                                        known controversies when it comes to “friendliness” in the free software community

                                                        Good for you. It’s just not what franta was talking about, and he made that clear.

                                                      2. 1

                                                        In GNU/Linux I can e.g. install my own kernel module without asking for a permission (a digital signature).

                                                        Yes but often times you need a piece of information to get this to work and many times you have to put up with some verbal abuse and hazing to get to that piece of information.

                                                  1. 3

                                                    … and all this because Lenovo started to make shitty keyboards (like rest of the World) in laptops since 2012 in W530/T530/T430/…

                                                    This ‘Ultimate T420’ laptop is basically similar to 2017 ThinkPad T25 … it always saddens me how much ‘pointless’ effort is needed to make today a usable laptop with normal 7-row keyboard.

                                                    1. 2

                                                      How are those keyboards shitty? They are widely regarded as some of the best keyboards on laptops. Some even use the travel keyboard which I’m also very fond of. I like the the “new” keyboard more than the old ones, because they feel more crisp and distinguishable (because of the gap between the keys).

                                                      1. 11

                                                        Amongst the best in production laptop keyboards. This is damning with faint praise indeed. I still get a shock when I pick up an old test/toy laptop and rediscover how much better they are to type on.

                                                        1. 6

                                                          So much this.

                                                          Because there are no better alternatives people praise what is available …

                                                        2. 4

                                                          because of the gap between the keys

                                                          The old style still has gaps between the pressable surface of the keys. The keys extend further and almost touch each other, but the bits that extend aren’t reachable; if you compare the shape that your finger can actually touch rather than they way they look, they’re very similar.

                                                          My personal machine has the old style and my work machine has the new style, and I prefer the old one by a significant margin, though they’re both really lousy compared to an external mechanical keyboard.

                                                          1. 1

                                                            really lousy compared to an external mechanical keyboard

                                                            Absolutely. Sadly there’s no laptop with an atreus or ergodox keyboard. I’d love to see a (slim) laptop with an ortholinear split layout keyboard with low profile mechanical keys.

                                                            1. 1

                                                              No, but because of the layout, the random retarded layout of Insert, Home, PageUp, Delete, End, Page Down, Esc, PrintScrn, Scroll Lock, Pause keys. On older ThinkPads they were neatly, and very similarly laid out to a full size keyboard. On other notebooks you had to learn the layout of these special keys for each and every machine, as vendors always shuffled them. for me this was the main selling points of ThinkPads. Btw I also hate the island type keys, but I could get to live with that.

                                                          2. 1

                                                            I don’t notice a quality difference between my X230 Tablet and my X201, keyboard-wise. It’s different, but it’s better than a lot of ThinkPad keyboards I’ve had - the T42 for me was particularly numb feeling.

                                                            And since were seven row keyboards normative outside of ThinkPads? My deep experience with owning multiple ThinkPads is that they’re overrated anyways - quality wise, and including the classic models. I myself have an interest in acquiring a Let’s Note, a particularly high-end JDM laptop series.

                                                            1. 2

                                                              I have owned these ThinkPads:

                                                              • X300
                                                              • T420
                                                              • T420s
                                                              • X220
                                                              • W520
                                                              • T520
                                                              • W530

                                                              From all of the above only W530 keyboard broke - the ‘E’ letter stopped working.

                                                              Besides obvious 6-row (W530) versus 7-row (W520) difference there are other reasons that *20 (or just old) layout is just better for typing without watching. For example SPACES between keys ESC and F1, then SPACE between F4 and F5 keys (another 4 keys block), and SPACE between F12 and INS/DEL keys. These spaces are REALLY missing when you move from the good key island/chicklet bullshit. On *20 keyboard I do not need to think where I need to put my fingers, I just do and HOME or INS are pushed without me even noticing it.

                                                              I have used W530 as a daily driver for 4 years without using ‘classic’ 7-row keyboard laptops and even after these 4 years to hit HOME/END or INS was never ‘transparent’ - for most of the times I needed to check if I hit the right key.

                                                              … and its not only ThinkPads you know? I have used Dell Latitude C600, D630 and E6400 laptops which all have had 7-row keyboards and they also worked great.

                                                              Its just this shitty world where everything that is good/works best - dies or its changed/suppressed by new fashion shit … but millions of flies can not be wrong, aren’t they?

                                                              1. 2

                                                                “good/works best” is subjective. It’s all subjective. Why are you more correct than the “millions of flies”?

                                                                Some people like more keys, some people like less keys. The mainstream is 6-row, it’s the middle of the road, deal with it. You’d like more, I’d like less. The Planck layout sounds fun to me :P

                                                          1. 4

                                                            Small note about the h language. As far as I know the shortest quine producing language is in fact Nothing

                                                            1. 2
                                                              $ touch quine.sh
                                                              $ chmod +x quine.sh
                                                              $ ./quine.sh > quine.out
                                                              $ diff -u quine.sh quine.out
                                                              $
                                                              
                                                              1. 2

                                                                That does work too. You could say that sh is a Nothing interpreter with a lot of extensions.

                                                              1. 4

                                                                This article is a wonderful walkthrough.

                                                                Magit and Orgmode are two reasons why I consistently come back to emacs, but I can’t seem to keep at it and always find myself switching back to vim. :(

                                                                1. 6

                                                                  consider evil-mode, it’s the best of both worlds.

                                                                  1. 2

                                                                    evil doesn’t make you change your mental mode; for me, I “blip” in and out of vi from a shell, whereas you treat emacs more like an IDE you stay in. That’s one of the hard things for me to deal with if I switch to Emacs.

                                                                    1. 6

                                                                      emacs –daemon and emacsclient (combined with alias e "emacsclient -t -c -a ''" lets me get that dropping in and out of it from the shell effect.

                                                                      1. 2

                                                                        I used to use alias vi="emacsclient -t -c -a vi || vi" which automatically falls back to vi/m on whatever system. Obviously the mental model kinda fails when you try and use a powerful Emacs feature having only entered vi, but I found it quite useful.

                                                                1. 18

                                                                  Nice job breaking it, W3C!

                                                                  My concerns/views on this are basically:

                                                                  WASM is bad for posterity, because binaries-by-default instead of source makes it easier to lose programs over time (compounding the issue with things only existing on the Cloud).

                                                                  WASM is bad for users, because it further hides what the software they’re using is doing.

                                                                  WASM is bad for developers, because it removes the utility of a mostly-lingua-franca set of skills and languages for web development and makes it harder to switch jobs.

                                                                  WASM is bad for the web, because it allows standards bodies to give up on producing useful standards in a timely fashion since “users can just build that part of the stack themselves in WASM”.

                                                                  WASM is good for advertisers, because it helps obfuscate ads and increase their performance and invasiveness.

                                                                  WASM is good for surveillance, because it helps make timing attacks more feasible.

                                                                  WASM is good for consultants, because it allows them to ship binaries and hold companies ransom years later for the source.

                                                                  That said, it’s too late to do anything about it.

                                                                  1. 24

                                                                    WASM is good for posterity because nobody but a large company can implement a compliant and performant JS runtime, while WASM is far simpler.

                                                                    WASM is good for users because it makes things possible that were impractical before.

                                                                    WASM is good for developers, because it allows people without expertise in all the weird nooks and crannies of JS to write stuff for the web in a language they find useful.

                                                                    WASM is good for the web, because it allows an opportunity to grow beyond the capabilities of JS without worrying about backwards compat, such as the work being done to expose browsers’ DOM API in WASM without the overhead of going through JS or having to conform exactly to its type system.

                                                                    I certainly agree with your other points. YMMV.

                                                                    1. 10

                                                                      WASM is good for posterity because nobody but a large company can implement a compliant and performant JS runtime, while WASM is far simpler.

                                                                      This is huge. It’s performance is also much easier to understand, which reduces the amount of cross-engine reverse engineering needed for writing performance-sensitive code.

                                                                    2. 24

                                                                      All the cons you mention are things that are already enabled by JS, and people were already doing.

                                                                      • JS minifiers, which are pervasive throughout the web, already prevent posterity and users from understanding what web software is doing.
                                                                      • Language diversity already existed on top of JS: Emscripten, Elm, CoffeeScript, ClojureScript, etc. Knowledge in JS is useless to varying degrees for developers targeting those environments.
                                                                      • People are already side-stepping inept web-standards bodies.

                                                                      WASM just makes use-cases that people were already doing more efficient. Nothing is lost.

                                                                      1. 5

                                                                        I’m going to have to strongly disagree on the language diversity front, because reasons.

                                                                        Like, there’s a future in which old legacy COBOL and Fortran programs are being compiled under WASM.

                                                                        1. 6

                                                                          If we are to throw large list around, here’s one for languages that compile to JavaScript.

                                                                            1. 1

                                                                              Like, there’s a future in which old legacy COBOL and Fortran programs are being compiled under WASM.

                                                                              Yawn, IBM did it four decades ago.

                                                                          1. 6

                                                                            Where JS is good for any of these things it is more or less accidental. If you want these properties then push for systematic change that supports them.

                                                                            Most of the issues here are that you want to consume from entities you distrust. Could either find ways to trust more or seek/build other providers.

                                                                            Trying to foster a demand for reproducible builds of open access code, combined with some infrastructure for reviewing that would be a big positive step.

                                                                            Promoting other revenue streams than surveillance and supporting companies that use those is another good one.

                                                                            1. 5

                                                                              Since you posted memes, I’ll post my own and say your comment was a whole lot of [citation needed].

                                                                              WASM is bad for the web, because it allows standards bodies to give up on producing useful standards in a timely fashion since “users can just build that part of the stack themselves in WASM”.

                                                                              This already happens with JS, are you familiar with SVG animations? Since it’s a big investment to add a WASM build to a page I don’t see this becoming an additional excuse when unnecessarily throwing JS at a problem already works great. When Canvas was being standardized, did you say “this allows standards bodies to give up on CSS because users can just put everything in their own rendering code”?

                                                                              WASM is…bad for posterity, because binaries-by-default instead of source…bad for users, because it further hides what the software they’re using is doing…good for consultants, because it allows them to ship binaries and hold companies ransom years later for the source.

                                                                              Since other users have responded to this thoroughly, I think there’s no comment needed.

                                                                              WASM is good for advertisers, because it helps obfuscate ads and increase their performance and invasiveness. WASM is good for surveillance, because it helps make timing attacks more feasible.

                                                                              I honestly just don’t see this. You’d have to make/link us a POC to show how this is true and not just FUD. The fact of the matter is that WASM is as incredibly niche as Canvas ended up being. It really only offers a meaningful difference imo where allocations and indirection that are unavoidable in JS are painful or a deal breaker for an application. In the real world, the amount of scaffolding required for a WASM application would essentially just fill up the only real bottleneck for advertisers: network I/O. Plus, and you can correct me if I’m wrong, WASM doesn’t get access to any timers that JS doesn’t; timing attacks that work in WASM would likely work just fine in JS.

                                                                              1. 2

                                                                                Canvas hardly niche, though people often use it behind some lib like D3 or whatever.

                                                                                WASM is also already being used in cryptominer malware on sites. The timing attacks are a pretty obvious result of shared memory and multiple threads.

                                                                                On the SVG thing…look, with WASM it becomes possible and maybe even more performant in some cases to replace the entire rendering stack in a browser as well as possibly other things like script interpretation, network parsing, and so forth. In exchange, we get even less visibility into what our apps are doing than we have now.

                                                                                1. 2

                                                                                  Just want to point out that it’s unlikely any user-level code on the browser will replace normal application rendering stacks, either using WASM or JS. If the UI elements on the page are opaque to the browser, then screen-readers and other accessibility features won’t function. That’s just the tip of the iceberg, you’d also have to re-implement IME for your international users.

                                                                                  1. 1

                                                                                    I dunno. WASM interfaces using webgl have already appeared. There’s a text editor written in rust, for example.

                                                                                    1.  

                                                                                      And does that text editor provide accessibility features? Does it provide IME?

                                                                                      1.  

                                                                                        No idea. And I can’t find the project any more, so maybe it’s been abandoned. But in principle there’s no reason it couldn’t be accessible and provide IME.

                                                                                        1.  

                                                                                          Yeah there is, there is no way to integrate with the browser’s native accessibility features outside of using DOM. Screen readers rely on native UI widgets.

                                                                                  2. 1

                                                                                    Now the cryptominer issue is 100% one I could see, and it got me thinking about sites needing to request a capability for a “high-power” mode. However, cryptominer malware isn’t even remotely in the same domain as timing attacks; you’re still just talking anecdotes there.

                                                                                    Canvas hardly niche

                                                                                    With the exception of fingerprinting (a real ongoing API mistake, to allow inspection of rendered canvas data) what percentage of websites you view do you think utilize a canvas?

                                                                                2. 8

                                                                                  Meta: for the five folks who have flagged this as incorrect: nothing I wrote was incorrect. I disclaimed those as my views and concerns. While you can certainly disagree with my conclusions, you can’t claim with any certainty that I am stating them falsely.

                                                                                  Please reserve that flag for inaccurate statements of fact, otherwise people will just abuse it to cudgel users they disagree with.

                                                                                  1. 1

                                                                                    because it helps make timing attacks more feasible.

                                                                                    Until you can demonstrate this, it is false.

                                                                                    1. 1

                                                                                      It is true that I believe it.

                                                                                      As recently as 2 years ago, people working on the problem seemed to to.

                                                                                      Like, regardless of what you seem to think, I’m not just pulling these concerns out of a hat.

                                                                                      Every benefit about WASM being great for high-performance stuff also kinda implies it being useful for making high-precision timers, defeating mitigations put into place elsewhere.

                                                                                      1. 2

                                                                                        It is true that I believe it.

                                                                                        That’s not how you worded it however. You would word it “I believe it might make timing more feasible” or something similar if you wanted to paint it as an opinion. The way you wrote it, I personally read it as though you were writing what you saw as fact.

                                                                                        1. 2

                                                                                          Well, hopefully you’ll read more carefully next time!

                                                                                        2. 2

                                                                                          It is true that I believe it.

                                                                                          With respect, that does not and should not cut the mustard.

                                                                                          Great rebuttal otherwise. You’re right on the money about high performance vs timers.

                                                                                          Mid-term I would hope this argument falls apart as timers become safe, but there’s definitely downsides to making web tech faster.

                                                                                          1. 1

                                                                                            Again, we have the incorrect tag for factual incorrectness. It is a fact I believe what I wrote, and it was not an accident that I put the disclaimer “hey the following are my views” instead of “the following are self-evident immutable laws of conputing”.

                                                                                            If people are punished for expressing their opinions, it doesn’t foster good-faith discussion. People flagging things incorrect because they don’t agree with them means it stops being useful to flag actual inaccurate reporting of reality.

                                                                                            My strong belief is that continued abusing of flags means nobody pays attention to them anyways, and they lose their utility completely. And then we have move closer to just being a Reddit/HN clone.

                                                                                            1. 1

                                                                                              I used the incorrect tag primarily because I personally thought you were writing something as fact which isn’t. That’s that.

                                                                                    2. 4

                                                                                      I agree with your goals, but I think that it is not important whether there is WASM or not. Even the JavaScript – however formally source code and text – can be obfuscated on the source code level, crippled by proprietary licenses on the legal level, and designed user-unfriendly (move certain parts to the server, make unnecessary calls to the server to build more vendor lock-in, implement DRM, spy users etc.).

                                                                                      It is much more about what you (as a provider of a service or software) want to do, rather than what particular technologies (WASM in this case) you will use.

                                                                                      You could also say that ELF binaries in your GNU/Linux distribution are bad and everything should be scripted, because user can read and modify scripts but not binaries. However this does not make sense. What matters is the intention – if we do free software and honestly provide services in an ethical way, we can distribute binaries, because the user can also get the source codes, study them, modify them, build his own software. And if the builds are reproducible, he can even verify that our build originated from the same source codes as he got.

                                                                                      1. 4

                                                                                        If WASM did end up posing a more substantial threat to the user than vanilla JS, I would expect browsers to implement controls like the Java applets of days gone by, at least eventually. Until then, this is still the middle ages of the web, and anything goes!

                                                                                        [Old comment edit: a more substantial comment made by @rian]

                                                                                        Isn’t this all true for Javascript minification already?

                                                                                        1. 5

                                                                                          I believe you are wrong on most counts. It will enable more security, more control and better performance across the whole computing landscape.

                                                                                          Wasm has a wonderful capabilities model built in, it actually has less ability to affect the world outside of its sandbox than JS running in the browser does.

                                                                                          1. 1

                                                                                            I agree that the loss of the lingua-franca can be viewed as a negative thing, but that already happened when we started transpiling other languages to js.

                                                                                            Most of the source found online is already hard to reverse engineer due to js minification anyway. Having to use a prettyprinter + refactoring IDE vs having to use something like IDA or Ghidra isn’t that big of a leap anyway

                                                                                          1. 3

                                                                                            My five-year-old is having a pirate-themed birthday party. There will be a bouncy castle, finger foods, a piñata, and beer.

                                                                                            My older boy doesn’t do birthday parties at home. The new trend is these “indoor play park” things, which are basically enormous fancy play areas with trampolines, zip lines, ball pits, Lazer-Tag, etc. with extensive party facilities. Think Chuck-E-Cheese on steroids, and correspondingly more expensive. The vast majority of the birthday parties I’ve been to for my older son’s friends have been at these places and they’re expensive (for the hosting family, as I have painfully learned).

                                                                                            1. 6

                                                                                              and beer

                                                                                              For the kids?

                                                                                              1. 3

                                                                                                By college, he’ll absolutely dominate at beer pong and quarters. That’s why you start them early.

                                                                                              2. 1

                                                                                                Agreed these indoor play parks are stupid expensive for the host family. (They’re great fun!) Are we systematically excluding some families from our kids’ lives though?

                                                                                                1. 3

                                                                                                  I don’t think so, at least not on the party hosting side. More exclusionary would be the fact that we live in a relatively wealthy suburb, so the set of people who would get invited in the first place (by having met my kids) is limited.

                                                                                                  Before we moved to our current house we lived in a much more diverse area (both demographically and financially). When my first son was born we put him in a church-run preschool in a suburb (we lived in town) because a relative was a teacher there. I remember being irritated when the mom’s group at the preschool released the zip codes for which they’d have rotating playdates and our zip code wasn’t included (even though farther-away ones were). It was pretty obviously either casual racism or classism, or both. I remember mentioning that it seemed unfair and was told, seemingly honestly, that they didn’t want to come to our neighborhood for “safety reasons”.

                                                                                                  1. 1

                                                                                                    Surely there is some family or two in your kids’ peer group which attends but does not host, or does not attend “because” they won’t host in the future? There are such families in mine. Heck, we’ve only hosted once, so far, but attended six or eight. We see the same folks at all these events, and since they represent only a subset of my son’s classroom, it means the same other folks are consistently missing. I think?

                                                                                                    1. 1

                                                                                                      live in a relatively wealthy suburb,

                                                                                                      Yeah, a lot of the exclusion happens there, via zoning and land use laws, in the US at least.

                                                                                                1. 3

                                                                                                  There is certainly a “posix” platform: you distribute your code with a working makefile, and people compile and run it. This is pretty well-defined and it includes most of linux systems except android. You can also distribute 64 bit static linux binaries that will work on most linux systems without trouble. I do not really understand what these gnome guys are talking about.

                                                                                                  1. 5

                                                                                                    POSIX is incredibly nebulous beyond a thin subset, and it doesn’t talk much about things I would consider essential on servers, like how services should be administered, executable formats, or complex threading (Enough to say, write a garbage collector with.).

                                                                                                    There’s a reason any large project of scope eventually accumulates CMake/autotools/meson and a large clump of #ifdefs.

                                                                                                    1. 2

                                                                                                      …services should be administered…

                                                                                                      This is vital even on desktops and mobile devices. It always has been, really.

                                                                                                    2. 5

                                                                                                      From the perspective of the vast majority desktop operating system users, POSIX is as much of a platform as most small cars nowadays share the same frame. It’s an interesting technical detail over a beer, but it doesn’t impact your experience the slightest.

                                                                                                      1. 2

                                                                                                        Tangentially related, but Ive recently been learning Dart, and I noticed that they use “Async by default”:

                                                                                                        • readAsString vs readAsStringSync
                                                                                                        • copy vs copySync

                                                                                                        https://api.dartlang.org/stable/dart-io/File-class.html

                                                                                                        1. 1
                                                                                                        1. 3

                                                                                                          Vendor stores feel like such a dump. Where’s the curation, in the face of so many applications that are outright malware or blatant scams?

                                                                                                          1. 2

                                                                                                            So now I’m curious how exact the overlap has to be. There are a number (3 non-overlapping?) of wifi channels, at (slightly) different frequencies. Does anyone know if this stomps on only one channel? or if it leaks across them all? What determines how wide a frequency range it stomps on? So many questions…

                                                                                                            1. 1

                                                                                                              It stomps on 2.4 GHz. 5 GHz is fine, seemingly.

                                                                                                              1. 1

                                                                                                                Sorry, I meant that 2.4Ghz is a number of different frequency ranges: https://en.wikipedia.org/wiki/List_of_WLAN_channels#2.4_GHz_(802.11b/g/n/ax)

                                                                                                                If the pixel clock is running at - say - 2.417 GHz, does that interfere with channels 5-14? I imagine it does, since I don’t expect the interference to be exact, but I’m curious as to how much “spread” there is and what determines it.

                                                                                                                1. 2

                                                                                                                  It’s a narrow spike near the centre frequency of channel 1, overlaps 1-3 and maybe 4?

                                                                                                                  https://mobile.twitter.com/assortedhackery/status/1200056633898029061

                                                                                                                  But RF receivers don’t have perfect filtering, so it’s possible this is strong enough to swamp the receiver even when it’s tuned to other channels.

                                                                                                                  I haven’t seen anyone discussing whether other Wi-Fi channels work, or not.

                                                                                                                  1. 2

                                                                                                                    Thank you! Now I should go and learn some of the basics of RF circuits.

                                                                                                            1. 9

                                                                                                              tl;dr: The pixel clock on the video running at that resolution “conveniently” overlaps with the 2.4 GHz radio band.

                                                                                                              1. 2

                                                                                                                Sounds like in the rush of releasing a Pi 4 they forgot to test EMI sheilding!

                                                                                                              1. 23

                                                                                                                Have you considered not putting hard end-of-lines at all? This way your mail should be readable by all readers: mobile, tablet, horizontal/vertical, terminal, etc. It would be only a matter of setting your terminal size to 80 chars wide, if your mail reader doesn’t support soft wrapping.

                                                                                                                Sentences in the mail are not code. It’s natural to wrap them. We do it all the time in books, articles, lobste.rs comments, etc. It allows people to use different fonts, different sizes (some people see worse than others, have to use bigger fonts), different devices, etc.

                                                                                                                Is it natural to

                                                                                                                write a comment

                                                                                                                like this? What

                                                                                                                is the point of

                                                                                                                the newline cha-

                                                                                                                racter here?

                                                                                                                That is, of course, with respect for rules imposed by mailing lists. E.g. if OpenBSD mailing list require 72 chars, then everyone should respect this setting.

                                                                                                                1. 5

                                                                                                                  Have you considered not putting hard end-of-lines at all?

                                                                                                                  I think this is the way to go. Every client will be able to render the text the way it looks best. How about limiting lobste.rs to 72 characters? Where’s the difference? That was a rhetorical question :-)

                                                                                                                  On the other hand: This is a classic debate that will most likely never have an end. It’s preference. And thus I have to live with badly readable mail, when reading on mobile.

                                                                                                                  But I tend to prefer tabs instead of spaces, so… what sane person would take me serious?

                                                                                                                  1. 1

                                                                                                                    Sentences in the mail are not code. It’s natural to wrap them.

                                                                                                                    Sentences in e-mail are, however, often quoted. It’s much easier to take one sentence and quote it if it’s on a separate line. Newlines after punctuation are a feature, not a bug when it comes to e-mail.

                                                                                                                    That is, of course, with respect for rules imposed by mailing lists

                                                                                                                    Since people composing their e-mail in e-mail clients would have to go and hunt down the setting to control the line length limit to match the rules imposed by mailing lists, there’s kind of a natural race to the bottom for settings that comply with the most mailing lists.

                                                                                                                    1. 3

                                                                                                                      I’m pretty sure you can select text with a mouse and copy it…

                                                                                                                      1. 2

                                                                                                                        Sentences in the mail are not code. It’s natural to wrap them.

                                                                                                                        Sentences in e-mail are, however, often quoted. It’s much easier to take one sentence and quote it if it’s on a separate line. Newlines after punctuation are a feature, not a bug when it comes to e-mail.

                                                                                                                        Do you suggest that long lines without hard end-of-lines and quoting are incompatible, or hard to perform?

                                                                                                                        But even if, then still, personally I believe that it’s more important that lots of people will be able to conveniently read what I write, than my personal convenience of editing such an e-mail.

                                                                                                                    1. 1

                                                                                                                      I think PureDarwin is really important, to give people a Free Software offramp for their Apple-platform dependency should they find problems with Apple’s products or practices, or find benefits in a FLOSS alternative. Unfortunately, at the time that I got really excited about it, I joined their forums (which are now down) and my posts were met with silence. I’m hoping that this boost of interest gets the community going again.

                                                                                                                      Though I have to say, my track record for getting excited about Apple-adjacent FLOSS projects has not been great. I remember some annoying gatekeeping in the OpenDarwin community. NextBSD seemed to make a splash announcement then disappear (I’d be happy to hear news to the contrary), and MidnightBSD appeared to pivot from a GNUstep-based GUI to a custom ports system. GNUstep is “still going”, but their approach to new API support is to write do-nothing implementations, so you don’t find out that your project can’t be ported until it subtly does the wrong thing at runtime.

                                                                                                                      1. 5

                                                                                                                        The problem with OpenDarwin as an “offramp” is that once you take away Cocoa, the GUI, the apps, etc, you have nothing of the ecosystem left that you couldn’t get on say, Linux or a BSD.

                                                                                                                        1. 1

                                                                                                                          PureDarwin with GNUstep would at least provide a decent chunk of API compatibility. If you could port some apps you’d at least have a partially familiar home.

                                                                                                                          1. 7

                                                                                                                            Not a usable chunk, though. There’s nothing here that privileges this over Linux or BSD as an offramp. People like me who are perfectly comfortable with Unix but continue to use a Macintosh do so predominantly because of the software ecosystem, and the closest thing to an off-ramp for us is Windows.

                                                                                                                            1. 2

                                                                                                                              There’s nothing here that privileges this over Linux or BSD as an offramp.

                                                                                                                              There’s one advantage, and I think it’s a sizeable advantage, in that porting effort would be lower. “You can do this on Linux if you want to port your XPC to dbus, your launchd to systemd, and the other things that we’re going to tell you we have feature parity on” is a less compelling story than “you build your project”.

                                                                                                                              Now, I appreciate that PureDarwin with GNUstep or other Cocoa-like bits is incomplete as a port destination, but it’s a lot less incomplete than Linux with GNUstep or other Cocoa-like bits. And has closing the portability gap as a goal.

                                                                                                                              1. 1

                                                                                                                                This is theoretically true, yes. But I wonder about the number of people doing work that a) does not use any of the Foundation or other Apple specific libraries and b) relies on the non-POSIX behaviour of Darwin. My best guess would be that this number is basically zero.

                                                                                                                            2. 2

                                                                                                                              I don’t think you realize how distantly far behind modern Cocoa GNUstep is.

                                                                                                                              1. 1

                                                                                                                                Sadly, I do.

                                                                                                                              2. 1

                                                                                                                                I don’t think any application written for macOS will be able to run with GNUstep.

                                                                                                                                The project looks more like a mixture of Stockholm and beaten house-partner syndrome to me.

                                                                                                                                1. 1

                                                                                                                                  An application for macOS GUI might be out of reach, but POSIX or command line utility would be something that one could easily test and run. As I mentioned in another comment, the use case I see with PureDarwin is for virtualization and part of the CI, when I can easily test if, for example, rustc works correctly on macOS, without needing to invest a bunch of money for snowflakey macOS boxes.

                                                                                                                          1. 9

                                                                                                                            However, I have to admit, the search results of duckduckgo are by far inferior to what Google used to give.

                                                                                                                            It’s a different search engine, so you should get used to. After a while your searches will get better because you learn how DDG works and you get (almost) the same quality of search results.

                                                                                                                            1. 13

                                                                                                                              DDG is almost as good for most things but one area Google far outshines it, still, is looking for error messages or log strings. DDG seems more competitive than it used to be, but my gut feeling is it’s because Google has gotten worse.

                                                                                                                              1. 11

                                                                                                                                I’ve found that Google’s seemingly changed their algorithm where natural language seem more accurate than keyword-oriented ones.

                                                                                                                                1. 11

                                                                                                                                  I frankly haven’t noticed this myself. I’ve been using Duck Duck Go for years in lieu of Google without complaints.

                                                                                                                                  1. 1

                                                                                                                                    This. I basically use only Ecosia, Duck Duck Go, and a lot of times I’m using lynx as it’s simply very handy, especially if you enable DEFAULT_KEYPAD_MODE:LINKS_AND_FIELDS_ARE_NUMBERED

                                                                                                                                  2. 10

                                                                                                                                    I feel that people that find DDG less powerful are actually missing the tracking features from Google Search. Like auto-geolocalisation, matches corresponding to your past browsing/search, there’s probably some categories of users (especially if you’re connected with your Google account,), …

                                                                                                                                    When I type “Chinese restaurant” on DDG, I don’t get the closest ones by default, whereas on Google, that’s implied.

                                                                                                                                    1. 4

                                                                                                                                      That’s been my experience as well. Once you get used to it the results are acceptable to very good.

                                                                                                                                      Where I think google still excels is on the UI front. If I search for a restaurant on Google I get their hours, reviews, a phone number - everything right up front. If I use DDG I can find the restaurant’s webpage but then have to look myself. I suspect that Google has a deeper data set to pull in, and hope DDG can improve.

                                                                                                                                      1. 2

                                                                                                                                        The UI point is an interesting one - unlike almost every other alternative search engine, DDG has stuck perhaps the closest to Google (imo) in terms of not trying to turn their homepage into an internet portal. It’s a shame about some of the data pull-ins, because iirc DDG started its instant answer things before Google did its equivalent (I might be wrong on that, I only vaguely remember reading it). Regardless, the instant answer API and you can contribute to any of them - perhaps hooking in to a restaurant database is something that you could add?

                                                                                                                                        1. 5

                                                                                                                                          perhaps hooking in to a restaurant database is something that you could add?

                                                                                                                                          I considered that. Regrettably, DuckDuckHack shut down and it looks like it won’t be coming back any time soon. It’s a real shame because now seems like the time for DDG to gather free contributions from programmers fleeing Google.

                                                                                                                                          1. 1

                                                                                                                                            Damn I didn’t realise, that sucks! You’re totally right, it’s a shame as I bet at least a handful of people would be willing to help to make the contribution process nicer.

                                                                                                                                            1. 1

                                                                                                                                              Indeed, that is a shame. As one of those who fled Google, I’ve gotten pretty enthusiastic about DuckDuckGo; it’s the best of the limited options. That said, DDG is still trying to make a profit and I’d really rather see the community rally around entirely open-source efforts.