1. 12

    This is a bit of a wild card, I am not experienced at all with haskell, but my impression is it may not be well suited to imperitive operations like read buffers from a stream and write buffers to a stateful database. I could be totally wrong or ignorant and would like to one day address my ignorance.

    These are things that I use Haskell for!! As Tackling the Awkward Squad says:

    In short, Haskell is the world’s finest imperative programming language.

    1.  

      exactly the type of thing I love to read, thanks :)

      1.  

        Can you mark your PDF? Thanks.

      1. 5

        “This is a complex technical field with nontrivial trade-offs in time and expressiveness! I know, let’s tie it to gender politics and Critical Theory! That’ll solve everything!” — The least likely sentence in the Universe.

        Next up is “Rust: Is Ownership a Reactionary Plot?”

        Edit: OK, this author tipped their hand a bit too much at the end:

        Let’s call a spade a spade.

        This is an outright racist dog-whistle, and isn’t even subtle. I can’t just play along anymore if that’s the level of humor on display. I’ll leave my jokes (such as they are) but I have to call that much out, at least.

        1. 3

          This is an outright racist dog-whistle, and isn’t even subtle.

          Isn’t it? I had no idea until (prompted by your comment) I googled around and found how it’d acquired those implications recently in America. It’s used in Australia without any such nuance, and presumably other countries too. I wouldn’t be quick to assert that it’s a dog whistle, especially not in an article that’s being criticised for leaning too hard in the social justice direction.

          1. 1

            I wouldn’t be quick to assert that it’s a dog whistle, especially not in an article that’s being criticised for leaning too hard in the social justice direction.

            That’s one thing which makes me conclude it’s meant in a racist fashion: The article does lean too hard in a social justice direction, as if it were written by someone trying to discredit that viewpoint by making it look ridiculous, or at least have some fun at its expense.

            Any viewpoint has honest adherents who can make it look ridiculous all on their own, but the combination of factors here made me conclude it is, in fact, a racist dog-whistle.

            1. 2

              as if it were written by someone trying to discredit that viewpoint by making it look ridiculous, or at least have some fun at its expense

              Mmn, now I see what you mean. :/

          2. 1

            ‘Call a spade a spade’ is not a dog whistle and never has been a dog whistle. It’s a common phrase, used all over the world.

            I’ve downvoted you for trolling, because there’s absolutely no way you are unaware that ‘call a spade a spade’ is a common term with no racist implications. You’re flamebaiting and trolling and should go to HackerNews where this kind of discussion belongs.

            1. 1

              ‘Call a spade a spade’ is not a dog whistle and never has been a dog whistle.

              It’s become a dog whistle through usage of “spade” as a term for Black people, and is undeniably questionable at best, and, in the context of an over-the-top hyperbolic attempt to make Liberals look like lunatics, must be interpreted in that fashion.

              1. -1

                ‘Spade’ is not a term for black people, and is not ‘questionable’. Nobody is talking about ‘liberals’ either.

                Stop assuming everyone shares your ridiculous American political ideas.

                1. 2

                  ‘Spade’ is not a term for black people, and is not ‘questionable’.

                  I’ve just demonstrated otherwise.

                  Stop assuming everyone shares your ridiculous American political ideas.

                  And now you’ve tipped your hand, troll.

                  1. 1

                    Turns out that even within a single language, words can have meanings that change by period, context or location. Shocking, I know.

                    1. [Comment removed by moderator pushcx: Personal insults are over the line. It's clear you two will never agree, so move on.]

                      1. 0

                        Don’t get hysterical.

            1. 3

              https://juliareda.eu/2018/09/ep-endorses-upload-filters/

              Hmm, I think this actually makes it mandatory for Wikipedia to install an upload filter.

              1. 13

                There is actually an exception for websites like Wikipedia in this version of the directive:

                “online content sharing service provider’ means a provider of an information society service one of the main purposes of which is to store and give access to the public to copyright protected works or other protected subject-matter uploaded by its users, which the service optimises. Services acting in a non-commercial purpose capacity such as online encyclopaedia, and providers of online services where the content is uploaded with the authorisation of all rightholders concerned, such as educational or scientific repositories, should not be considered online content sharing service providers within the meaning of this Directive. Providers of cloud services for individual use which do not provide direct access to the public, open source software developing platforms, and online market places whose main activity is online retail of physical goods, should not be considered online content sharing service providers within the meaning of this Directive;

                (Emphasis mine)

                1. 4

                  Reda says Voss misrepresents the true scope of the upload filtering obligation and at no point does the definition exclude platforms that don’t make money off their users’ sharing of copyrighted content. She concedes that “completely non-commercial platforms” are excluded, but points out that experience has shown that even a call for donations or the use of an advertising banner can be considered commercial activity.

                  (Emphasis mine, https://thenextweb.com/eu/2018/06/19/the-eus-disastrous-copyright-reform-explained/)

                  Also, I am not sure that this is the exact wording that has passed. I am, to be honest, not well-versed in the EU legislative procedure.

                  1. 2

                    does an american organization have to care about exceptions in stupid european laws?

                    1. 16

                      does an american organization have to care about exceptions in stupid european laws?

                      They only do if they have enough presence in a European country willing to enforce those laws that they could be hurt in court.

                      If a company has no presence in any EU country, it can ignore those laws just like it ignores the laws against insulting the Thai king and laws against telling the truth about the Tienanmen Square Massacre.

                      1. 3

                        Untill some European countries order their ISP’s to block all traffic towards those companies.

                        This has already happened with major torrent sites like ThePirateBay,org, which serves up this page to everyone in The Netherlands with this ISP (and they are quite activistic about providing everyone unrestricted access to the entire internet). Take note that other European countries have ordered similar filters and take-downs onto their ISP’s and those are being actively being enforced.

                        1. 1

                          Untill some European countries order their ISP’s to block all traffic towards those companies.

                          Again, that only hurts the company in proportion to how much of their business was coming out of the EU to begin with.

                          It also isn’t forcing them to abide by the law of any EU member state, any more than West Germany was forced to abide by East German law when the Berlin Wall was up and East Germans were barred from going to West Germany.

                          1. 1

                            Again, that only hurts the company in proportion to how much of their business was coming out of the EU to begin with.

                            True, but since most major content-platforms in Europe are American companies, I doubt they’d get away with ignoring these laws. Nor do I think that they’d like to give up a market of about 510 Million people. Note that the United States is a market of only 325 Million people. So in terms of numbers, you have to care if you intend to grow beyond the United States, Canada and Mexico somewhere in the near future. You also have to keep in mind that Europe is a lot closer to the United states than you might think.

                            It also isn’t forcing them to abide by the law of any EU member state, any more than West Germany was forced to abide by East German law when the Berlin Wall was up and East Germans were barred from going to West Germany.

                            Actually, that isn’t true at all. West Germany still had West-Berlin and had to maintain supply lines to that part of Berlin through East-German (DDR) territory. Because of this, there were a bunch of DDR-laws they had to abide by, despite of being separate countries. A scenario like this, might also happen to US-companies as well.

                      2. 6

                        It’s going to be interesting for US firms that use e.g. the Dutch sandwich to avoid US taxes.

                  1. 15

                    Aside from the creepiness, this just doesn’t make much sense:

                    Microsoft wants to push Edge. Sure. It wants to do that to own the Web, to boost sales of Windows by locking out everyone else using ActiveX NT or whatever New Technology What Only Works On Windows. If it gets Edge adoption up to the numbers MSIE had fifteen years ago, it could make a go of that.

                    Except fifteen years ago, the iPhone didn’t exist, Android didn’t exist, and practically nobody even tried to surf the Web on the phones they did have. Microsoft has never had a credible modern smartphone, and the era of Web devs being able to ignore mobile devices went out with Nu Metal and jeans you could hide a watermelon in. Microsoft has to know this, so it knows it has, at most, one half of a Nefarious Plan.

                    This almost makes sense, and that troubles me.

                    1. 4

                      Uhm, you’re discounting how much traffic it will bring to their search engoene bing. AFAIU for search engines traffic is good money.

                      1. 1

                        Seems like there would be easier ways to get traffic to a search engine, not to mention ones which wouldn’t make users as angry.

                        1. 10

                          To get people to use Bing, Microsoft has to get people to use Edge. You can’t beat the convenience of typing your search terms right into the URL bar, and most people don’t bother changing the defaults (unless they’re prompted to).

                          And it’s not just search. Google has been using Chrome to push all of their other products, many of which compete with Microsoft’s. There are no saints here, except maybe Firefox, and look where that’s gotten them.

                          1. 6

                            … a decent browser?

                            1. 3

                              I think @notriddle is talking about market share :P

                              1. 1

                                Ah, fair enough.

                    1. 3

                      what’s the date on this?

                      1. 3

                        looks like it’s from 1996

                        1. 2

                          what’s the date on this?

                          What, you don’t think the DEC Alpha is a modern, relevant architecture? /s

                          1. 1

                            Funny enough, the folks at crash-safe.org built their first prototype as an Alpha. I was like, “Huh? Couldnt it be something that wasnt buried by Intel and Fujitsu?”

                          2. 1

                            looks like 1996 or so, based on which ACM journal it was going to hit.

                          1. 5

                            While functional programming languages like Haskell are conducive to modularity and otherwise generally good software engineering practices, they are unfit as implementation languages for what I will call interactive systems. These are systems that are heavily IO bound and must provide some sort of guarantee with regard to response time after certain inputs. I would argue that the vast majority of software engineering is the engineering of interactive systems, be it operating systems, GUI applications, control systems, high frequency trading, embedded applications, databases, or video games. Thus Haskell is unfit for these use cases. Haskell on the other hand is a fine implementation language for batch processing, i.e. non-interactive programs where completion time requirements aren’t strict and there isn’t much IO.

                            It’s not a dig at Haskell, this is an intentional design decision. While languages like Python/Java remove the need to consider memory allocation, Haskell takes this one step further and removes the need to consider the sequential steps required to execute a program. These are design trade-offs, not strict wins.

                            1. 5

                              While languages like Python/Java remove the need to consider memory allocation, Haskell takes this one step further and removes the need to consider the sequential steps required to execute a program.

                              Haskell makes it necessary to explicitly mark code which must be performed in sequence, which, really, is a friendlier way of doing things than what C effectively mandates: In C, you have to second-guess the optimizer to ensure your sequential code stays sequential, and doesn’t get reordered or removed entirely in the name of optimization. When the IO monad is in play, the Haskell compiler knows a lot of its usual tricks are off-limits, and behaves itself. It’s been explicitly told as much.

                              Rust made ownership, previously a concept which got hand-waved away, explicit and language-level. Haskell does the same for “code which must not be optimized as aggressively”, which we really don’t have an accepted term for right now, even though we need one.

                              1. 8

                                The optimiser in a C implementation absolutely won’t change the order in which your statements execute unless you can’t observe the effect of such changes anyway. The definition of ‘observe’ is a little complex, but crucially ‘my program is faster’ isn’t an observation that counts. Your code will only be reordered or removed in the name of optimisation if such a change is unobservable. The only way you could observe an unobservable change is by doing things that have no defined behaviour. Undefined behaviour exists in Haskell and Rust too, in every language.

                                So I don’t really see what this has to do with the concept being discussed. Haskell really isn’t a good language for expressing imperative logic. You wouldn’t want to write a lot of imperative logic in Haskell. It’s very nice that you can do so expressively when you need to, but it’s not Haskell’s strength at all. And it has nothing to do with optimisation.

                                1. 3

                                  What if you do it using a DSL in Haskell like Galois does with Ivory? Looks like Haskell made their job easier in some ways.

                                  1. 1

                                    Still part of Haskell and thus still uses Haskell’s awful syntax. Nobody wants to write a <- local (ival 0). or b' <- deref b; store a b' or n `times` \i -> do when they could write int a = 0;, a = *b; or for (int i = 0; i < n; i++).

                                    1. 8

                                      “Nobody wants to”

                                      You’re projecting your wishes onto everybody else. There’s piles of Haskell code out there, many DSL’s, and some in production. Clearly, some people want to even if some or most of us don’t.

                                      1. 1

                                        There is not ‘piles of Haskell code out there’, at least not compared to any mainstream programming language. Don’t get confused by its popularity amongst people on lobsters, hackernews and proggit. It’s an experimental research language. It’s not a mainstream programming language. It has piles of code out there compared to Racket or Idris or Pony, but compared to Python or C or C++ or Ruby or Java or C# or god forbid Javascript? It might as well not exist at all.

                                        1. 2

                                          Im not confused. Almost all languages fail getting virtually no use past their authors. Next step up get a few handfuls of code. Haskell has had piles of it in comparison plus corporate backing and use in small scale. Then, there’s larger scale backings like Rust or Go. Then, there’s companies with big market share throwing massive investments into things like .NET or Java. There’s also FOSS languages that got lucky enough to get similarly high numbers.

                                          So, yeah, piles of code is an understatement given most efforts didnt go that far and a pile of paper with source might not cover the Haskell out there.

                                          1. 1

                                            I don’t care how popular Haskell is compared to the vast majority of languages that are used only by their authors. That’s completely irrelevant to the discussion at hand.

                                            Haskell is not a good language for expressing imperative concepts. That’s plainly and obviously true. Defending it on the basis that it’s widely used ignores that firstly languages aren’t better simply because they’re widely used, secondly that languages can be widely used without necessarily being good at expressing imperative concepts, and thirdly that Haskell isn’t widely used.

                                      2. 4

                                        int a = 0 is okay, but not great. a = *b is complete gobbledygook that doesn’t look like anything unless you already know C, but at least it’s not needlessly verbose.

                                        for (int i = 0; i < n; i++) is needlessly verbose and it looks like line noise to anyone who doesn’t already know C. It’s a very poor substitute for actual iteration support, whether it’s n.times |i| or for i in 0..n or something else to express your intent directly. It’s kind of ridiculous that C has special syntax for “increment variable by one and evaluate to the previous value”, but doesn’t have special syntax for “iterate from 0 to N”.

                                        All of that is kind of a minor nit pick. The real point is that C’s syntax is not objectively good.

                                        1. 2

                                          How in the world are people unfamiliar with ruby expected to intuit that n.times|i| means replace i with iterative values up to n and not multiply n times i?

                                          1. 2

                                            A more explicit translation would be 0.upto(n) do |i|.

                                          2. 0

                                            You do know C. I know C. Lots of people know C. C is well known, and its syntax is good for what it’s for. a = *b is not ‘gobbledygook’, it’s a terse way of expressing assignment and a terse way of expressing dereferencing. Both are very common in C, so they have short syntax. Incrementing a variable is common, so it has short syntax.

                                            That’s not ridiculous. What I am saying is that Haskell is monstrously verbose when you want to express simple imperative concepts that require a single character of syntax in a language actually designed around those concepts, so you should use C instead of Haskell’s weird, overly verbose and syntactically poor emulation of C.

                                    2. 3

                                      How does Haskell allow you to explicit mark code that must be performed in sequence? Are you referring to seq? If you’re referring to the IO Monad, it’s a fair point, but I think generally it’s considered bad practice to default to using the IO monad. This sort of thing creates a burden when programming Haskell, at least for me. I don’t want to have to constantly wonder if I’ll need to port my elegant functional code into sequential IO Monad form in the future. C++/Rust address this sort of decision paralysis via “zero-cost abstractions,” which make them both more fit to be implementations languages, according to my line of reasoning above.

                                      1. 5

                                        Personally, I dislike discussions involving “the IO Monad”. The key point is that Haskell uses data flow for control flow (i.e. it’s lazy). We can sequence one thing after another by adding a data dependency (e.g. making bar depend on the result of foo will ensure that it runs afterwards).

                                        Since Haskell is pure, compilers can understand and optimise expressions more thoroughly, which might remove ‘spurious’ data dependencies (and therefore sequencing). If we want to prevent that, we can use an abstract datatype, which is opaque to the compiler and hence can’t be altered by optimisations. There’s a built-in datatype called IO which works well for this (note: none of this depends at all on monads).

                                        1. 3

                                          The trouble is that oftentimes when you’re building time-sensitive software (which is almost always), it’s really inconvenient if the point at which a function is evaluated is not clear from the source code. Since values are lazy, it’s not uncommon to quickly build up an entire tree of lazy values, and then spend 1-2 seconds waiting for the evaluation to complete right before the value is printed out or displayed on the screen.

                                          You could argue that it’s a matter of setting correct expectations, and you’d be right, but I think it defeats the spirit of the language to have to carefully annotate how values should be evaluated. Functional programming should be about functions and pure computation, and there is no implicit notion of time in function evaluation.

                                          1. 4

                                            I agree that Haskell seems unsuitable for what is generally called “systems programming” (I’m currently debugging some Haskell code that’s been over-complicated in order to become streaming). Although it can support DSLs to generate suitable code (I’ve not experience with that though).

                                            I was just commenting on using phrases like “the IO Monad” w.r.t. evaluation order, etc. which is a common source of confusion and hand-waving for those new to Haskell, or reading about it in passing (since it seems like (a) there might be something special about IO and (b) that this might have something to do with Monads, neither of which are the case).

                                            1. 2

                                              building time-sensitive software (which is almost always)

                                              Much mission-critical software is running in GC’d languages whose non-determinism can kick in at any point. There’s also companies using Haskell in production apps that can’t be slow. At least one was using it specifically due to its concurrency mechanisms. So, I don’t think your “almost always” argument holds. The slower, less-predictable languages have way too much deployment for that at this point.

                                              Even time-sensitive doesn’t mean what it seems to mean outside real-time since users and customers often tolerate occasional delays or downtime. Those they don’t might also be fixed with some optimization of those modules. Letting things be a bit broken fixing them later is default in mainstream software. So, it’s not a surprise it happens in lots of deployments that supposedly are time-critical as a necessity.

                                              In short, I don’t think the upper bounds you’ve established on usefulness match what most industry and FOSS are doing with software in general or timing-sensitive (but not real-time).

                                              1. 2

                                                Yeah it’s a good point. There certainly are people building acceptably responsive apps with Haskell. It can be done (just like people are running go deployments successfully). I was mostly speaking from personal experience on various Haskell projects across the gamut of applications. Depends on cost / benefit I suppose. For some, the state of the art type system might be worth the extra cycles dealing the the occasional latency surprise.

                                                1. 2

                                                  The finance people liked it because it was both closer to their problem statements (math-heavy), the apps had lower defects/surprises vs Java/.NET/C, and safer concurrency. That’s what I recall from a case study.

                                          2. 1

                                            If you’re referring to the IO Monad, it’s a fair point, but I think generally it’s considered bad practice to default to using the IO monad

                                            Lmao what? You can define >>= for any data type effectively allowing you to create a DSL in which you can very precisely specify how the elements of the sequence combine with neat do notation.

                                            1. 2

                                              Yes that’s exactly the problem to which I’m referring: Do notation considered harmful. Also do notation isn’t enough to specify evaluation sequencing since values are lazy. You must also carefully use seq

                                              1. 1

                                                Ah well I use a Haskell-like language that has strict-by-default evaluation and seems to be able to address a lot of those other concerns at least by my cursory glance:)

                                                Either way the benefits of do, in separating the logic and execution of procedures, look great to me. But I may be confusing them with the benefits of dependent typing, nevertheless the former facilitates the latter when it comes to being able to express various constraints on a stateful system.

                                        2. 3

                                          For systems Haskell, you might like Habit from the people behind House, a Haskell OS. I just found some answers to timing part that I’ll submit in morning.

                                          1. 1

                                            The House website seems incredibly out of date!

                                            1. 3

                                              Oh yeah. It’s mostly historical. They dropped the work for next project. Then dropped that for even better one. We get some papers and demos out of it.

                                              1. 2

                                                But so damn cool.

                                                1. 2

                                                  Exactly! Even more so, there’s a lot of discussion of how to balance the low-level access against Haskell’s high-level features. They did this using the H Layer they describe in some of their papers. It’s basically like unsafe in Rust where they do the lowest-level stuff in one way, wrap it where it can be called by higher-level Haskell, and then do what they can of the rest in Haskell. I figured the concepts in H Layer might be reusable in other projects, esp safe and low-level. The concepts in Habit might be reusable in other Haskell or non-Haskell projects.

                                                  It being old doesn’t change that. Good example is how linear logic was in the 1980’s, That got used in ML first I think years later, then them plus singleton types in some safer C’s in the 2000’s, and an affine variant of one of them in Rust. They make a huge splash with “no GC” claim. Now, linear and affine types are being adapted to many languages. The logic is twenty years old with people talking about using it for language safety for 10-20 years. Then, someone finds it useful in a modern project with major results.

                                                  Lots of things work that way. It’s why I submit older, detailed works even if they have broken or no code.

                                            2. 1

                                              none of the examples of “interactive systems” you mention are nomally io bound. sub-second response time guarantees, otoh, are only possible by giving up gc, and use a real-time kernel. your conclusion that Haskell is unusable for “these use cases” seems entirely unfounded. of course, using Haskell for real time programming is a bad idea, but no less bad than anything that’s, essentially, not C.

                                              1. 2

                                                I’ve had a few personal experiences writing large Haskell applications where it was more trouble than I thought it was worth. I regularly had to deal with memory leaks due to laziness and 1-5 second stalls at io points where large trees of lazy values were evaluated last minute. I said this in another thread: it can be done, it just requires a bit more effort and awareness. In any case, I think it violates the spirit of Haskell programming to have to carefully consider latency issues, GC times, or lazy value evaluation when crafting pure algorithms. Having to trade off abstraction for performance is wasteful IMO, i think Rust and C++ nail this with their “zero cost abstractions.”

                                                I would label most of those systems IO bound. My word processor is normally waiting on IO, so is my kernel, so is my web app, so is my database, so is my raspberry pi etc.

                                                1. 1

                                                  I guess I’m picking nits here, but using lots of working memory is not “memory leaks”, and a program that is idling due to having no work to perform is not “io bound”. Having “to carefully consider latency issues, GC times, [other tradeoffs]” is something you have to do in every language. I’d venture that the ability to do so on a subconcious level is what distinguishes a skilled developer from a noob. This also, I think, plays a large part in why it’s hard for innovative/weird languages to find adoption; they throw off your sense of how things should be done.

                                                  1. 1

                                                    Yes you have to consider those things in all languages which is precisely my point. Haskell seeks to abstract away those details but if you want to use Haskell in any sort of “time-sensitive” way, you have to litter your pure, lazy functional code with annotations. That defeats the purpose of the language being pure and lazy.

                                                    And yes, waiting on user input does make your program IO bound. If your program is spending more time waiting on IO and less time churning the CPU, it is IO bound. IO bound doesn’t simply mean churning the disk.

                                                  2. 1

                                                    I brought that up before as a counterpoint to using Haskell. A Haskeller gave me this link which is a setting for making it strict by default. Might have helped you out. As a non-Haskeller, I can’t say if it makes the language harder to use or negates its benefits. Worth looking into, though, since it was specifically designed to address things like bang patterns that were cluttering code.

                                              1. 9

                                                This isn’t a real debate.

                                                Louder, for those in the back: This is not a real debate.

                                                This is trolling. This is the equivalent of pretending to be unable to see a difference between gay sex and bestiality, or gay sex and pedophilia.

                                                This is done by someone trying to make the other side look bad.

                                                The only way to respond to this is by ignoring the people trying to do it.

                                                Anything else legitimizes it.

                                                1. 10

                                                  What is ‘this’: the arguments antirez is making or the arguments ‘Mark’ is making? Who of the two is trolling according to you?

                                                  I think the fact that this is honestly unclear to me suggests it isn’t obviously trolling and it isn’t obviously a non-debate.

                                                  1. 1

                                                    What is ‘this’: the arguments antirez is making or the arguments ‘Mark’ is making? Who of the two is trolling according to you?

                                                    Mark, the one making an issue out of ‘master/slave’ as if it had any relevance to human slavery.

                                                    Mark is the one making an argument which causes reasonable people to laugh.

                                                    1. 1

                                                      Well, to first set up some of my assumptions: after first learning that mentioning rape can cause rape survivors to experience memories related to their rape, we quickly understand how this can be the case. Words also trigger memories for us, sometimes of sad or traumatic experiences, so we can relate. We hadn’t ever realized that before though and we don’t want to be (seen as) people that hurt others by just using words, so we may react defensively and try to deny this. However, after some time most people will acknowledge how it may be helpful to avoid certain topics, though that is hard to do in general, is a lot of work (maybe more than we are prepared to expend) and some ways of doing so seem to have negative side effects that need to be taken into account.

                                                      So given that, is it reasonable for someone to trigger on the word ‘slave’, because it reminds them of the slavery their ancestors experienced? I find that a very difficult question, because I can’t directly relate to it. There are simply no words that will trigger memories of something sad or traumatic based on something in my past or that of my ancestors.

                                                      However, I know that some people whose parents consciously suffered during WWII or whose parents were strongly influenced by their grandparents’ suffering during WWII, tend to react negatively to things reminding them of WWII. The trauma of their parents, sometimes only via their grandparents’ experiences, seem to have affected them to the point where WWII is a mild trigger.

                                                      I can imagine this is more often the case for jews where it concerns the holocaust or the black community where it concerns slavery.

                                                      So no, it is not an argument that makes me laugh and that I think I can dismiss out of hand. Even though my gut reaction is definitely to do so, as it would make my life simpler. The extreme consequence is having to watch my words all the time because a few people could be triggered by them and having to conform to their wishes as a result and I don’t think that is acceptable. But that doesn’t mean I need to fall back to the other extreme and deny the argument outright. There are middle ways.

                                                      For instance, I can fully acknowledge that Mark feels this way, while simultaneously acknowledging that Mark is a single person, that there is an opportunity cost to assuaging those feelings and I feel that the trade off, the best way to spend my time, is not to make the requested change, but to spend my time differently.

                                                      Bugs and missing features have costs in the world; costs that may ultimately cause grief. If the Red Cross uses Redis and could be 0.0001% more effective because of a feature antirez could build in the time it takes to make Mark’s change, how much grief does that prevent? Who is to judge that the aggregate of all the ripple effects of any choice here are in favor of making Mark’s change or antirez spending his time differently?

                                                      So ultimately, I think antirez’s decision not to make the requested change and Mark’s request to make the change are both reasonable. Though I find the arguments on both sides of the debate severely lacking.

                                                  2. 2

                                                    I disagree. If (and only if) ready-to-be-merged quality PR was submitted for the change, I would consider (not accept) it.

                                                  1. 3

                                                    This is interesting. But between HTTPs and being lynx friendly, I’d choose the former.

                                                    1. 3

                                                      I’m not sure where you got the idea lynx doesn’t support https, but it does.

                                                      There are a few text based browsers that support more modern features as well. Elinks for example has mouse support and tabs. Links2 also supports graphics, even in framebuffer mode. So technically your OS is text only, you can still browse in graphics mode.

                                                      1. 2

                                                        Do you know why this viewpoint is so common? SSL works fine on my machine™, but I hear this complaint a lot from people. Earlier comment source

                                                        1. 2

                                                          That might be an explanation. I never had any issue with it TBH, and I’m one of those people who have a/multiple text based browsers installed on my machine by default and regularly try out another distro. It sounds it’s just a packaging issue on some versions.

                                                      2. 2

                                                        Glad you liked my article!

                                                        I don’t use Lynx more than a few times a month (this was a thought experiment, mostly). My understanding of the SSL issues in Lynx is that it is related to how the distros configure OpenSSL. I never bothered looking deeper into the matter, but have heard from users on HN that it is possible, it’s just not the default on most [Debian based?] systems.

                                                        If someone out there does use Lynx on a regular basis, would love to hear about a solution.

                                                        1. 0

                                                          Apologies, I meant: your website is Lynx friendly, but it’s not using HTTPs. Being lynx friendly is value-added, but using HTTPs is a must.

                                                        2. 1

                                                          Holy False Dilemma, Batman!

                                                          lynx supports HTTPS just fine. Always has, for values of “always” including “longer than most here have been programming”. There’s nothing about HTTPS which excludes lynx or any other text browser.

                                                        1. 1

                                                          I get that mental illness gives old mate a pass on the racist diatribes, but most of those “features” are really bad ideas.

                                                          1. 7

                                                            As the article put it:

                                                            Don’t write things off just because they have big flaws.

                                                            That said, would you please expand on why most of the features are really bad ideas?

                                                            1. 11

                                                              I may be the only user of my computer, but I still appreciate memory protection.

                                                              1. 5

                                                                More to the point: Practically every, if not every, security feature is also an anti-footbullet feature. Memory protection protects my data from other people on the system and allows security contexts to be enforced, and it protects my data from one of my own programs going wrong and trying to erase everything it can address. Disk file protections protect my data from other users and partially-trusted processes, and ensure my own code can’t erase vital system files in the normal course of operation. That isn’t even getting into how memory protection interacts with protecting peripheral hardware.

                                                                Sufficiently advanced stupidity is indistinguishable from malice.

                                                                1. 15

                                                                  But that’s not really the point of TempleOS, is it?

                                                                  As Terry once mentioned, TempleOS is a motorbike. If you lean over too far you fall off. Don’t do that. There is no anti-footbullet features because that’s the point.

                                                                  Beside that, TOS still has some features lacking in other OS. Severely lacking.

                                                                  1. 1

                                                                    Beside that, TOS still has some features lacking in other OS. Severely lacking.

                                                                    Like?

                                                                    1. 12

                                                                      The shell being not purely text but actual hypertext with images is lacking in most other os by default and I would love to have that.

                                                                      1. 6

                                                                        If you’ve never played with Oberon or one of its descendant systems, or with Acme (inspired by Oberon) from Rob Pike, you should give it/them a try.

                                                                        1. 0

                                                                          If you start adding images and complex formatting in to the terminal then you lose the ability to pipe programs and run text processing tools on them.

                                                                          1. 13

                                                                            Only because Unix can’t comprehend with the idea of anything other than bags of bytes that unformatted text happens to be congruent with.

                                                                            1. 4

                                                                              I have never seen program composition of guis. The power of text is how simple it is to manipulate and understand with simple tools. If a tool gives you a list of numbers its very easy to process. If the tool gives you those numbers in a picture of a pie chart then it’s next to impossible to do stuff with that.

                                                                              1. 7

                                                                                Program composition of GUIs is certainly possible – the Alto had it. It’s uncommon in UNIX-derived systems and in proprietary end-user-oriented systems.

                                                                                One can make the argument that the kind of pipelining of complex structured objects familiar from notebook interfaces & powershell is as well-suited to GUI composability as message-passing is (although I prefer message-passing for this purpose since explicit nominal typing associated with this kind of OO slows down iterative exploration).

                                                                                A pie chart isn’t an image, after all – a pie chart is a list of numbers with some metadata that indicates how to render those numbers. The only real reason UNIX doesn’t have good support for rich data piping is that it’s hard to add support to standard tools decades later without breaking existing code (one of the reasons why plan9 is not fully UNIX compatible – it exposes structures that can’t be easily handled by existing tools, like union filesystems with multiple files of the same name, and then requires basically out-of-band disambiguation). Attempts to add extra information to text streams in UNIX tools exist, though (often as extra control sequences).

                                                                                1. 3

                                                                                  Have a look at PowerShell.

                                                                                  1. 3

                                                                                    I have never seen program composition of guis. The power of text is how simple it is to manipulate and understand with simple tools. If a tool gives you a list of numbers its very easy to process. If the tool gives you those numbers in a picture of a pie chart then it’s next to impossible to do stuff with that.

                                                                                    Then, respectfully, you need to get out more :) Calvin pointed out one excellent example, but there are others.

                                                                                    Smalltalk / Squeak springs to mind.

                                                                                    1. 2

                                                                                      Certainly the data of the pie chart has to be structured with such metadata that you can pipe it to a tool which extracts the numbers. Maybe even manipulates them and returns a new pie chart.

                                                                                  2. 3

                                                                                    You don’t loose that ability considering such data would likely still have to be passed around in a pipe. All that changes is that your shell is now capable of understanding hypertext instead of normal text.

                                                                                    1. 1

                                                                                      I could easily imagine a command shell based on S-expressions rather than text which enabled one to pipe typed data (to include images) easily from program to program.

                                                                                2. 1

                                                                                  But why do I want that? It takes me 30 seconds to change permissions on /dev/mem such that I too can ride a motorbike without a helmet.

                                                                                  1. 2

                                                                                    That is completely beside the point. A better question is how long would it take you to implement an operating system from scratch, by yourself, for yourself. When you look at it that way, of course he left some things out. Maybe those things just weren’t as interesting to him.

                                                                                    1. 1

                                                                                      You could do that, but in TOS that’s the default. Defaults matter a lot.

                                                                                      1. 2

                                                                                        /dev/mem more or less world accessible was also the default for a particular smartphone vendor I did a security audit for.

                                                                                        Defaults do matter a lot…

                                                                                  2. 8

                                                                                    If there are no other users, and it takes only a second or two to reload the OS, what’s the harm?

                                                                                    1. 6

                                                                                      Its fine for a toy OS but I dont want to be working on real tasks where a bug in one program could wipe out everything I’m working on or corrupt it silently.

                                                                                      1. 11

                                                                                        I don’t think TempleOS has been advertised as anything other than a toy OS. All this discussion of “but identity mapped ring 0!” seems pretty silly in context. It’s not designed to meet POSIX guidelines, it’s designed to turn your x86_64 into a Commodore.

                                                                                3. 2

                                                                                  Don’t write things off just because they have big flaws.

                                                                                  That’s pretty much the one and only reason where you would want to write things off.

                                                                                  1. 14

                                                                                    There’s a difference between writing something off based on it having no redeeming qualities and writing something off because it’s a mixed bag. TempleOS is a mixed bag – it is flawed in a generally-interesting way. (This is preferable to yet another UNIX, which is flawed in the same boring ways as every other UNIX.)

                                                                                4. 2

                                                                                  This is probably not what you meant to imply, but nobody else said it, so just to be clear: Mental illness and racism aren’t correlated.

                                                                                  1. 2

                                                                                    Whatever is broken inside somebody to make them think the CIA is conspiring against them, I find it hard to believe that same fault couldn’t easily make somebody think redheads are conspiring against them.

                                                                                    1. 2

                                                                                      You’re oversimplifying. There are many schizophrenic people in the U.S., and most of them are not racist. Compulsions, even schizophrenic ones, don’t come from the ether, and they’re not correlated with any particular mental illness. Also, terry’s compulsions went far beyond paranoia.

                                                                                1. -3

                                                                                  “Considered Harmful” Essays Considered Harmful (I think “considered dangerous” falls in the same category)

                                                                                  It’s not difficult to use C correctly. Don’t blame your vulnerabilities on C when the real culprit is your own sloth.

                                                                                  I’ll concede that C (and it’s API) has quite a few foot guns, but I’ve learned how to avoid them pretty effectively, and I should be able to expect the same from kernel devs. The whole “rewrite everything in <insert promising new lang here>” mentality doesn’t work for large projects (like kernels). To rewrite the Linux kernel in Rust would take months (even if you had all hands on deck). And, who’s to say that Rust wouldn’t change incompatibly three times in the middle?

                                                                                  1. 21

                                                                                    It’s not difficult to use C correctly.

                                                                                    [citation needed]

                                                                                    There is no evidence to suggest that large codebases written in C can maintain memory safety in the face of that. The counter evidence, that writing code in C/C++ tends to produce large volumes of vulnerabilities, for reasons that are explained by language choice, is plentify. To whit, every major OS (Windows, Linux, macOS), every major browser (Chrome, Firefox, Edge, Safari), every major anti-virus program, every major image parsing library, I can keep going for a while.

                                                                                    Denialism about the dangers of memory unsafety is not productive, we need to move on to discussing how we address this.

                                                                                    1. 0

                                                                                      There is no evidence to suggest that large codebases written in C can maintain memory safety in the face of that.

                                                                                      Using C correctly means not making large codebases. C isn’t a language for programming in the large.

                                                                                      1. -1

                                                                                        there is no evidence that large codebases in any language produces anything better.

                                                                                        1. 7

                                                                                          Yes there is. The default, failure mode of safe languages doing common things is not potential code injection. The default for C language is. Given same bug count, using C will lead to more severe problems. The field results confirm that from fuzzing to CVE’s.

                                                                                          1. 4

                                                                                            Yes there is. The default, failure mode of safe languages doing common things is not potential code injection.

                                                                                            I don’t think this is wrong, exactly, but there’s a 100 exploits related to python pickle, etc. as counterexamples. And java serialize, etc.

                                                                                            1. 3

                                                                                              Do the memory-safe parts have the memory errors of C (a) at all or (b) as much? And do libraries in concurrency safe languages show same or less races as equivalent in multithreaded C?

                                                                                              You’re going to find vulnerabilities in all of them. My side are saying C amplifies that number by default or others greatly reduce it by default. That’s all we’re saying. I think the evidence is already supporting that.

                                                                                              1. 1

                                                                                                amplify requires some comparative numbers.

                                                                                                1. 2

                                                                                                  The numbers on using C are that the common operations lead to piles of vulnerabilities with code injection. This happens a lot on average. It happens less with veterans but still happens. That’s irrefutable. The numbers on safe languages show the problems mostly lead to compiler failures or DOS’s from runtime checks. The burden of proof is on your side given your side’s stuff is getting smashed the hardest all the time whether the app is small or big.

                                                                                                  What numbers do you have showing C is safer for average developer than Ada, Rust and so on? And I’m especially interested in fuzzing results of software to see how many potentially lead to code injection among new, half-ass, or just time-constrained programmers in C vs the same in safe, systems languages.

                                                                                                  1. 1

                                                                                                    you don’t even have good examples of large scale systems built using some other language that are substantially safer. Until you do, it’s just folklore.

                                                                                            2. 0

                                                                                              I see a real shortage of example of large-scale systems constructed in any language that are secure and bug free but I am happy to look at references. Like what do we have comparable to Qmail written in something better that has fewer bugs? I know that C has numerous limitations, but in CS we tend to embrace projects that claim a win by hiding a problem by e.g. using pragmas to do the things that are the most buggy as if pushing the problem into the corner made it go away.

                                                                                              And the code injection bugs I see are all example of bad engineering - not of bad programming.

                                                                                              1. 3

                                                                                                There’s bugs and there’s serious bugs that the language causes. The latter are what hackers hit the most. The latter are what we’re talking about, not just bugs in general. The size of the program also doesnt matter since the safe language is immune to the latter by design. Scaling code up just increases odds of severe vulnerabilities in the unsafe, control language.

                                                                                                Java and .NET apps are what to look at if you want big ones. Very few CVE’s posted on the apps of the kind you see in C apps. The ones that are posted are usually in C/C++ runtimes or support libraries of such languages. That just illustrates the problem more. The languages whose runtimes arent C have fewer of those since they’re immune or contain them by design.

                                                                                                1. 1

                                                                                                  My impression is that a) the reasons that those c/c++ runtimes show up so much is that these language delegate the most dangerous code such as parsing of raw input or packets or complex interaction with the OS to the C/C++ runtimes where it is possible to do that work and b) the same errors show up in different form in different languages. The massive prevalence of scripting exploits is not due to C but to lazy interface construction where, for example, user inputs are treated as parts of database scripts etc etc. I do not think that “do all the hard stuff in pragmas or C libraries” actually does limit vulnerabilities.

                                                                                                  1. 1

                                                                                                    “where it is possible to do that work”

                                                                                                    The first part is true. That part isn’t. They think lower-level language is better for speed, bit handling, or OS interface. The second part implies you need C to do that work. There’s systems languages which can do that work with more safety than C. So, it’s “possible to do that work” in them without C’s drawbacks. Many low-level programs and OS’s were written in PL/0, PL/S, Ada, Modula-2, Oberon, Modula-3, Clay, and so on. They’re safe by default turning it off only where you need to. C doesn’t do that since it’s designers didn’t care when they were hacking on a PDP-11 for personal use.

                                                                                                    “b) the same errors show up in different form in different languages. The massive prevalence of scripting exploits is not due to C but to lazy interface construction where, for example, user inputs are treated as parts of database scripts etc etc.”

                                                                                                    Aside from something language-specific, the logic errors that happen in scripting languages can happen in C, too. You get those errors plus C’s errors plus the catastrophic effect that comes with them being in C. Let’s say you wrote the interpreter in Ada or Rust with safety-checks on. Most of the errors in the interpreter won’t lead to hacks. The extensions would have same property if building on base language like how extensions to C-based programs are often in C having same problems. Platforms like Java that built libraries on C are hit heavily in those C dependencies.

                                                                                                    Additionally, the extensions could leverage aspects of these languages, such as type or module systems, designed for knocking out integration errors. Finally, if it’s Ada 2012 and SPARK, they can eliminate runtime checks in performance-critical code by using the provers to show they’re not needed if specific pre-conditions pass early on. Unlike Frama-C, they get a good baseline on code they hurried and highest assurance of what they proved.

                                                                                                    1. 1

                                                                                                      Data would help. These arguments by what seems sensible to different people don’t go anywhere.

                                                                                        2. 16

                                                                                          To rewrite the Linux kernel in Rust would take months (even if you had all hands on deck).

                                                                                          Months? It would take at least 10 years, regardless of headcount.

                                                                                          I’ve learned how to avoid them pretty effectively, and I should be able to expect the same from kernel devs.

                                                                                          I’m impressed with your abilities, but then something nags me about the order-of-magnitude mistake in your rewrite estimate. Hmm.

                                                                                          1. 13

                                                                                            It’s not difficult to use C correctly. Don’t blame your vulnerabilities on C when the real culprit is your own sloth. I’ll concede that C (and it’s API) has quite a few foot guns, but I’ve learned how to avoid them pretty effectively, and I should be able to expect the same from kernel devs. The whole “rewrite everything in ” mentality doesn’t work for large projects (like kernels). To rewrite the Linux kernel in Rust would take months (even if you had all hands on deck). And, who’s to say that Rust wouldn’t change incompatibly three times in the middle?

                                                                                            I suggest you read the linked article first. The title is clickbait but the content is solid. No one even mentioned Rust or anything else… The guy talks on their effort to reduce the foot guns in the kernel code…

                                                                                            Here is a quote for the lazy:

                                                                                            Kees Cook gave a presentation on some of the dangers that come with programs written in C. In particular, of course, the Linux kernel is mostly written in C, which means that the security of our systems rests on a somewhat dangerous foundation. But there are things that can be done to help firm things up by “Making C Less Dangerous” as the title of his talk suggested.

                                                                                            1. 4

                                                                                              I suggest you read the linked article first.

                                                                                              Ok, you got me, I only skimmed the article and I didn’t see any mention of rewrite until the comments (it was literally the first response to the second comment). Although I do hear that mentality about other large projects (such as Firefox) as well. I guess I should’ve said “Clickbait considered harmful” ;-)

                                                                                              I’ve read some more of the article and he seems to know what he’s talking about but I would like to see the original talk.

                                                                                              As far as reducing foot guns, I guess Linux did start out as just one guy so I can understand a lot of foot shooting, but it’s been years and I would’ve thought that things like VLAs would’ve been avoided in the kernel. Then agian, I’ve never worked on a project as large as Linux so i guess I’m not the best judge of such things.

                                                                                              1. 4

                                                                                                Ok, you got me, I only skimmed the article and I didn’t see any mention of rewrite until the comments (it was literally the first response to the second comment). Although I do hear that mentality about other large projects (such as Firefox) as well.

                                                                                                Agreed. It’s annoying as hell, and the loud-mouths never do the work.

                                                                                                I guess I should’ve said “Clickbait considered harmful” ;-)

                                                                                                Funny because the talk is titled ‘Making C Less Dangerous’ - the lwn reporter is actually responsible for the horrible title that misrepresents the content and invites rewrite talks. I think this is the first time I’m using the lobste.rs ‘suggest’ a new title option to rename the link to ‘Making C Less Dangerous’ disrespecting the reporters chosen title. This is an abstract of the talk so keep the title close to the content.

                                                                                            2. 7

                                                                                              Literally 20+ years of unending computer security exploits disagree with you.

                                                                                            1. 13

                                                                                              Thanks @sjl! I keep thinking I should try again at Lisp and this post will make a handy roadmap to refer to.

                                                                                              But my number 1 question, why aren’t there more significant projects written in lisp?

                                                                                              I would think that it would become a dependency for some important piece of software but it never is (aside from Emacs).

                                                                                              Git is so important that it will require perl and bash on my local machine (even on windows!), mercurial will include python, firefox is starting to sneak Rust in piece by piece, but is lisp just so happy being on its own island that it never gets used by any other project? Clojure flipped this by buildling the lisp on top of the other language, which I think contributes to its success.

                                                                                              Or does it’s flexibility make it difficult to use in large organizations (with varying levels of experience)? Or tsomething else?

                                                                                              Thanks

                                                                                              1. 13

                                                                                                First, there are at least some popular non-trivial projects that use Common Lisp – pgloader is an example. But you’re right that it’s certainly rare.

                                                                                                The glib answer to “why aren’t there a lot of Common Lisp projects” is”because there aren’t a lot of Common Lisp programmers”. I think there are a couple of reasons for that.

                                                                                                One reason is that the barrier to entry for Common Lisp is really high. I’ve had people tell me I could learn Go in a month. I don’t know if that’s true (though I’ll be finding out when I start a new job in Go in October) but I can tell you that you definitely cannot really learn Common Lisp in a month. I think even six months of hard work would be pushing it. It’s been three years for me, with two of them being working in CL almost full time (thanks, grad school), and I’m comfortable now but still feel like I have a lot to learn. Most people aren’t lucky enough to have a few years of their life to dedicate to learning a language, so the pool of Common Lisp programmers is always going to be smaller than languages with less of a barrier to entry.

                                                                                                Another reason is that there are some really common misconceptions about Common Lisp, the primary one being “it’s a functional programming language”. It’s not. It’s a language you can do functional programming in if you want, but is really a procedural language at heart. The misconception is bad for two reasons: people who start learning it because they want a functional language get disillusioned and quit, and people who would otherwise want a procedural Lisp never consider it because of the reputation.

                                                                                                Your example of Python is a good one because it illustrates another aspect of the chicken/egg problem: Common Lisp isn’t installed by default anywhere. If I write a small script in Python I can be pretty sure I can just run it on a server somewhere. If a newbie wants to get started writing some Python on MacOS or Linux they can just dive in and worry about all the virtualenv shit later. But CL isn’t included by default on any distro that I know of, so that’s another barrier to entry to overcome.

                                                                                                Those are just a few reasons off the top of my head. To sum it up: I think there’s a bunch of reasons that all feed back on each other and result in a high barrier to entry for Common Lisp. This means there are fewer Common Lisp programmers overall, and that results in fewer Common Lisp projects overall.

                                                                                                1. 6

                                                                                                  Why is the barrier to entry for Common Lisp so high? Is it just the absurdly high number of things that can be done in it? It kinda sounds like the C++ of parenthesis-languages, if the learning curve is that long.

                                                                                                  1. 10

                                                                                                    A couple of reasons:

                                                                                                    • It’s a big language (though not C++ big, I think). CLtL2 is one book, but it’s a thousand-page book.
                                                                                                    • A lot of things are structured and/or named oddly for historical reasons. You need to unlearn and relearn a bunch of stuff, and just have to memorize other things.
                                                                                                    • There’s more high and low-level power than you might be used to in a single language. If you really want to learn CL you’ll want to eventually get comfortable writing super high-level metaprogramming macros and also reading x86 assembly spit out by DISASSEMBLE.
                                                                                                    • CL tends to err on the side of giving the programmer freedom instead of saying “there is exactly one way to do it” (e.g. the package system’s orthogonality with files).

                                                                                                    In short: the barrier to entry is so high for the same reasons it took me ten thousand words to describe how to learn it :)

                                                                                                    1. 8

                                                                                                      Shorter: Common Lisp is the combined second-system effect of multiple existing Lisp implementations, all implemented by people who worked at places like the MIT AI Lab and Symbolics and who were, therefore, accustomed to complicated and powerful systems. I mean, when your OS’s command line interpreter is a machine code debugger (HACTRN on ITS), you obviously don’t have much respect for an argument that a given feature gives programmers “too much” power.

                                                                                                      1. 4

                                                                                                        That’s exactly what I read happened. Each one was a powerful toolset people were using. Common LISP tried to be the one language to rule them all. It was a huge mess that achieved its goal. A programmer wanting LISP-like power without compatibility with older, merged LISP’s might want something else entirely. Hence, the success of some Scheme’s, Clojure, and even non-LISP’s with macro systems. There’s still people that like what Common LISP has, too.

                                                                                                        If CL is too much, there’s other options that get one many benefits.

                                                                                                      2. 3

                                                                                                        It’s a big language (though not C++ big, I think)

                                                                                                        It looks like CL standard is quite close in size to C++.

                                                                                                    2. 5

                                                                                                      You don’t write about Clojure much lately, is that because of a preference for CL / distaste for Clojure? Would be interested in your current thoughts on Clojure.

                                                                                                      1. 2

                                                                                                        Having learned Go (and written the majority of a decent sized system in production), a solid programmer can be productive in 1 month. I taught it to myself (mostly) with a greenfield project and if you were working in an environment with knowledgable co-workers or some code to reference/build on, that shouldn’t be too much of a stretch.

                                                                                                        1. 3

                                                                                                          You can be a productive programmer in a couple of weeks in CL as well. IIRC Dan Weinreb said they gave new hires PCL and to weeks. But being able to contribute to a code base doesn’t require learning the whole language. For example you can be productive without learning how to customize the reader.

                                                                                                          1. 2

                                                                                                            Respectfully, I’m going to say Dan Weinreb had a sampling bias. Not all of us live near schools that have students (much less faculty) that are bastions of Lisp (or scheme) programmers. Not to mention that most MIT engineers don’t typically work next to programmers from $SMALL_STATE_SCHOOL.

                                                                                                            1. 5

                                                                                                              Lisp, and Common Lisp, are not complicated languages to learn. Quite the opposite in fact and that is the reason I like them.

                                                                                                              There is a myth that they are complicated. When I tell others Common Lisp is my favorite language one of the first things said (besides the obvious parenthesis jokes) is: “Ooh, that’s such a hard language!” I don’t know where that comes from.

                                                                                                              C++ is hard, Common Lisp is not.

                                                                                                              1. 2

                                                                                                                Not all of us live near schools that have students (much less faculty) that are bastions of Lisp (or scheme) programmers

                                                                                                                They were talking about people that didn’t knew any Lisp before joining the company. So I’m not sure why would the availability of Lisp programmers would be of any relevance to the question how long does it takes a programmer to go from I don’t know Lisp to I can contribute to a code base.

                                                                                                          2. 2

                                                                                                            I can tell you that you definitely cannot really learn Common Lisp in a month

                                                                                                            I think you can be productive in a month or two. (In any language, of course, it takes much longer to become expert.) A lot of people compare their experience learning Common Lisp on their own to learning other languages on the job, or in some other collaborative environment where it’s easy to ask questions of more experienced people, or where you are working on an existing codebase, written by people skilled in the language, with patterns you can emulate. It’s much easier to learn a language in that kind of environment, but there are few opportunities to learn Common Lisp that way. I think it’s these circumstantial factors, not anything intrinsic, that give Lisp its reputation as a hard language to learn;

                                                                                                            1. 1

                                                                                                              Is the barrier to Common Lisp really high?

                                                                                                              I’m not sure I agree. It’s pretty easy (except perhaps on Windows) to just start up SBCL and fiddle around. There’s no huge swathes of things you need to install and IDE’s to tweak to do a simple “Hello, World!” or to do some excercises from a book.

                                                                                                              Also, it’s a very practical language that does not get in the way. Lisp itself is syntactically very simple.

                                                                                                              I do admit that for certain projects (f.e. GUIs) things get a little harder and the standard library is huge but that’s something you pick up along the way.

                                                                                                            2. 9

                                                                                                              Lisp provokes an instinctive hostility from others, much like Haskell.

                                                                                                              The Common Lisp community is a crew of mostly loners.

                                                                                                              Writing Lisp well takes, in my experience, an above average programmer, and in a group, a programmer sensitive to varying capabilities.

                                                                                                              Many groups reject tools that demand anything above average.

                                                                                                              GUI integration is, as usual for most open source, terrible.

                                                                                                              Web service software tends to be messy.

                                                                                                              No company or Glamorous Person really is championing Common Lisp. Unlike Haskell, the academy has rejected Common Lisp (but tolerates Scheme).

                                                                                                              Companies absolutely loathe risk and extra investment, so the above keeps Lisp out of the corporate environment.

                                                                                                              All of the above keep Common Lisp roughly around OCaml in capability and mindshare. It’s a shame.

                                                                                                              1. 3

                                                                                                                Writing Lisp well takes, in my experience, an above average programmer, and in a group, a programmer sensitive to varying capabilities.

                                                                                                                I disagree with this assessment. The main attraction of CL to me is that it gets out of my way when I want to do something. I don’t have to jump through hoops of the arbitrary restrictions of a particular programming language. All programers may benefit from this quality. I would concede that it may take an above average programmer to exploit said freedom.

                                                                                                                1. 7

                                                                                                                  A lot of programmers are simply uninterested in expressive power. And, a lot of engineering leads prefer to limit expressive power to limit cleverness. Hence Java and Go.

                                                                                                                  I understand the power of Common Lisp - I maintainish two Common Lisp assistance sites and used it for 8 years nearly continuously at home; I still use it myself for my own site. But how typical industrial programming work goes is simply opposed to the Common Lisp ideals, in my experience and discussion with others.

                                                                                                              2. 3

                                                                                                                The main reason why you won’t see a Lisp ‘killer app’ as part of the user’s OS is that Lisp’s world view of the world is incompatible with Unix. Unix accommodates to different languages by providing a ‘common interface’ in processes. To some degree, one can draw the analogy with processes being function calls , the standard input being the parameters of the function and the standard output its return value. By contrast, in Lisp (and Smalltalk) you start with a base world (your image) and you add your program into the world little by little, by incremental compilation. Your compiler, debugger, and the rest of the environment is part of your image. To accommodate to the Unix world view would mean to recompile the whole program each time, which destroys the advantages of incremental development offered by Lisp.

                                                                                                                Or does it’s flexibility make it difficult to use in large organizations (with varying levels of experience)? Or something else?

                                                                                                                We know its been used in large organization (e.j. ITA now Google Flights) so its not a question of capability.

                                                                                                                1. 1

                                                                                                                  I would say the mind set of not wanting to deal with the outside world seems problematic. You wouldn’t want to write a program that solves a problem for the rest of the world, because the other problems are solved by something else?

                                                                                                                  I knew of ITA/Google Flights, but didn’t think it qualified as a large organization (though I’ll happily be corrected).
                                                                                                                  I know that the designers of Java and much later Go and even later Dart all specifically tailored aspects of the language towards large groups with varying skill levels, but I’ve never come across anything that mentioned that was a design goal of Common Lisp - again, happy to be corrected.

                                                                                                                  1. 2

                                                                                                                    I would say the mind set of not wanting to deal with the outside world seems problematic.

                                                                                                                    I didn’t say that Lisp doesn’t want to deal with the outside world. I said that its view of the world is different from Unix. In Lisp a ‘program’ is not different than a function. How else are you going to edit your compiler while its running? Your debugger while your debugging?

                                                                                                                    Mind you that you could a Lisp implementation that performs the edit/compile/run cycle from the CLI, mocl does AoT compilation and there is wcl (which is mostly a PoC) but that would destroy any semblance of interactive development which is one of the main differentiating features of Lips. It would be no more interactive than the other batch oriented PLs, say Racket.

                                                                                                                    I knew of ITA/Google Flights, but didn’t think it qualified as a large organization

                                                                                                                    So what number qualifies? 50+ (Or 70 I’m not sure) developers working on a +2M LoC is a large organization in my books.

                                                                                                                    1. 1

                                                                                                                      Thanks, I was unsure of the size of ITA (pre-acquisition) or Google Flights (post-acquisition).

                                                                                                              1. 13

                                                                                                                Ah they tricked me with this one, it’s a Medium article hidden behind another domain.

                                                                                                                (Whenever I see “medium.com” next to lobsters articles I know not to click, since the result will be a weak thinkpiece by a frontend developer, wrapped in obtrusive markup.)

                                                                                                                1. 3

                                                                                                                  i had literally the exact same response. “Ah, a medium article….about frontend dev……(tab closed)”.

                                                                                                                  1. 3

                                                                                                                    Interesting ‘hot take’!

                                                                                                                    You judge people based on the ‘medium’ that they use.

                                                                                                                    1. 8

                                                                                                                      “The medium is the message” ;)

                                                                                                                      I have to admit though that seeing a medium link is generally a negative signal for me. Still click on many of them.

                                                                                                                      1. 7

                                                                                                                        I think Medium’s original USP was “only quality content”.

                                                                                                                        Predictably, that didn’t scale.

                                                                                                                        1. 1

                                                                                                                          Many confuse Marshall McLuhan’s original meaning of that phrase. It didn’t really mean that the way a message was delivered was part of the message itself. It actually meant that the vast majority of messages were medium or average.

                                                                                                                          It would have been better said, “meh, the message is average.”

                                                                                                                          1. 5

                                                                                                                            This didn’t really make sense to me, so I looked it up, and I don’t think that’s right. The original meaning is exactly what we’ve come to understand it as:

                                                                                                                            The medium is the message because it is the medium that shapes and controls the scale and form of human association and action. The content or uses of such media are as diverse as they are ineffectual in shaping the form of human association. Indeed, it is only too typical that the “content” of any medium blinds us to the character of the medium. (Understanding Media: The Extensions of Man, 1964, p.9)

                                                                                                                            I wonder where you’ve heard your interpretation?

                                                                                                                            1. 5

                                                                                                                              This comment is obviously a troll. Fitting, given that McLuhan himself was a troll.

                                                                                                                              1. 4

                                                                                                                                Interesting interpretation. I am not sure how he originally came to that phrase, but his book certainly spent a lot of time and effort arguing for the now prevalent meaning.

                                                                                                                        1. 12

                                                                                                                          A whole big long post about spherical harmonics and electrons aren’t mentioned once!

                                                                                                                          Some people are just weird! ;)

                                                                                                                          Seriously, wonderful post.

                                                                                                                          1. 3

                                                                                                                            I don’t know if language choice has anything to do with it, but the fact remains: the service is now dead. ;)

                                                                                                                            I agree in 2012 the state of Python3 support was a valid concern, and I have to admit actively discouraging people from learning it at the time, but luckily that part hasn’t aged well. I still want better FP support in Python of course.

                                                                                                                            My biggest problem with Common Lisp is that it’s a Lisp-2. Why would anyone want different namespaces for functions and other bindings in an ostensibly functional language?

                                                                                                                            1. 3

                                                                                                                              Why would anyone want different namespaces for functions and other bindings in an ostensibly functional language?

                                                                                                                              According to this site, one of the arguments was “backwards compatibility”:

                                                                                                                              Common Lisp was the result of a compromise between a number of dialects of Lisp, most of which had separate namespaces.. [transitioning to a single namespace] would introduce a considerable amount of incompatibility..” There are really more than two namespaces, reducing either the benefit of collapsing these two or the cost of collapsing them all

                                                                                                                              which I don’t find that convincing, since there were plenty of lisps using dynamic scoping, despite CL using lexical scopes. But I agree, things like these together with, frankly wierd function names always annoy me. I’d guess that in the end, CL shouldn’t be seen as a functional language, since Lisp wasn’t even originally conceived as functional language.

                                                                                                                              1. 9

                                                                                                                                I’d guess that in the end, CL shouldn’t be seen as a functional language, since Lisp wasn’t even originally conceived as functional language.

                                                                                                                                There’s a page which I can’t find now which makes the case that the term “functional programming language” evolves over time to mean “the most functional programming language which currently exists”, so different features rotate in and out of defining what it effectively means to be a functional programming language.

                                                                                                                                (I’d add that each generation has a different boogeyman idea, an idea which the Average Programmer regards as being “too complex” and which others write blog posts or the local equivalent to explain.)

                                                                                                                                The first generation was when Algol introduced recursion. Recursion is also the boogeyman idea of this era.

                                                                                                                                The second generation begins with “mature” Lisp (that is, Lisp implementations like MACLISP and Lisp Machine Lisps, not LISP 1.5) and, later, Scheme, where the defining feature is first-class functions and closures, and the boogeyman idea is Scheme’s continuations. Common features are strong dynamic typing and a universal feature is garbage collection. The new-school scripting languages (Perl, Python, Ruby) are languages of this type with object systems bolted on, and Java’s getting there, slowly.

                                                                                                                                (Some pre-Common Lisp Lisps didn’t have closures. They had the upwards funarg problem, instead.)

                                                                                                                                The third generation is ML and everything after, including OCaml and Haskell. Now, functional programming includes strong, static type systems with algebraic types, Hindley-Milner type inference, and, at a syntactic level, pattern-matching as flow control. The boogeyman idea is monads, and, more specifically, requiring the use of monads to mark out side-effecting code, as Haskell does.

                                                                                                                                The underlying point is that “Functional programming is whatever your language of choice doesn’t have yet”: Recursion is now universal. It wasn’t when FORTRAN IV was “your language of choice” for a lot of programmers. Strong dynamic typing and garbage collection aren’t universal, but they’re not weird and wacky ideas only long-haired MIT AI Lab types can make sense of. Marking your side-effecting code in a machine-readable way is still weird and wacky… for now.

                                                                                                                                1. 1

                                                                                                                                  I wonder why backwards compatibility was a concern if CL could not run any of that old code unmodified. Ot could it?

                                                                                                                                  1. 2

                                                                                                                                    Common Lisp could be implemented in terms of the Old Lisps with a library of functions and macros. That’s the kind of compatibility they were after.

                                                                                                                                    1. 1

                                                                                                                                      I’m pretty sure backwards compatibility with most existing implementations was exactly the goal. I’ve heard you can run early Lisp programs on CL with minimal modifications to this day, but I’ve never tried it myself.

                                                                                                                                  2. 2

                                                                                                                                    It might be slightly easier to write tooling when you know what’s a function and what’s a variable.

                                                                                                                                    On the other hand, if you use a Lisp-2 in functional style (which poorly suits Common Lisp), you still have the problem of full analysis between the boundary of namespaces + awkward syntax. It looks like Common Lisp is meant to be used in imperative style, without juggling functions as values.

                                                                                                                                    1. 1

                                                                                                                                      Yeah, I guess it’s my expecation that the language is supposed to be functional that makes lisp-2 look so disappointing for me. It technically has everything for FP to work, so I feel cheated. ;)

                                                                                                                                    2. 1

                                                                                                                                      Does it really pose a significant problem?

                                                                                                                                    1. 7

                                                                                                                                      An extreme example of unportable C is the book Mastering C Pointers: Tools for Programming Power, which was castigated recently. To be fair, that book has other flaws rather than being in a different camp, but I think that fuels some of the intensity of passion against it.

                                                                                                                                      This… rather grossly undersells how much is wrong with that book. The author didn’t understand scope, for crying out loud, and never had a grasp of how C organized memory, even in the high-level handwavy “C Abstract Machine” sense the standard is written to.

                                                                                                                                      There are better examples of unportable C, such as pretty much any non-trivial C program written for MS-DOS, especially the ones which did things like manually writing to video memory to get the best graphics performance. Of course, pretty much all embedded C would fit here as well, but you’ll actually be able to get and read the source of some of those MS-DOS programs.

                                                                                                                                      In so doing, the committee had to converge on a computational model that would somehow encompass all targets. This turned out to be quite difficult, because there were a lot of targets out there that would be considered strange and exotic; arithmetic is not even guaranteed to be twos complement (the alternative is ones complement), word sizes might not be a power of 2, and other things.

                                                                                                                                      Another example would be saturation semantics for overflow, as opposed to wraparound. DSPs use saturation semantics, so going off the top end of the scale plateaus, instead of causing a weird jagged waveform.

                                                                                                                                      As for the rest, it’s a hard problem. Selectively turning off optimization for specific functions would be useful for some codebases, but aggressive optimization isn’t the only problem here: Optimization doesn’t cause your long type to suddenly be the wrong size to hold a pointer on some machines but not others. Annotating the code with machine-checked assumptions about type size, overflow behavior, and maybe other things would allow intelligent warnings about stupid code, but… well… try to get anyone to do it.

                                                                                                                                      1. 6

                                                                                                                                        Re “Mastering C Pointers,” that’s fair. I included it because it’s one of the things that got me thinking about the unportable camp, but I can see how its (agreed, very serious) flaws might detract from the overall argument I’m making and that there might be a better example.

                                                                                                                                        Re saturating arithmetic, well, Rust has it :)

                                                                                                                                        1. 2

                                                                                                                                          My interpretation is that the point of C is that simple C code should lead to simple assembly code. Needing to write SaturatedArithmetic::addWithSaturation(a, b) instead of just a + b in all arithmetic DSP code would be quite annoying, and would simply lead to people using another language.

                                                                                                                                          You could say ‘oh they should add operator overloading’, but then that contravenes the first point, that simple C code (like a + b) should not hide complex behaviour. The only construct in C that can hide complexity is the function call, which everyone recognises. But if you see some arithmetic, you know it’s just arithmetic.

                                                                                                                                          1. 1

                                                                                                                                            You could say ‘oh they should add operator overloading’, but then that contravenes the first point, that simple C code (like a + b) should not hide complex behavior. The only construct in C that can hide complexity is the function call, which everyone recognizes. But if you see some arithmetic, you know it’s just arithmetic.

                                                                                                                                            Not to mention that not everything can be overloaded, causing inconsistencies, and some operations in mathematics have operators other than just “+-/*”. Vector dot product “·”, for example. Even if CPP (or any other language) extends to support more operators, these operators can’t be reached without key composition (“shortcuts”), making it almost unwanted. vec_dot() might require typing more, but it’s reachable to everyone, and operators don’t need to have hidden meanings.

                                                                                                                                            1. 2

                                                                                                                                              Eh, perl6 seems to do just fine with 60 bajillion operators.

                                                                                                                                              1. 2

                                                                                                                                                Perl does have more operators than C, but all of them are operators that can be typed using simple key composition, such as [SHIFT+something]. String concatenation for example.

                                                                                                                                                My point, added with what @milesrout said, is that some operators (math operators) aren’t easy to type with just [SHIFT+something]. As result, operator overloading in languages that offer operator overloading will always stay in a unfinished state, because it will only compromise those operators that are easily composed.

                                                                                                                                        2. 1

                                                                                                                                          Mastering C Pointers: Tools for Programming Power has several four-star reviews on Amazon uk.

                                                                                                                                          Herbert Schildt’s C: The Complete Reference is often touted as the worst C book ever and here.

                                                                                                                                          Perhaps Mastering C Pointers is the worst in its niche (i.e., pointers) and Schildt’s is a more general worst?

                                                                                                                                          1. 2

                                                                                                                                            Mastering C Pointers: Tools for Programming Power has several four-star reviews on Amazon uk.

                                                                                                                                            So? One of the dangers of picking the wrong textbook is thinking it’s great, and using it to evaluate subsequent works in the field, without knowing it’s shit. Per hypothesis, if it’s your first book, you don’t know enough to question it, and if you think it’s teaching you things, those are the things you’ll go on to know, even if they’re the wrong things. It’s a very pernicious bootstrap problem.

                                                                                                                                            In this case, the book is objectively terrible. Other books being bad don’t make it better.

                                                                                                                                            I do agree that Schildt’s book is also terrible.

                                                                                                                                        1. 4

                                                                                                                                          MUMPS is still in active usage, I think? A few years ago I interviewed someone out of the midwest (Minneapolis or Michigan, I think) who worked for a large health software vendor. They’ve been around for a long time, and they’re in a lot of hospitals across the US. I’m pretty sure their whole system is built in MUMPS.

                                                                                                                                          1. 1

                                                                                                                                            Epic is the vendor iirc. It is also all up in the VA Vista system.

                                                                                                                                            It is part of the fractal of sadness of healthcare.

                                                                                                                                            1. 1

                                                                                                                                              Is the supply/demand ratio enough to add MUMPS to the list, along with COBOL, of languages that are liable to make consultants rich?

                                                                                                                                              1. 2

                                                                                                                                                I don’t really know enough about the MUMPS ecosystem to answer, but maybe? It seems to fit the COBOL criteria:

                                                                                                                                                1. “Outdated”[0] language people don’t really want to work in,
                                                                                                                                                2. Relied upon in core parts of large, “boring”, slow-moving companies who have a lot of code and,
                                                                                                                                                3. Who are very unlikely to be disrupted out of their space any time soon

                                                                                                                                                I got the impression that this particular company was one of the few/only software games in town, wherever they were, and that they kinda hoovered-up a lot of the engineering talent from the surrounding region. That said, the person I spoke to was very aware that MUMPS is incredibly niche and was looking to build transferable skills in a more mainstream software environment, and was looking in the Bay Area. So, I could guess they might have a retention problem, at least amongst people who are also willing to relocate for work. That’s speculation, though.

                                                                                                                                                Caveat: This is all from memory of an interview a few years ago

                                                                                                                                                [0] I used air-quotes because not everyone has these perceptions

                                                                                                                                                1. 1

                                                                                                                                                  “Outdated” is a loaded term, sure, but I think we can explore it a bit.

                                                                                                                                                  Things can be outdated because more work has been done in the space to create technology which is better in every technical respect, but that doesn’t mean the existing technology is going to be changed, because social and political aspects factor in as well. Of course, in both software and buildings, something becomes outdated once flaws are no longer repaired when found, but fixing bugs becomes a political and social football as well.

                                                                                                                                                  (Then, of course, there are the sad cases who need to be contrarian to the point they’ll argue that technology which has been superseded and abandoned is in no way outdated. They’re the ones who throw out the most heat, and obscure the most light, when someone’s trying to understand the field.)

                                                                                                                                            1. 2

                                                                                                                                              The tag should be C++, not C.

                                                                                                                                              1. 2

                                                                                                                                                Do you know how I can edit the tags? Or do the mods have to? Couldn’t find the option :(

                                                                                                                                                1. 1

                                                                                                                                                  Apparently you click suggest

                                                                                                                                              1. 34

                                                                                                                                                Good talk.

                                                                                                                                                I recently used systemd “in anger” for the first time on a raspi device to orchestrate several scripts and services, and I was pleasantly surprised (but also not surprised, because the FUD crowd is becoming more and more fingerprintable to me). systemd gives me lifecycle, logging, error handling, and structure, declaratively. It turns out structure and constraints are really useful, this is also why go has fast dependency resolution.

                                                                                                                                                It violates unix philosohpy

                                                                                                                                                That accusation was also made against neovim. The people muttering this stuff are slashdot markov chains, they don’t have any idea what they’re talking about.

                                                                                                                                                1. 22

                                                                                                                                                  The declarative units are definitely a plus. No question.

                                                                                                                                                  I was anti-systemd when it started gaining popularity, because of the approach (basically kitchen-sinking a lot of *NIX stuff into a single project) and the way the project leader(s) respond to criticism.

                                                                                                                                                  I’ve used it since it was default in Debian, and the technical benefits are very measurable.

                                                                                                                                                  That doesnt mean the complaints against it are irrelevant though - it does break the Unix philosophy I think most people are referring to:

                                                                                                                                                  Make each program do one thing well. To do a new job, build afresh rather than complicate old programs by adding new “features”.

                                                                                                                                                  1. 30

                                                                                                                                                    If you believe composability (one program’s output is another program’s input) is an important part of The Unix Philosophy, then ls violates it all day long, always has, likely always will. ls also violates it by providing multiple ways to sort its output, when sort is right there, already doing that job. Arguably, ls formatting its output is a violation of Do One Thing, because awk and printf exist, all ready to turn neat columns into human-friendly text. My point is, The Unix Philosophy isn’t set in stone, and never has been.

                                                                                                                                                    1. 7

                                                                                                                                                      Didn’t ls predate the Unix Philosophy? There’s a lot of crufthistory in unix. dd is another example.

                                                                                                                                                      None of that invalidates the philosophy that arose through an extended design exploration and process.

                                                                                                                                                      1. 4

                                                                                                                                                        nobody said it’s set in stone; it’s a set of principles to be applied based on practicality. like any design principle, it can be applied beyond usefulness. some remarks:

                                                                                                                                                        • i don’t see where ls violates composability. the -l format was specifically designed to be easy to grep.
                                                                                                                                                        • the sorting options are an example of practicality. they don’t require a lot of code, and would be much more clumsy to implement as a script (specifically when you don’t output the fields you’re sorting on)
                                                                                                                                                        • about formatting, i assume you’re referring to columniation, which to my knowledge was not in any version of ls released by Bell Labs. checking whether stdout is a terminal is indeed an ugly violation.
                                                                                                                                                        1. 6

                                                                                                                                                          i don’t see where ls violates composability. the -l format was specifically designed to be easy to grep.

                                                                                                                                                          People have written web pages on why parsing the output of ls is a bad idea. Using ls -l doesn’t solve any of these problems.

                                                                                                                                                          As a matter of fact, the coreutils people have this to say about parsing the output of ls:

                                                                                                                                                          However ls is really a tool for direct consumption by a human, and in that case further processing is less useful. For futher processing, find(1) is more suited.

                                                                                                                                                          Moving on…

                                                                                                                                                          the sorting options are an example of practicality. they don’t require a lot of code, and would be much more clumsy to implement as a script (specifically when you don’t output the fields you’re sorting on)

                                                                                                                                                          This cuts closer to the point of what we’re saying, but here I also have to defend my half-baked design for a True Unix-y ls Program: It would always output all the data, one line per file, with filenames quoted and otherwise prepared such that they always stick to one column of one line, with things like tab characters replaced by \t and newline characters replaced by \n and so on. Therefore, the formatting and sorting programs always have all the information.

                                                                                                                                                          But, as I said, always piping the output of my ls into some other script would be clumsier; it would ultimately result in some “human-friendly ls” which has multiple possible pipelines prepared for you, selectable with command-line options, so the end result looks a lot like modern ls.

                                                                                                                                                          about formatting, i assume you’re referring to columniation, which to my knowledge was not in any version of ls released by Bell Labs. checking whether stdout is a terminal is indeed an ugly violation.

                                                                                                                                                          I agree that ls shouldn’t check for a tty, but I’m not entirely convinced no program should.

                                                                                                                                                          1. 4

                                                                                                                                                            just because some people discourage composing ls with other programs doesn’t mean it’s not the unix way. some people value the unix philosophy and some don’t, and it’s not surprising that those who write GNU software and maintain wikis for GNU software are in the latter camp.

                                                                                                                                                            your proposal for a decomposed ls sounds more unixy in some ways. but there are still practical reasons not to do it, such as performance and not cluttering the standard command lexicon with ls variants (plan 9 has ls and lc; maybe adding lt, lr, lu, etc. would be too many names just for listing files). it’s a subtle point in unix philosophy to know when departing from one principle is better for the overall simplicity of the system.

                                                                                                                                                      2. 25

                                                                                                                                                        With all due respect[1], did your own comment hit your fingerprint detector? Because it should. It’s extrapolating wildly from one personal anecdote[2], and insulting a broad category of people without showing any actual examples[3]. Calling people “markov chains” is fun in the instant you write it, but contributes to the general sludge of ad hominem dehumanization. All your upvoters should be ashamed.

                                                                                                                                                        [1] SystemD arouses strong passions, and I don’t want this thread to devolve. I’m pointing out that you’re starting it off on the wrong foot. But I’m done here and won’t be responding to any more name-calling.

                                                                                                                                                        [2] Because God knows, there’s tons of badly designed software out there that has given people great experiences in the short term. Design usually matters in the long term. Using something for the first time is unlikely to tell you anything beyond that somebody peephole-optimized the UX. UX is certainly important, rare and useful in its own right. But it’s a distinct activity.

                                                                                                                                                        [3] I’d particularly appreciate a link to NeoVim criticism for being anti-Unix. Were they similarly criticizing Vim?

                                                                                                                                                        1. 9

                                                                                                                                                          [3] I’d particularly appreciate a link to NeoVim criticism for being anti-Unix. Were they similarly criticizing Vim?

                                                                                                                                                          Yes, when VIM incorporated a terminal. Which is explicitly against its design goals. From the VIM 7.4 :help design-not

                                                                                                                                                          VIM IS... NOT                                           *design-not*
                                                                                                                                                          
                                                                                                                                                          - Vim is not a shell or an Operating System.  You will not be able to run a
                                                                                                                                                            shell inside Vim or use it to control a debugger.  This should work the
                                                                                                                                                            other way around: Use Vim as a component from a shell or in an IDE.
                                                                                                                                                            A satirical way to say this: "Unlike Emacs, Vim does not attempt to include
                                                                                                                                                            everything but the kitchen sink, but some people say that you can clean one
                                                                                                                                                            with it.  ;-)"
                                                                                                                                                          

                                                                                                                                                          Neo-VIM appears to acknowledge their departure from VIM’s initial design as their :help design-not has been trimmed and only reads:

                                                                                                                                                          NVIM IS... NOT                                          design-not
                                                                                                                                                          
                                                                                                                                                          Nvim is not an operating system; instead it should be composed with other
                                                                                                                                                          tools or hosted as a component. Marvim once said: "Unlike Emacs, Nvim does not
                                                                                                                                                          include the kitchen sink... but it's good for plumbing."
                                                                                                                                                          

                                                                                                                                                          Now as a primarily Emacs user I see nothing wrong with not following the UNIX philosophy, but at it is clear that NeoVIM has pushed away from that direction. And because that direction was an against their initial design it is reasonable for users that liked the initial design to criticism NeoVIM because moving further away from the UNIX philosophy.

                                                                                                                                                          Not that VIM hadn’t already become something more than ‘just edit text’, take quickfix for example. A better example of how an editor can solve the same problem by adhering to the Unix Philosophy of composition through text processing would be Acme. Check out Acme’s alternative to quickfix https://youtu.be/dP1xVpMPn8M?t=551

                                                                                                                                                          1. 0

                                                                                                                                                            akkartik, which part of my comment did you identify with? :) FWIW, I’m fond of you personally.

                                                                                                                                                            I’d particularly appreciate a link to NeoVim criticism for being anti-Unix

                                                                                                                                                            Every single Hacker News thread about Neovim.

                                                                                                                                                            Were they similarly criticizing Vim?

                                                                                                                                                            Not until I reply as such–and the response is hem-and-haw.

                                                                                                                                                            1. 9

                                                                                                                                                              To be fair I don’t think the hacker news hive mind is a good judge of anything besides what is currently flavour of the week.

                                                                                                                                                              Just yesterday I had a comment not just downvoted but flagged and hidden-by-default, because I suggested Electron is a worse option than a web app.

                                                                                                                                                              HN is basically twitter on Opposite Day: far too happy to remove any idea even vaguely outside what the group considers “acceptable”.

                                                                                                                                                              1. 4

                                                                                                                                                                Indeed, I appreciate your comments as well in general. I wasn’t personally insulted, FWIW. But this is precisely the sort of thing I’m talking about, the assumption that someone pushing back must have their identity wrapped up in the subject. Does our community a disservice.

                                                                                                                                                                1. 0

                                                                                                                                                                  OTOH, I spent way too much of my life taking the FUD seriously. The mantra-parroting drive-by comments that are common in much of the anti-systemd and anti-foo threads should be pushed back. Not given a thoughtful audience.

                                                                                                                                                                  1. 2

                                                                                                                                                                    Totally fair. Can you point at any examples?

                                                                                                                                                                    1. 3

                                                                                                                                                                      https://news.ycombinator.com/item?id=7289935

                                                                                                                                                                      The old Unix ways are dying… … Vim is, in the spirit of Unix, a single purpose tool: it edits text.

                                                                                                                                                                      https://news.ycombinator.com/item?id=10412860

                                                                                                                                                                      thinks that anything that is too old clearly has some damage and its no longer good technology, like the neovim crowd

                                                                                                                                                                      Also just search for “vim unix philosophy” you’ll invariably find tons of imaginary nonsense:

                                                                                                                                                                      https://hn.algolia.com/?query=vim%20unix%20philosophy&sort=byPopularity&prefix&page=0&dateRange=all&type=comment

                                                                                                                                                                      Please don’t make me search /r/vim :D

                                                                                                                                                                      1. 4

                                                                                                                                                                        thinks that anything that is too old clearly has some damage and its no longer good technology, like the neovim crowd

                                                                                                                                                                        That’s not saying that neovim is ‘anti-Unix philosophy’, it’s saying that neovim is an example of a general pattern of people rewriting and redesigning old things that work perfectly well on the basis that there must be something wrong with anything that’s old.

                                                                                                                                                                        Which is indeed a general pattern.

                                                                                                                                                                        1. 1

                                                                                                                                                                          That’s not saying that neovim is ‘anti-Unix philosophy’

                                                                                                                                                                          It’s an example of (unfounded) fear, uncertainty, and doubt.

                                                                                                                                                                          rewriting and redesigning old things that work perfectly well on the basis that there must be something wrong with anything that’s old.

                                                                                                                                                                          That’s a problem that exists, but attaching it to project X out of habit, without justification, is the pattern I’m complaining about. In Neovim’s case it’s completely unfounded and doesn’t even make sense.

                                                                                                                                                                          1. 1

                                                                                                                                                                            It’s not unfounded. It’s pretty obvious that many of the people advocating neovim are doing so precisely because they think ‘new’ and ‘modern’ are things that precisely measure the quality of software. They’re the same people that change which Javascript framework they’re using every 6 weeks. They’re not a stereotype, they’re actual human beings that actually hold these views.

                                                                                                                                                                            1. 2

                                                                                                                                                                              Partial rewrite is one of the fastest ways to hand off software maintainership, though. And vim needed broader maintainer / developer community.

                                                                                                                                                                              1. 0

                                                                                                                                                                                Vim’s maintainer/developer community is more than sufficient. It’s a highly extensible text editor. Virtually anything can be done with plugins. You don’t need core editor changes very often if at all, especially now that the async stuff is in there.

                                                                                                                                                                                1. 3

                                                                                                                                                                                  You don’t need core editor changes very often if at all, especially now that the async stuff is in there.

                                                                                                                                                                                  Which required pressure from NeoVim, if I understood the situation correctly. Vim is basically a one-man show.

                                                                                                                                                                        2. 2

                                                                                                                                                                          Thanks :) My attitude is to skip past crap drive-by comments as beneath notice (or linking). But I interpreted you to be saying FUD (about SystemD) that you ended up taking seriously? Any of those would be interesting to see if you happen to have them handy, but no worries if not.

                                                                                                                                                                          Glad to have you back in the pro-Neovim (which is not necessarily anti-Vim) camp!

                                                                                                                                                              2. 20

                                                                                                                                                                What is FUD is this sort of comment: the classic combination of comparing systemd to the worst possible alternative instead of the best actual alternative with basically claiming everyone that disagrees with you is a ‘slashdot markov chain’ or similar idiotic crap.

                                                                                                                                                                On the first point, there are lots of alternatives to sysvinit that aren’t systemd. Lots and lots and lots. Some of them are crap, some are great. systemd doesn’t have a right to be compared only to what it replaced, but also all the other things that could have replaced sysvinit.

                                                                                                                                                                On the second point, it’s just bloody rude. But it also shows you don’t really understand what people are saying. ‘I think [xyz] violates the unix philosophy’ is not meaningless. People aren’t saying it for fun. They’re saying it because they think it’s true, and that it’s a bad thing. If you don’t have a good argument for the Unix philosophy not matter, or you think systemd doesn’t actually violate it, please go ahead and explain that. But I’ve never actually seen either of those arguments. The response to ‘it violates the Unix philosophy’ is always just ‘shut up slashdotter’. Same kind of comment you get when you say anything that goes against the proggit/hn hivemind that has now decided amongst other things that: microsoft is amazing, google is horrible, MIT-style licenses are perfect, GPL-style licenses are the devil-incarnate, statically typed languages are perfect, dynamically typed languages are evil, wayland is wonderful, x11 is terrible, etc.

                                                                                                                                                                1. 8

                                                                                                                                                                  claiming everyone that disagrees with you is a ‘slashdot markov chain’ or similar idiotic crap

                                                                                                                                                                  My claim is about the thoughtless shoveling of groundless rumors. Also I don’t think my quip was idiotic.

                                                                                                                                                                  there are lots of alternatives to sysvinit that aren’t systemd

                                                                                                                                                                  That’s fine, I never disparaged alternatives. I said: systemd is good and I’m annoyed that the grumblers said it wasn’t.

                                                                                                                                                                  1. 2

                                                                                                                                                                    It’s not good though, for all the reasons that have been said. ‘Better than what you had before’ and ‘good’ aren’t the same thing.

                                                                                                                                                                    1. 1

                                                                                                                                                                      seriously. If you don’t like systemd, use something else and promote its benefits. Tired of all the talking down of systemd. It made my life so much easier.

                                                                                                                                                                      1. 1

                                                                                                                                                                        seriously. If you like systemd, use it and shut up about it. Tired of all the talking up of systemd as if it’s actually any better than its alternatives, when it is objectively worse, and is poorly managed by nasty people.

                                                                                                                                                                        1. 4

                                                                                                                                                                          Have you watched the video this thread is about? Because you really sound like the kind of dogmatist the presenter is talking about.

                                                                                                                                                                          If you like systemd, use it and shut up about it

                                                                                                                                                                          Also, isn’t this a double-standard, since when it comes to complaining about systemd, this attitude doesn’t seem that prevalent.

                                                                                                                                                                          1. 2

                                                                                                                                                                            No, because no other tool threatens the ecosystem like systemd does.

                                                                                                                                                                            Analogy: it wasn’t a double-standard 10 years ago to complain about Windows and say ‘if you like Windows, use it and shut up about it’.

                                                                                                                                                                            1. 3

                                                                                                                                                                              I see this kind of vague criticism when it comes to systemd alot. What ecosystem is it really breaking? It’s all still open source, there aren’t any proprietary protocols or corporate patents that prevent people from modifying the software to not have to rely on systemd. This “threat”, thr way I see it, has turned out to be at most a “ minor inconvenience “.

                                                                                                                                                                              I suppose you’re thinking about examples like GNOME, but on the one hand, GNOME isn’t a unix-dogmatist project, but instead they aim to create a integrated desktop experience, consciously trading this in for ideal modularity – and on the other, projects like OpenBSD have managed to strip out what required systemd and have a working desktop environment. Most other examples, of which I know, have a similar pattern.

                                                                                                                                                                2. 6

                                                                                                                                                                  I think that the problem is fanboyism, echo chambers and ideologies.

                                                                                                                                                                  I might be wrong, so please don’t consider this an accusation. But you writing this sounds like someone hearing that systemd is bad, therefore never looking at it, yet copying it. Then one tries it and finding out that baseless prejudices were in fact baseless.

                                                                                                                                                                  After that the assumption is that everyone else must have been doing the same and one is enlightened now to see it’s actually really cool.

                                                                                                                                                                  I think that this group behavior and blindly copying opinions is one of the worst things in IT these days, even though of course it’s not limited to this field.

                                                                                                                                                                  A lot of people criticizing systemd actually looked at systemd, really deep, maybe even built stuff on it, or at least worked with it in production as sysadmin/devop/sre/…

                                                                                                                                                                  Yes, I have used systemd, yes I understand why decisions we’re taken, where authors if the software were going, read specs of the various parts (journald for example), etc.

                                                                                                                                                                  I think I have a pretty good understanding compared to at least most people that only saw it from a users perspective (considering writing unit files to be users perspective as well).

                                                                                                                                                                  So I could write about that in my CV and be happy that I can answer a lot of questions regarding systemd, advocate its usage to create more demand and be happy.

                                                                                                                                                                  To sum it up: I still consider systemd to be bad on multiple layers, both implementation and some ideas that I considered great but then through using it seeing that it was a wrong assumption. By the way that’s the thing I would not blame anyone for. It’s good that stuff gets tried, that’s how research works. It’s not the first and not the last project that will come out sounding good, to only find out a lot of things either doesn’t make a difference or make it worse.

                                                                                                                                                                  I am a critic of systemd but I agree that there’s a lot of FUD as well. Especially when there’s people that blame everything, including own incompetence on systemd. Nobody should ever expect a new project to be a magic bullet. That’s just dumb and I would never blame systemd for trying a different approach or for not being perfect. However I think it has problems on many levels. While I think the implementation isn’t really good that’s something that can be fixed. However I think some parts of the concept level are either pretty bad or have turned out to be bad decisions.

                                                                                                                                                                  I was very aware that especially in the beginning the implementation was bad. A lot got better. That’s to be expected. However next to various design decisions I consider bad I think many more were based on ideas that I think to most people in IT sound good and reasonable but in the specific scenarios that systemd is used it at least in my experience do not work out at all or only work well in very basic cases.

                                                                                                                                                                  In other words the cases where other solutions are working maybe not optimal, but that aren’t considered a problem worth fixing because the added complexity isn’t worth it systemd really shines. However when something is more complex I think using systemd frequently turns out to be an even worse solution.

                                                                                                                                                                  While I don’t wanna go into detail because I don’t think this is the right format for an actual analysis I think systemd in this field a lot in common with both configuration management and JavaScript frameworks. They tend to be amazing for use cases that are simple (todo applications for example), but together with various other complexities often make stuff unnecessarily complicated.

                                                                                                                                                                  And just like with JavaScript frameworks and configuration management there’s a lot of FUD, ideologies, echochambers, following the opinion of some thought leaders, and very little building your own solid opinion.

                                                                                                                                                                  Long story short. If you criticize something without knowing what it is about then yes that’s dumb and likely FUD. However assuming that’s the only possible reason for someone criticizing software is similarly dumb and often FUD regarding this opinion.

                                                                                                                                                                  This by the way also works the reverse. I frequently see people liking software and echoing favorable statements for the same reasons. Not understanding what they say, just copying sentences of opinion leaders, etc.

                                                                                                                                                                  It’s the same pattern, just the reversal, positive instead of negative.

                                                                                                                                                                  The problem isn’t someone disliking or liking something, but that opinions and thoughts are repeated without understanding which makes it hard to have discussions and arguments that give both sides any valuable insides or learnings

                                                                                                                                                                  Then things also get personal. People hate on Poetteing and think he is dumb and Poetteing thinks every critic is dumb. Just because that’s a lot of what you see when every statement is blindly echoed.

                                                                                                                                                                  1. 1

                                                                                                                                                                    That’s nice, but the implication of the anti-systemd chorus was that sys v init was good enough. Not all of these other “reasonable objections” that people are breathless to mention.

                                                                                                                                                                    The timbre reminded me of people who say autotools is preferrable to cmake. People making a lot of noise about irrelevant details and ignoring the net gain.

                                                                                                                                                                    But you writing this sounds like someone hearing that systemd is bad, therefore never looking at it, yet copying it.

                                                                                                                                                                    No, I’m reacting to the idea that the systemd controversy took up any space in my mind at all. It’s good software. It doesn’t matter if X or Y is technically better, the popular narrative was that systemd is a negative thing, a net-loss.

                                                                                                                                                                    1. 2

                                                                                                                                                                      In your opinion it’s good software and you summed up the “anti-systemd camp” with “sys v init was good enough” even though people from said “anti-systemd camp” on this very thread disagreed that that was their point.

                                                                                                                                                                      To give you an entirely different point of view, I’m surprised you don’t want to know anything about a key piece of a flagship server operating systems (taking that one distro is technically an OS) affecting the entire eco system and unrelated OS’ (BSDs etc.) that majorly affects administration and development on Linux-based systems. Especially when people have said there are clear technical reasons for disliking the major change and forced compliance with “the new way”.

                                                                                                                                                                      1. 2

                                                                                                                                                                        you summed up the “anti-systemd camp” with “sys v init was good enough” even though people from said “anti-systemd camp” on this very thread disagreed that that was their point.

                                                                                                                                                                        Even in this very thread no one has actually named a preferred alternative. I suspect they don’t want to be dragged into a discussion of details :)

                                                                                                                                                                        affecting the entire eco system and unrelated OS’ (BSDs etc.)

                                                                                                                                                                        BSDs would be a great forum for demonstrating the alternatives to systemd.

                                                                                                                                                                        1. 2

                                                                                                                                                                          Well, considering how many features that suite of software has picked up, there isn’t currently one so that shortens the conversation :)

                                                                                                                                                                          launchd is sort of a UNIX alternative too, but it’s currently running only on MacOS and it recently went closed source.

                                                                                                                                                                  2. 3

                                                                                                                                                                    It violates unix philosohpy

                                                                                                                                                                    That accusation was also made against neovim. The people muttering this stuff are slashdot markov chains, they don’t have any idea what they’re talking about.

                                                                                                                                                                    i don’t follow your reasoning. why is it relevant that people also think neovim violates the unix philosophy? are you saying that neovim conforms to the unix philosophy, and therefore people who say it doesn’t must not know what they’re talking about?

                                                                                                                                                                    1. 1

                                                                                                                                                                      are you saying that neovim conforms to the unix philosophy, and therefore people who say it doesn’t must not know what they’re talking about?

                                                                                                                                                                      When the implication is that Vim better aligns with the unix philosophy, yes, anyone who avers that doesn’t know what they’re talking about. “Unix philosophy” was never a goal of Vim (”:help design-not” was strongly worded to that effect until last year, but it was never true anyways) and shows a deep lack of familiarity with Vim’s features.

                                                                                                                                                                      Some people likewise speak of a mythical “Vim way” which again means basically nothing. But that’s a different topic.

                                                                                                                                                                      1. 1

                                                                                                                                                                        vim does have fewer features which can be handled by other tools though right? not that vim is particularly unixy, but we’re talking degrees

                                                                                                                                                                    2. 1

                                                                                                                                                                      The people muttering this stuff are slashdot markov chains, they don’t have any idea what they’re talking about

                                                                                                                                                                      I’ll bookmark this comment just for this description.

                                                                                                                                                                    1. 8

                                                                                                                                                                      To be fair, they should also mark as “Not Secure” any page running JavaScript.

                                                                                                                                                                      Also, pointless HTTPS adoption might reduce content accessibility without blocking censorship.
                                                                                                                                                                      (Disclaimer: this does not mean that you shouldn’t adopt HTTPS for sensible contents! It just means that using HTTPS should not be a matter of fashion: there are serious trade-offs to consider)

                                                                                                                                                                      1. 11

                                                                                                                                                                        By adopting HTTPS you basically ensure that nasty ISPs and CDNs can’t insert garbage into your webpages.

                                                                                                                                                                        1. [Comment removed by author]

                                                                                                                                                                          1. 5

                                                                                                                                                                            Technically, you authorize them (you sign actual paperwork) to get/generate a certificate on your behalf (at least this is my experience with Akamai). You don’t upload your own ssl private key to them.

                                                                                                                                                                            1. 3

                                                                                                                                                                              Why on earth would I give anyone else my private certificate?

                                                                                                                                                                              1. 4

                                                                                                                                                                                Because it’s part of The Process. (Technical Dark Patterns, Opt-In without a clear way to Opt-Out, etc.)

                                                                                                                                                                                Because you’ll be laughed at if you don’t. (Social expectations, “received wisdom”, etc.)

                                                                                                                                                                                Because Do It Now. Do It Now. Do It Now. (Nagging emails. Nagging pings on social media. Nagging.)

                                                                                                                                                                                Lastly, of course, are Terms Of Service, different from the above by at least being above-board.

                                                                                                                                                                            2. 2

                                                                                                                                                                              No.

                                                                                                                                                                              It protects against cheap man-in-the-middle attacks (as the one an ISP could do) but it can nothing against CDNs that can identify you, as CDNs serve you JavaScript over HTTPS.

                                                                                                                                                                              1. 11

                                                                                                                                                                                With Subresource Integrity (SRI) page authors can protect against CDNed resources changing out from beneath them.

                                                                                                                                                                                1. 1

                                                                                                                                                                                  Yes SRI mitigate some of the JavaScript attacks that I describe in the article, in particular the nasty ones from CDNs exploiting your trust on a harmless-looking website.
                                                                                                                                                                                  Unfortunately several others remain possible (just think of jsonp or even simpler if the website itself collude to the attack). Also it needs widespread adoption to become a security feature: it should probably be mandatory, but for sure browsers should mark as “Not Secure” any page downloading programs from CDNs without it.

                                                                                                                                                                                  What SRI could really help is with the accessibility issues described by Meyer: you can serve most page resources as cacheable HTTP resources if the content hash is declared in a HTTPS page!

                                                                                                                                                                                2. 3

                                                                                                                                                                                  WIth SRI you can block CDNs you use to load JS scripts externally from manipulating the webpage.

                                                                                                                                                                                  I also don’t buy the link that claims it reduces content accessiblity, the link you provided above explains a problem that would be solved by simply using a HTTPS caching proxy (something a lot of corporate networks seem to have no problem operating considering TLS 1.3 explicitly tries not to break those middleboxes)

                                                                                                                                                                                  1. 4

                                                                                                                                                                                    CDNs are man-in-the-middle attacks.

                                                                                                                                                                                3. 1

                                                                                                                                                                                  As much as I respect Meyer, his point is moot. MitM HTTPS proxy servers have been setup since a long time, even though usually for a far more objectionable purposes than content caching. Some companies even made out of the box HTTPS URL filtering their selling point. If people are ready or forced to trade security for accessibility, but don’t know how to setup HTTPS MitM proxy, it’s their problem, not webmasters’. We should be ready to teach those in needs how to setup it of course, but that’s about it.

                                                                                                                                                                                  1. 0

                                                                                                                                                                                    MitM HTTPS proxy servers have been setup since a long time, even though usually for a far more objectionable purposes than content caching. […] If people are ready or forced to trade security for accessibility, but don’t know how to setup HTTPS MitM proxy, it’s their problem, not webmasters’.

                                                                                                                                                                                    Well… how can I say that… I don’t think so.

                                                                                                                                                                                    Selling HTTPS MitM proxy as a security solutions is plain incompetence.

                                                                                                                                                                                    Beyond the obvious risk that the proxy is compromised (you should never assume that they won’t) which is pretty high in some places (not only in Africa… don’t be naive, a chain is only as strong as its weakest link), a transparent HTTPS proxy has an obvious UI issue: people do not realise that it’s unsafe.

                                                                                                                                                                                    If the browsers don’t mark as “Not Secure” them (how could them?) the user will overlook the MitM risks, turning a security feature against the users’ real security and safety.

                                                                                                                                                                                    Is this something webmasters should care? I think so.

                                                                                                                                                                                    1. 4

                                                                                                                                                                                      Selling HTTPS MitM proxy as a security solutions is plain incompetence.

                                                                                                                                                                                      Not sure how to tell you this, but companies have been doing this on their internal networks for a very long time and this is basically standard operating procedure at every enterprise-level network I’ve seen. They create their own CA, generate an intermediate CA key cert, and then put that on an HTTPS MITM transparent proxy that inspects all traffic going in an out of the network. The intermediate cert is added to the certificate store on all devices issued to employees so that it is trusted. By inspecting all of the traffic, they can monitor for external and internal threats, scan for exfiltration of trade secrets and proprietary data, and keep employees from watching porn at work. There is an entire industry around products that do this, BlueCoat and Barracuda are two popular examples.

                                                                                                                                                                                      1. 5

                                                                                                                                                                                        There is an entire industry around products that do this

                                                                                                                                                                                        There is an entire industry around rasomware. But this does not means it’s a security solution.

                                                                                                                                                                                        1. 1

                                                                                                                                                                                          It is, it’s just that word security is better understood as “who” is getting (or not) secured from “whom”.

                                                                                                                                                                                          What you keep saying is that MitM proxy does not protect security of end users (that is employees). What they do, however, in certain contexts like described above, is help protect the organisation in which end users operate. Arguably they do, because it certainly makes it more difficult to protect yourself from something you cannot see. If employees are seen as a potential threat (they are), then reducing their security can help you (organisation) with yours.

                                                                                                                                                                                          1. 1

                                                                                                                                                                                            I wonder if you did read the articles I linked…

                                                                                                                                                                                            The point is that, in a context of unreliable connectivity, HTTPS reduce dramatically accessibility but it doesn’t help against censorship.

                                                                                                                                                                                            In this context, we need to grant to people accessibility and security.

                                                                                                                                                                                            An obvious solution is to give them a cacheable HTTP access to contents. We can fool the clients to trust a MitM caching proxy, but since all we want is caching this is not the best solution: it add no security but a false sense of security. Thus in that context, you can improve users’ security by removing HTTPS.

                                                                                                                                                                                            1. 1

                                                                                                                                                                                              I have read it, but more importantly, I worked in and build services for places like that for about 5 years (Uganda, Bolivia, Tajikistan, rural India…).

                                                                                                                                                                                              I am with you that HTTPS proxy is generally best to be avoided if for no other reason because it grows attack surface area. I disagree that removing HTTPS increases security. It adds a lot more places and actors who now can negatively impact user in exchange for him knowing this without being able to do much about it.

                                                                                                                                                                                              And that is even without going into which content is safe to be cached in a given environment.

                                                                                                                                                                                              1. 1

                                                                                                                                                                                                And that is even without going into which content is safe to be cached in a given environment.

                                                                                                                                                                                                Yes, this is the best objection I’ve read so far.

                                                                                                                                                                                                As always it’s a matter of tradeoff. In a previous related thread I described how I would try to fix the issue in a way that people can easily opt-out and opt-in.

                                                                                                                                                                                                But while I think it would be weird to remove HTTPS for an ecommerce chart or for a political forum, I think that most of Wikipedia should be served through both HTTP and HTTPS. People should be aware that HTTP page are not secure (even though it all depends on your threat model…) but should not be mislead to think that pages going through an MitM proxy are secure.

                                                                                                                                                                                      2. 2

                                                                                                                                                                                        HTTPS proxy isn’t incompetence, it’s industry standard.

                                                                                                                                                                                        They solve a number of problems and are basically standard in almost all corporate networks with a minimum security level. They aren’t a weak chain in the link since traffic in front of the proxy is HTTPS and behind it is in the local network and encrypted by a network level CA (you can restrict CA capabilities via TLS cert extensions, there is a fair number of useful ones that prevent compromise).

                                                                                                                                                                                        Browser don’t mark these insecure because to install and use a HTTPS proxy requires full admin access to a device, at which level there is no reason to consider what the user is doing as insecure.

                                                                                                                                                                                        1. 2

                                                                                                                                                                                          Browser don’t mark these insecure because to install and use a HTTPS proxy requires full admin access to a device, at which level there is no reason to consider what the user is doing as insecure.

                                                                                                                                                                                          Browsers bypass the network configuration to protect the users’ privacy.
                                                                                                                                                                                          (I agree this is stupid, but they are trying to push this anyway)

                                                                                                                                                                                          The point is: the user’s security is at risk whenever she sees as HTTPS (which stands for “HTTP Secure”) something that is not secure. It’s a rather simple and verifiable fact.

                                                                                                                                                                                          It’s true that posing a threat to employees’ security is an industry standard. But it’s not a security solution. At least, not for the employees.

                                                                                                                                                                                          And, doing that in a school or a public library is dangerous and plain stupid.

                                                                                                                                                                                          1. 0

                                                                                                                                                                                            Nobody is posing a threat to employees’ security here, a corporation can in this case be regarded as a single entity so terminating SSL at the borders of the entity similar to how a browser terminates SSL by showing the website on a screen is fairly valid.

                                                                                                                                                                                            Schools and public libraries usually have the internet filtered yes, that is usually made clear to the user before using it (atleast when I wanted access to either I was in both cases instructed that the network is supervised and filtered) which IMO negates the potential security compromise.

                                                                                                                                                                                            Browsers bypass the network configuration to protect the users’ privacy.

                                                                                                                                                                                            Browsers don’t bypass root CA configuration, core system configuration or network routing information as well as network proxy configuration to protect a user’s privacy.

                                                                                                                                                                                            1. 1

                                                                                                                                                                                              Schools and public libraries usually have the internet filtered yes, that is usually made clear to the user before using it [..] which IMO negates the potential security compromise.

                                                                                                                                                                                              Yes this is true.

                                                                                                                                                                                              If people are kept constantly aware of the presence of a transparent HTTPS proxy/MitM, I have no objection to its use instead of an HTTP proxy for caching purposes. Marking all pages as “Not Secure” is a good way to gain such awareness.

                                                                                                                                                                                              Browsers don’t bypass root CA configuration, core system configuration or network routing information as well as network proxy configuration to protect a user’s privacy.

                                                                                                                                                                                              Did you know about Firefox’s DoH/CloudFlare affair?

                                                                                                                                                                                              1. 2

                                                                                                                                                                                                Yes I’m aware of the “affair”. To my knowledge the initial DoH experiment was localized and run on users who had enabled studies (opt-in). In both the experiment and now Mozilla has a contract with CloudFlare to protect the user privacy during queries when DoH is enabled (which to my knowledge it isn’t by default). In fact, the problem ungleich is blogging about isn’t even slated for standard release yet, to my knowledge.

                                                                                                                                                                                                It’s plain and old wrong in the bad kind of way; it conflates security maximalism with the mission of Mozilla to bring the maximum amount of users privacy and security.

                                                                                                                                                                                                1. 1

                                                                                                                                                                                                  TBH, I don’t know what you mean with “security maximalism”.

                                                                                                                                                                                                  I think ungleich raise serious concerns that should be taken into account before shipping DoH to the masses.

                                                                                                                                                                                                  Mozilla has a contract with CloudFlare to protect the user privacy

                                                                                                                                                                                                  It’s bit naive for Mozilla to base the security and safety of milions of people world wide in the contract with a company, however good they are.

                                                                                                                                                                                                  AFAIK, even Facebook had a contract with his users.

                                                                                                                                                                                                  Yeah.. I know… they will “do no evil”…

                                                                                                                                                                                                  1. 1

                                                                                                                                                                                                    Security maximalism disregards more common threatmodels and usability problems in favor of more security. I don’t believe the concerns are really concerns for the common user.

                                                                                                                                                                                                    It’s bit naive for Mozilla to base the security and safety of milions of people world wide in the contract with a company, however good they are.

                                                                                                                                                                                                    Cloudflare hasn’t done much that makes me believe they will violate my privacy. They’re not in the business of selling data to advertisers.

                                                                                                                                                                                                    AFAIK, even Facebook had a contract with his users

                                                                                                                                                                                                    Facebook used Dark Patterns to get users to willingly agree to terms they would otherwise never agree on, I don’t think this is comparable. Facebook likely never violated the contract terms with their users that way.

                                                                                                                                                                                                    1. 1

                                                                                                                                                                                                      Security maximalism disregards more common threatmodels and usability problems in favor of more security. I don’t believe the concerns are really concerns for the common user.

                                                                                                                                                                                                      You should define “common user”.
                                                                                                                                                                                                      If you mean the politically inepts who are happy to be easily manipulated as long as they are given something to say and retweet… yes, they have nothing to fear.
                                                                                                                                                                                                      The problem is for those people who are actually useful to the society.

                                                                                                                                                                                                      Cloudflare hasn’t done much that makes me believe they will violate my privacy.

                                                                                                                                                                                                      The problem with Cloudflare is not what they did, it’s what they could do.
                                                                                                                                                                                                      There’s no reason to give such power to a single company, located near all the other companies that are currently centralizing the Internet already.

                                                                                                                                                                                                      But my concerns are with Mozilla.
                                                                                                                                                                                                      They are trusted by milions of people world wide. Me included. But actually, I’m starting to think they are much more like a MitM caching HTTPS proxy: trusted by users as safe, while totaly unsafe.

                                                                                                                                                                                                      1. 1

                                                                                                                                                                                                        So in your opinion, the average user does not deserve the protection of being able to browse the net as safe as we can make it for them?

                                                                                                                                                                                                        Just because you think they aren’t useful to society (and they are, these people have all the important jobs, someone isn’t useless because they can’t use a computer) doesn’t mean we, as software engineers, should abandon them.

                                                                                                                                                                                                        There’s no reason to give such power to a single company, located near all the other companies that are currently centralizing the Internet already.

                                                                                                                                                                                                        Then don’t use it? DoH isn’t going to be enabled by default in the near future and any UI plans for now make it opt-in and configurable. The “Cloudflare is default” is strictly for tests and users that opt into this.

                                                                                                                                                                                                        they are much more like a MitM caching HTTPS proxy: trusted by users as safe, while totaly unsafe.

                                                                                                                                                                                                        You mean safe because everyone involved knows what’s happening?

                                                                                                                                                                                                        1. 1

                                                                                                                                                                                                          I don’t believe the concerns are really concerns for the common user.

                                                                                                                                                                                                          You should define “common user”.
                                                                                                                                                                                                          If you mean the politically inepts who are happy to be easily manipulated…

                                                                                                                                                                                                          So in your opinion, the average user does not deserve the protection of being able to browse the net as safe as we can make it for them?

                                                                                                                                                                                                          I’m not sure if you are serious or you are pretending to not understand to cope with your lack of arguments.
                                                                                                                                                                                                          Let’s assume the first… for now.

                                                                                                                                                                                                          I’m saying the concerns raised by ungleich are serious and could affect any person who is not politically inept. That’s obviously because, anyone politically inept is unlikely to be affected by surveillance.
                                                                                                                                                                                                          That’s it.

                                                                                                                                                                                                          they are much more like a MitM caching HTTPS proxy: trusted by users as safe, while totaly unsafe.

                                                                                                                                                                                                          You mean safe because everyone involved knows what’s happening?

                                                                                                                                                                                                          Really?
                                                                                                                                                                                                          Are you sure everyone understand what is a MitM attack? Are you sure every employee understand their system administrators can see the mail they reads from GMail? I think you don’t have much experience with users and I hope you don’t design user interfaces.

                                                                                                                                                                                                          A MitM caching HTTPS proxy is not safe. It can be useful for corporate surveillance, but it’s not safe for users. And it extends the attack surface, both for the users and the company.

                                                                                                                                                                                                          As for Mozilla: as I said, I’m just not sure whether they deserve trust or not.
                                                                                                                                                                                                          I hope they do! Really! But it’s really too naive to think that a contract is enough to bind a company more than a subpoena. And they ship WebAssembly. And you have to edit about:config to disable JavaScript
                                                                                                                                                                                                          All this is very suspect for a company that claims to care about users’ privacy!

                                                                                                                                                                                                          1. 0

                                                                                                                                                                                                            I’m saying the concerns raised by ungleich are serious and could affect any person who is not politically inept.

                                                                                                                                                                                                            I’m saying the concerns raised by ungleich are too extreme and should be dismissed on grounds of being not practical in the real world.

                                                                                                                                                                                                            Are you sure everyone understand what is a MitM attack?

                                                                                                                                                                                                            An attack requires an adversary, the evil one. A HTTPS Caching proxy isn’t the evil or enemy, you have to opt into this behaviour. It is not an attack and I think it’s not fair to characterise it as such.

                                                                                                                                                                                                            Are you sure every employee understand their system administrators can see the mail they reads from GMail?

                                                                                                                                                                                                            Yes. When I signed my work contract this was specifically pointed out and made clear in writing. I see no problem with that.

                                                                                                                                                                                                            And it extends the attack surface, both for the users and the company.

                                                                                                                                                                                                            And it also enables caching for users with less than stellar bandwidth (think third world countries where satellite internet is common, 500ms ping, 80% packet loss, 1mbps… you want caching for the entire network, even with HTTPS)

                                                                                                                                                                                                            And they ship WebAssembly.

                                                                                                                                                                                                            And? I have on concerns about WebAssembly. It’s not worse than obfuscated javascript. It doesn’t enable anything that wasn’t possible before via asm.js. The post you linked is another security maximalist opinion piece with little factual arguments.

                                                                                                                                                                                                            And you have to edit about:config to disable JavaScript…

                                                                                                                                                                                                            Or install a half-way competent script blocker like uMatrix.

                                                                                                                                                                                                            All this is very suspect for a company that claims to care about users’ privacy!

                                                                                                                                                                                                            I think it’s understandable for a company that both cares about users privacy and doesn’t want a marketshare of “only security maximalists”, also known as, 0%.

                                                                                                                                                                                                            1. 1

                                                                                                                                                                                                              An attack requires an adversary, the evil one.

                                                                                                                                                                                                              According to this argument, you don’t need HTTPS until you don’t have an enemy.
                                                                                                                                                                                                              It shows very well your understanding of security.

                                                                                                                                                                                                              The attacker described in threat model are potential enemies. Yorr security depends on how well you avoid or counter potential attacks.

                                                                                                                                                                                                              I have on concerns about WebAssembly.

                                                                                                                                                                                                              Not a surprise.

                                                                                                                                                                                                              Evidently you never had to debug neither an obfuscated javascript nor an optimized binary (without sources or debug symbols).

                                                                                                                                                                                                              Trust one who did both: obfuscated javascript is annoying, understanding what an optimized binary is doing is hard.

                                                                                                                                                                                                              As for packet loss caching at all, you didn’t reas what I wrote, and I won’t feed you more.

                                                                                                                                                                                                              1. 1

                                                                                                                                                                                                                According to this argument, you don’t need HTTPS until you don’t have an enemy.

                                                                                                                                                                                                                If there is no adversary, no Malory in the connection, there is no reason to encrypt it either, correct.

                                                                                                                                                                                                                It shows very well your understanding of security.

                                                                                                                                                                                                                My understanding in security is based on threat models. A threat model includes who you trust, who you want to talk to and who you don’t trust. It includes how much money you want to spend, how much your attacker can spend and the methods available to both of you.

                                                                                                                                                                                                                There is no binary security, a threat model is the entry point and your protection mechanisms should match your threat model as best as possible or exceed it, but there is no reason to exert effort beyond your threat model.

                                                                                                                                                                                                                The attacker described in threat model are potential enemies. Yorr security depends on how well you avoid or counter potential attacks.

                                                                                                                                                                                                                Malory is a potential enemy. An HTTPS caching proxy operated by a corporation is not an enemy. It’s not malory, it’s Bob, Alice and Eve where Bob wants to send Alice a message, she works for Eve and Eve wants to avoid having duplicate messages on the network, so Eve and Alice agree that caching the encrypted connection is worthwile.

                                                                                                                                                                                                                Malory sits between Eve and Bob not Bob and Alice.

                                                                                                                                                                                                                Evidently you never had to debug neither an obfuscated javascript nor an optimized binary (without sources or debug symbols).

                                                                                                                                                                                                                I did, in which case I either filed a Github issue if the project was open source or I notified the company that offered the javascript or optimized binary. Usually the bug is then fixed.

                                                                                                                                                                                                                It’s not my duty or problem to debug web applications that I don’t develop.

                                                                                                                                                                                                                Trust one who did both: obfuscated javascript is annoying, understanding what an optimized binary is doing is hard.

                                                                                                                                                                                                                Then don’t do it? Nobody is forcing you.

                                                                                                                                                                                                                As for packet loss caching at all, you didn’t reas what I wrote, and I won’t feed you more.

                                                                                                                                                                                                                I don’t think you consider that a practical problem such as bad connections can outweigh a lot of potential security issues since you don’t have the time or user patience to do it properly and in most cases it’ll be good enough for the average user.

                                                                                                                                                                                        2. 2

                                                                                                                                                                                          My point is that the problems of unencrypted HTTP and MitM’ed HTTPS are exactly the same. If one used to prefer the former because it can be easily cached, I can’t see how setting up the latter makes their security issues worse.

                                                                                                                                                                                          1. 3

                                                                                                                                                                                            With HTTP you know it’s not secure. OTOH you might not be aware that your HTTPS connection to the server is not secure at all.

                                                                                                                                                                                            The lack of awareness makes MitM caching worse.

                                                                                                                                                                                    1. 6

                                                                                                                                                                                      Another system where division by zero is possible is wheel theory, which is similar to the system described here in that 1/x is not always the multiplicative inverse of x, as indeed it isn’t when x = 0.

                                                                                                                                                                                      Here’s an interesting Stack Exchange post.