1. 1

    The “burn it all to the ground and start back at the Dark Ages,” part of me is totally fine with making use of E2EE “commercially infeasible,” as the article suggests.

    We could still communicate “in the dark,” it would just not be profitable.

    But then the other, more reasonable part of me that has people that rely on my finances that come from working in an industry that very much relies on the commercialization of E2EE chides me for my selfishness.

    1. 2

      Staying a few nights at the hospital - ‘cause the baby decided Leap Day was better than sharing his sister’s birthday, four days later.

      1. 13

        Using this on my bar, it’s pretty nice. Still using JetBrains Mono for everything else, though.

        https://qtp2t.club/pub/setup.png

        1. 5

          That is a nice bar! Also, your wallpaper choice is impeccable.

          1. 2

            Yes, please link to it!

            1. 4

              Not OP but here it is. Just set your background to Tail/Pattern mode depending on OS of choice. Nice desktop tho @hazel.

              1. 5

                My dots are at https://git.qtp2t.club/hazel/etc if you want them, and thanks

              2. 4

                Hi, that’s from my wallpaper pack! something something copyright not intended (well some of them are OC)

                1. 2

                  That’s really nice, thanks!

            2. 2

              Just wanted to say, your bar is awesome. You’ve got to post this on unixporn :)

            1. 3

              The shift click to expand selection looks nice.

              I really love watching this thing evolve. A really nice console / terminal was the missing link that kept WSL from being a first class Linux development environment, and Windows Terminal is filling that gap REALLY fast.

              I have a funny feeling that there are going to be a LOT of developers who live outside the rarefied bubble of desktop UNIX users whose work-a-day quality of life is going to be markedly improved by this.

              1. 2

                I have a funny feeling that there are going to be a LOT of developers who live outside the rarefied bubble of desktop UNIX users whose work-a-day quality of life is going to be markedly improved by this.

                I work (as a network server developer) in the game industry and this is absolutely transformative for my work. I have to use Windows. A lot of the tooling in the game industry only runs on Windows. I will likely start doing the entirety of my work inside of this terminal. Right now I’m running an XFCE desktop inside of a VirtualBox VM just so that I can run Konsole because the terminal emulators on Windows are all in some way insufficient.

                1. 2

                  rarefied bubble of desktop UNIX users

                  You mean, like, Mac users? I’m not even sure I know a dev who uses Windows. Not saying they don’t exist, just questioning the hyperbole here :-)

                  1. 9

                    I’m not even sure I know a dev who uses Windows.

                    While I agree that “rarefied bubble” seems hyperbolic, “not even sure I know a dev who uses Windows” seems much more hyperbolic to me.

                    Vast armies of “enterprise” developers run Windows all the time. And many who do product work are Windows first.

                    To counter your anecdata with some of my own, on a project I worked last year, we were delivering software that ran exclusively on RHEL servers. On days when the whole team met, you’d see a dozen Windows laptops, two or three Macs and two of us running Linux. One of the Linux holdouts was a Red Hat employee, and I was the other, having switched when my 2011 17” MBP died of GPU failure and I couldn’t find anything in Apple’s lineup to replace it.

                    Outside that group, I know plenty who run Macs, but the vast majority I’ve worked with use Windows as a daily driver.

                    That said, every single Windows user I know who suffered from the trash fire that is the old terminal has already helped themselves in terms of quality of life by installing cmder or something like it. “Markedly improved” is probably overstatement for most, even though it will be much better than the default from before.

                    1. 8

                      Hello! Nice to meet you! I am a software engineer and I use Windows.

                      I like coffee and tiling as many windows as Windows lets me. Now you know a dev who uses Windows!

                      1. 3

                        macOS is really popular in USA. But it’s not really the case for Europe. We struggled to find a macOS developer that is able to do system programming so much that we had to hire Linux devs and trained them with knowledge about macOS.

                        1. 3

                          Windows devs are many (I am one also). Just as any popular platform, I imagine developing is popular there too.

                          1. 2

                            You should get out more ;)

                            Seriously, just type “I run Windows” into the Lobsters search box and take a gander at the number of articles this yields.

                            Not just Mac users, but even developers who’ve been on Windows for any number of reasons (It’s what their IT department supports, for example).

                            Sorry about the hyperbole, it’s a core part of my personality and when I’m excited about something it’s very hard to hide, but I shall endeavor to do so in future interactions here.

                            1. 1

                              Hehe, I definitely deserved what I got here, I managed to use hyperbole in a comment calling out hyperbole! :-)

                              1. 1

                                I think your post is actually a really usefu could l window into how many developers think about this situation.

                                We all surround ourselves with communities of like minded people, and as a result it’s very easy to start thinking thata this represents the status quo for all developers, everywhere.

                                Somebody felt so strongly about my comment that they flagged it as spam!

                                I would love it if the greater technology community could take a giant step back and recognize that the bubbles we inhabit can narrow our perception of reality.

                                I think for myself I will stop interacting with Windows related posts on lobsters. I will totally cop to having been over-zealous in my interactions on the previous thread, but I was exceedingly careful in my response this time and yet still got flagged.

                                1. 2

                                  I agree that we all have bubbles. Sometimes it’s hard to escape your bubble even if you want to because it has to do with geography or industry. But I do agree that we should do our best to at least be aware that those bubbles exist. Honestly, my original comment was meant to be light-hearted, trading hyperbole for hyperbole. In retrospect, it probably wasn’t a good topic for that kind of thing.

                                  1. 2

                                    Jokes (and lighthearted comments) often don’t land in text. Can’t add intonation beyond SCREAMING something really. Sometimes just you just have to call it out rather dryly ..

                                  2. 2

                                    I hear you.. I agree with you. I think it would be bad if you refrained from interacting with Windows posts.

                              2. 2

                                I’m on windows at work. I think hwayne is too. Don’t forget that there is an entire dev community built around the C# and the CLR which until recently was largely focused around windows. Not too mention lots of game devs work in windows.

                            1. 1

                              I don’t - at least not about privacy and security.

                              1. 1

                                In case anyone is thrown off by the title and “satire,” label: this is a work penned by Brian Randell, in response to what he witnessed at the (first, I believe?) NATO Software Engineering conference.

                                1. 6

                                  This is a great write-up: it’s incredible the opportunities for working on the road that have opened up for people not just in the tech industry, but other industries as well.

                                  In addition to the resources Jezen listed, a good reference to have in the back of your pocket are the travel advisories issued by the United States Department of State **.

                                  They recently (2018) migrated to a tool that places all of their travel advisories on a color-coded map: https://travelmaps.state.gov/TSGMap/

                                  ** or any similar resource, if offered, by the country to which you ascribe citizenship

                                  I, too, find the media’s reporting of events overblown and sensationalist, but supplementing that with with (yes, scientific data, +1 for the coronavirus stats example) but also publicly-available knowledge of state activity can also provide additional insurance.

                                  1. 3

                                    I prefer my grandfathers axe…..

                                    I have my grandfathers axe, my father replace the handle and I replaced the blade…

                                    1. 1

                                      Your model can still be used in this context, as the question can still be asked: “Is it the same axe?”

                                      This was the (secondary) point I got out of the article, along with what I felt was the primary point: “Replace components of your axe/ship/software gradually and carefully, never start from scratch,” as some of the mess that you want to rewrite may be fixes.

                                      I would also encourage clicking through and reading the article he linked, https://www.joelonsoftware.com/2000/04/06/things-you-should-never-do-part-i/

                                      It is an excellent read.

                                      1. 1

                                        Yup, read it pretty much when it came out, by gorrah, nearly 20 years ago!

                                        It’s being an ongoing point of (robust) debate between myself and one of my colleagues.

                                        He tends to favour rewrites (if I might try summarise what I think he has said…) because…

                                        • You can drop a whole bunch of obsolete cruft.
                                        • The code and design has become broken over years.
                                        • There are much better ways of doing the same thing.

                                        I tend to argue, pretty much as Joel does, that a lot of the cruft is hidden business requirements that you’re going to (painfully) rediscover.

                                        I’m not convinced that the people rewriting the code are magically so much better than the people who wrote it in the first place.

                                        So I strongly favour…

                                        • Vigorous Deprecation processes to actively drop old requirements and code (and get feed back from the business end early if is there is actually still some weird hidden requirement for it.)
                                        • Continuous refactoring to clean as you go.

                                        If you’re at the point of seriously considering a rewrite… maybe you should be stepping back and asking a larger question…

                                        This is the peak evolution of a product that was required, maybe 20+ years ago….

                                        If you were going to rewrite… wouldn’t your efforts be better directed at creating a new category of product that addresses the current market?

                                        A common misconception is that “my product is an excellent and expensive chunk of kit, people are going to appreciate and fall over themselves for upgrades!”

                                        Alas, the true answer sometimes is, your product is a component in an amazingly expensive and complex mega-system… dealing with churn created by your upgrade costs way way more than replacing it with anything that’s backwards compatible so we don’t have to churn the rest of the monster.

                                        1. 1

                                          Agree with everything said - I will say, however, that the sentiment you identified in the statement below…

                                          I’m not convinced that the people rewriting the code are magically so much better than the people who wrote it in the first place.

                                          … is just as, if not more harmful, to a a body of work (whether it be code or not) than the method chosen to maintain or upgrade said body of work.

                                          Once any method of doing any work is ascribed to the worth of an individual as a person - things break down fast.

                                          It’s obvious you know this, too.

                                          It sucks being thought of as “less than,” because you tried doing what made sense to you in a given moment, just as much as it sucks having others misinterpret your actions as being those of an individual On a Mission, accountable to no one.

                                          1. 1

                                            I often say to people, you should assume that every line of code was The Best Possible Line of Code that could have been written on That Day, given the Best Practices of That Day, given the constraints and goals of That Day, and the skills and knowledge of that person on That Day.

                                            Today is not That Day.

                                            The best practices have evolved, the constraints (ram/rom/mips/disk/release date/….) and goals (kpi’s/requirements/…) are substantially different, and we all should be improving our skills and knowledge every day.

                                            So yes, we can (and should) change that line to be a better one, matching today, but with the humility to know our line will also look terrible in a couple of years time.

                                    1. 8

                                      …when will the rediscovery of plaintext and the applied Unix philosophy make waves in the “tech industry”, and how will it be repackaged to sell back to us?

                                      1. 2

                                        It’s already happened. We’re on like, Wave 3. One word: “Services”.

                                        1. 1

                                          To apply the author’s argument: Text should be queryable, too; specifically, it should be readable. But readability is not something that we can measure in the absolute or the objective. You say that text should be “plain”, but even plain old text files are actually built out of arbitrarily chosen alphabets. Do we use Unicode or ASCII for text?

                                          If we consider the human-computer-interface point-of-view, then text should also be writeable, and it is here that we see the programs-as-prisons metaphor on full display: We can only write using the alphabets available for text encoding!

                                          1. 2

                                            Every ASCII file is a UTF-8 file. Just use UTF-8 :)

                                            https://research.swtch.com/utf8

                                        1. 3

                                          Not the worst article, although the tone might rub people the wrong way.

                                          It is well-worth, again, clicking through to the article he mentions: Kelsey Hightower’s https://changelog.com/posts/monoliths-are-the-future - which was featured on this site already, I believe.

                                          Personally, Hightower’s article couldn’t have landed in my lap at a better time.

                                          Both articles paint the picture of an individual that could become caught up in all the hype, money, spending, and new hiring that the “latest thing,” brings - and that person is my manager.

                                          I’m still struggling how to handle telling him in better words that he’s pushing us in the wrong direction, finger endlessly spamming the trigger of the gun stuck to his shoe.

                                          And figuring out how to be the manager that should be to my peers, who need some guidance in all the areas of discipline and software engineering.

                                          1. 3

                                            This project is wonderful and very well documented. Right down to their study on the effect of different size pairings between solar panel and battery.

                                            Wonder how feasible augmenting the power with wind would be - might help uptime over here in the US PNW.

                                            1. 2

                                              Low Tech Magazine has sent mixed messages about small wind turbines: in the past, they said “small windmills are a swindle”: https://www.lowtechmagazine.com/2009/04/small-windmills-test-results.html

                                              However, recently, they suggested that building small wind turbines out of wood could negate many of their sustainability flaws: https://solar.lowtechmagazine.com/2019/06/small-wooden-wind-turbines.html

                                              I suspect the answer depends on:

                                              • how windy the location is
                                              • how sustainably constructed your wind turbine is
                                              • how effective your wind turbine is (which is of course closely related to sustainability)
                                            1. 11

                                              Bookmarked this article specifically for its wonderful definition of “tech debt,”:

                                              Technical Debt is incurred when software or system designers take short-cuts to ship a feature faster by increasing the overall complexity of the system.

                                              1. 8

                                                Tooling, not languages will improve software development.

                                                It’s 2020 and we still type characters into a static editor file. People argue about the correct placement of const in C++, where braces should go, and other minutiae about language primitives. However, directly in my editor, I can’t plug values into expressions in the code and have it show me a result–I can through a REPL in some languages, though not in the editor itself. Nor can I simulate a particular function with given parameters or set local variables in a sandbox environment to show what flow paths (simulated local code coverage) would be executed.

                                                Most of our code tools are still married that lines of code is the best way to present it. Our IDEs are mostly designed for code editing, not code understanding; if the code in our editors were more locally interactive, it would make code writing and reading much easier. Tools like SourceTrail and cflow are amazing steps in the right direction to understand program flow but still don’t tap into the amount of experimentation directly with code that we need.

                                                1. 6

                                                  Obligatory Lisp callout. You can do basically all of this stuff for Common Lisp in SLIME. You can plug values into expressions, you can evaluate snippets of code, you can evaluate code symbolically. I don’t know if there’s a facility for fuzzing a function with N random input values then see the local code coverage, but it would be very easy to implement in Common Lisp.

                                                  I think CL has a lot of big issues, but if we’d standardised on it 30 years ago we’d have sorted out those issues long, long ago. Instead we spend huge amounts of effort coming up with new languages when most of them could be a few macros on top of Common Lisp.

                                                  Common Lisp’s got some great features that nobody anywhere seems to have copied. If a function signals an error, you go into the debugger, then you can do things like restart the function where the error occurred with a different value in its place. You can define custom restarts as well. The classic example is you’re parsing log entries and you signal a ‘malformed log entry’, then you can restart:

                                                  • by skipping the log entry
                                                  • by replacing the log entry with a given value
                                                  • by stopping at that point in the list of log entries and moving to the next file
                                                  • etc.

                                                  You define these restarts at whatever spot in the code makes sense. Obviously code that skips log entries is going to be in a different place from the code that parses log entries. Because the stack isn’t unwound when you signal an error, you can restart at any point along the stack!

                                                  Emacs’ semantic editing of s-expressions is the closest thing anyone’s ever got to semantic source code editing that actually works, too.

                                                  1. 4

                                                    I see replies like this often, and each time I try to imaging applying it at work, and I just can’t see it. One component I’m responsible for uses a proprietary telecom network stack (SS7) that was written about 30 years ago, and it only runs a few machines, none of which are on my desk. To even work, it needs to be connect to the phone network (and installing and managing the infrastructure is arcane to say the least—the MS-DOS command line seems friendly by comparison) so interactively trying to play with this component … yeah, ain’t never gonna happen. Just normal testing can cause the SS7 network stack to stop functioning in a mysterious way.

                                                    I’ve given it though over the years why I dislike LISP, and I think it comes down to—everything looks the same. There’s not affordances in the code to say “this is an array reference, and this is a structure reference, and this is a function call”. And while I now realize there are more data structures than just the list, you’d almost never know it from the way it’s taught and how lists are lionized by LISP adherents (“Data is code! Code is data!”). Assembly language is similar in that it has very few affordances, and I don’t see anyone wailing over the lack of Assembly use in our industry.

                                                    Another reason why LISP isn’t used that often, corporations don’t want it! Languages like COBOL, Java and now Go were designed because the designers didn’t trust programmers with anything powerful. Rob Pike (of Go fame) has even said as much—Google doesn’t trust their programmers to use anything “advanced” because they can’t comprehend it.

                                                    1. 3

                                                      The SS7 protocols are supposedly standardised, aren’t they? Is it one of those situations where every manufacturer of the equipment has their own set of proprietary extensions and incompatibilities? My first reaction to this was that I wouldn’t want to connect to production/physical/real hardware during development. I’d be wanting to connect up to some sort of test/debug device that can log and replay network traffic deterministically.

                                                      I’ve given it though over the years why I dislike LISP, and I think it comes down to—everything looks the same.

                                                      Everything looks the same in normal code anyway. Languages provide syntactic sugar for their standard built-in list, standard built-in hash table, standard built-in structures, standard built-in functions. But in any real code you aren’t using those things anyway. You’re using NonEmptyArray and OrderedDict and AsyncFunction etc. You don’t end up using the built-in operators and built-in literal syntax anyway, but a whole lot of function calls to do things that the builtins use syntax for.

                                                      And while I now realize there are more data structures than just the list, you’d almost never know it from the way it’s taught and how lists are lionized by LISP adherents (“Data is code! Code is data!”). Assembly language is similar in that it has very few affordances, and I don’t see anyone wailing over the lack of Assembly use in our industry.

                                                      That comparison doesn’t make any sense at all. It’s not true that everything in a Lisp program is a list. The code is lists. That’s only relevant when you’re writing macros or language tooling, etc. though. Code being lists doesn’t mean everything your code operates on is a list, it means that everything that operates on lists can operate on code. The distinction is really important: ‘code is data’ means ‘you can treat code like it’s really simply structured data and manipulate it easily’ not ‘everything is a list’.

                                                      Adding things to a hash map might be written (hash-map/push m k v) in the same way you’d write HashMap::push(m, k, v) in another language. The difference between them is that to manipulate the latter in code you need a big Ast abstraction built into the standard library which is full of complexity. It’d be represented as data as something like FunctionCall(FullyQualifiedName(NameSpace("HashMap"), Name("push")), [Name("m"), Name("k"), Name("v")]). The ‘code is data’ aspect of Lisp is just that its syntax is so simple that the data representation of (hash-map/push m k v) is just… '(hash-map/push m k v). It’s really quotation that’s the important thing (along with the syntax being simple).

                                                      I don’t think characterising my comment as ‘wailing’ is constructive or polite.

                                                      Another reason why LISP isn’t used that often, corporations don’t want it! Languages like COBOL, Java and now Go were designed because the designers didn’t trust programmers with anything powerful. Rob Pike (of Go fame) has even said as much—Google doesn’t trust their programmers to use anything “advanced” because they can’t comprehend it.

                                                      My friend looked up ‘where to eat in Wellington’ on Google maps and it popped up with a list of places including places marked as permanently closed. Google are totally incompetent and I don’t think we should be taking any lessons from a company that spent years telling people not to use exceptions in C++.

                                                      Lisp is a much simpler and easier to use than C++ or Go. If you don’t trust your developers to write macros, tell them not to write macros. Institute code review rules that say ‘don’t write macros unless you’re a senior developer’.

                                                      1. 5

                                                        My first reaction to this was that I wouldn’t want to connect to production/physical/real hardware during development. I’d be wanting to connect up to some sort of test/debug device that can log and replay network traffic deterministically.

                                                        I believe it was implied that those sort of test/debug devices don’t exist for his 30+ year-old infrastructure. That’s how we (I’ll throw myself in on this one, too) have to test things in/on highly-ingrained/integrated/ancient systems.

                                                        Because a cute little test/debug device doesn’t exist for our Lovecraftian systems.

                                                        1. 4

                                                          Yes, SS7 is standardized, but it’s a telephony standard—you need serious money to get the actual standard, and it’s full of extensions because all of the various phone companies wanted their stuff included so it’s huge. And expensive. That’s the thing with anything telecom related—every costs money. The stack we’re using we paid six figures to license, and we’re only licensed to use it on certain systems (Solaris 5.10, and some very specific version of Red Hat Linux). And trust me, I don’t want to connect to production either, but what little we had in a lab wasn’t enough to actually simulate real life (and if pushed too hard, would fail in mysterious ways and no, it wasn’t our code but the SS7 stack—it really is alien to someone familiar with TCP/IP.

                                                          Your bit about “in any real code you aren’t using those things” comes across as a True-Scotsman fallacy. But to some degree, yes, in C, referencing a hash looks like a function call, mainly because it is. Same thing with binary trees. But arrays have their own syntax. Structure references have their own syntax. There are some visual clues as to what the code is doing. In LISP, there’s little visual difference between referencing items from a list or an array or a hash table. And the two classes I took on LISP in college never mentioned any other data structure than the list. It wasn’t until I started looking into the language myself that I found it actually had other data structures. Perhaps the university I went to was bad, I don’t know. That’s my experience.

                                                          And you entirely missed my point on wailing (it wasn’t you I was complaining about).

                                                          It’s not only Rob Pike (creator of Go and Google employee) that said he couldn’t trust programmers with advanced features. James Gosling, creator of Java (and Sun Microsystems employee at the time) pretty much said the same thing about the language he designed.

                                                          1. 2

                                                            I don’t think we should be taking any lessons from a company that spent years telling people not to use exceptions in C++.

                                                            Everywhere I’ve worked has expressly prohibited the use nearly everywhere of exceptions in C++ (and RTTI). The fact I have to salt my code with noexcept like a baked potato when it’s not and also the standard backed out dynamic exception specification, along with lots of newer languages not even including exceptions, indicates exceptions are looking like the spiritual successor in control flow excitement to goto.

                                                            I don’t really have any particular issue with any LISP itself, it’s that the ease of implementation led to massive diffusion, many people haven’t been exposed to it, and its style is somewhat different from most other mainstream languages. I’ve literally showed up at work one day and had to write a LISP for an extended period and it wasn’t bad, but I understand the business folks hesitation behind introducing it (lots of pain getting up and running at the time).

                                                            Back to my original point, I feel like there’s a lot of innovative tech from the 80s-00’s which are the code editor and code understanding version of Roman cement or Damascus steel which we haven’t rediscovered or rebuilt yet because of everyone’s focus to redo what’s already commonplace.

                                                      2. 2

                                                        I disagree. Languages define what tooling is possible. IDEs and non-text editors are mostly about presentation and navigation, which is very superficial. Tooling can’t do much about language semantics and expressiveness.

                                                        Languages will continue to improve software development. Given that we’re still discussing flaws in a 40-year-old design, we still have a lot of improvements to adopt.

                                                        1. 2

                                                          Obligatory Smalltalk callout :-) The ST80 environment had a code browser that displayed everything In the system as a multi-paned hierarchy of classes and methods. When you drilled down into a method you got its editable source code. There were no “source files”. There was an external data file storing source code, so it didn’t have to be stored in memory, but that file was just an optimization detail.

                                                          The good: Super easy to navigate and find code. Very focused, as you only saw the code you were working on. You never had to worry what order to put methods in, or that missing punctuation would screw up other methods.

                                                          The bad: It was difficult to extract the code of a subsystem, or changes you’d made to something, to send it to someone else. You had to use awkward “FileOut” tools to generate text files. ST80 was very much a live system that you modified in place, not something you built from ‘source code’. This was exemplified by Dan Ingalls(?)’ quote “An operating system is the stuff you couldn’t fit in your language. There shouldn’t be one.”

                                                        1. 12

                                                          BTW, a story of mine: When I was in high school, we had a class to teach us how to type on the keyboard efficiently. The classes consisted of using a training software, and the grades were given mostly by the score we achieved there. We could run the program on other computers in the school as well and do some lessons in the spare time.

                                                          While never intentionally learning how to use the keyboard properly, over the years of coding and spending hours on IRC, I learned to type pretty fast, so I always was far ahead. However, some of my friends struggled with this and I was helping them. But this was boring.

                                                          So naturally, I went ahead and wrote a simple program to type in the window automatically. During a break, I gathered a group of friends, took them to the computer and intended to demonstrate them this incredible time-and-effort-saving creation of mine. I opened one of the lessons, where we had to type a single sentence as many times as possible, fired up my program, typed the sentence there and pressed the “Start” button. It worked perfect, except… I made a typo.

                                                          At around 800 bpm, it wrote the errorneous input all over again in a lesson, where it was particularly important to type as accurately as possible. Few seconds later, the lesson was over, because there were too many mistakes, and it threw me back to the previous lesson. But the expected input in that lesson was completely different, so it kicked me even faster. And it continued doing that for over and over again.

                                                          Before I finally managed to kill the program, I lost about two weeks worth of progress. But the program got popular nonetheless as they understood it worked properly, I only entered an invalid input. Later on, an IT teacher asked me to demonstrate it for him. My memory is faint on that part, but I think nothing happened at all. I’m sure he would ban it if he knew how, but he wasn’t very good.

                                                          1. 5

                                                            Cool story… I love the irony that you built it to speed up your results but it caused the opposite to happen in the end… that’s probably a metaphor for about 50% of everything I do in my code :)

                                                            1. 2

                                                              It would have been great if you made it only type when the user pressed a key, so people could mash the keys as quickly as possible and have 100% correct output come out. Since you were just using it for training, though, your way makes sense too.

                                                              1. 2

                                                                Are you me?

                                                                Did almost the exact same thing back in elementary/middle school.

                                                                Loaded it up onto my purple 64mb JumpDrive that had cost me a small fortune so I could run it on any of the computers.

                                                                1. 1

                                                                  Same here on Mavis Beacon. Except, the hackers weren’t impressed. So, we changed the challenge to seeing what numbers we could get doing that by hand on the actual keyboard. I can’t remember the number but it was insane.

                                                              1. 12

                                                                Does anyone else find it odd that the #1 private messaging app, promoted by Snowden, requires your phone number? Yes I know you can use a burner, but why?

                                                                And they hash your contacts and upload them. You know, the weird thing about phone numbers is there’s a finite number of them and they are recorded in a database. Hashing every number wouldn’t take but a few days, or hours at state actor level.

                                                                1. 6

                                                                  And they hash your contacts and upload them. You know, the weird thing about phone numbers is there’s a finite number of them and they are recorded in a database. Hashing every number wouldn’t take but a few days, or hours at state actor level.

                                                                  Rather than downvote you as “incorrect,” here’s their blog post on how private contact discovery for Signal works.

                                                                  1. 2

                                                                    Would it be correct to then say that they instead use an encrypted “truncated SHA256 hash of each phone number”?

                                                                    Also, does the following mean that the encrypted session is managed by the secure enclave with no access by the host OS? Just want to make sure I’m understanding it correctly. It seems secure if this is the case.

                                                                    “Clients that wish to perform contact discovery negotiate a secure connection over the network all the way through the remote OS to the enclave.”

                                                                    Thanks for pointing I’m wrong, to be honest I thought I would get hammered with downvotes for that comment, was kind of hoping someone would have more information on it.

                                                                    1. 2

                                                                      Would it be correct to then say that they instead use an encrypted “truncated SHA256 hash of each phone number”?

                                                                      The truncated SHA1 hash of the base64 of each phone number.

                                                                      Also, does the following mean that the encrypted session is managed by the secure enclave with no access by the host OS?

                                                                      Yes.

                                                                  2. 5

                                                                    Read Mathew’s, from Riot, post about signal and their ideas about privacy, you would find it interesting.

                                                                    1. 3

                                                                      Yup. But the app promises privacy, not complete anonymity.

                                                                      1. 3

                                                                        For me it is not odd, but an annoyance. It is not phone number based identity that enables private communication, but other features such as sealed sender.

                                                                        But you might want to read up about this recent posting of Signal Technology Preview for secure value recovery which is their research that will/might eventually enable non-phone-number based identities.

                                                                      1. 2

                                                                        I couldn’t agree more with most of his points, especially his comments around the “Qualitative CTO,” knowing yourself, being in a bubble that overlooks the real struggles of other people, and being honest with yourself as to why you are working on the projects you may be working on.

                                                                        1. 1

                                                                          I know I am using signing keys for encryption, which is unholy. I’m sorry? It would be nice to check further for cross-protocol attacks but it looks like we’ll be ok.

                                                                          1. 3

                                                                            As an aside, I like raymii’s strategy of posting two articles representing the two sides of an argument, as well as a third for context in another language.

                                                                            1. 2

                                                                              I don’t particularly appreciate 9 of the articles on the lobste.rs main page (at least with the exclusions I have set) being posted by the same person, though.

                                                                              1. 2

                                                                                My gut reaction was the same, but then I reminded myself that (barring bot-interference) what shows on the front page is the result of individual readers… but I totally relate.

                                                                                1. 1

                                                                                  Yeah I also have a lot of filtered tags - most web or mobile development stuff, anything relating to ruby, java, c# or .net, most practices/culture crap, etc. So if someone posts a few C posts they’re likely to all show up for me :)

                                                                            1. 20

                                                                              I often feel like I’m the lone developer in the world screaming into the void that python is a flawed language and it’s massive adoption recently is a mistake that we haven’t begun to see the costs of yet.

                                                                              The language itself, the grammar, operational semantics of the core language, documentation, and common library design idioms are all bathed in enormous complexity. The type system is a worst of both worlds compromise that manages to cause frequent crashes with no real upfront checking (mypy is a very small step in the right direction but has a very long way to go and probably can’t ever become as good as it needs to be) yet also don’t offer enough dynamism to justify the absurd cost of not having compile time checking.

                                                                              I just don’t get it.

                                                                              1. 10

                                                                                I’ve been using Python a very long time, and I have to admit that when I read your comment looking for something objective rather than subjective, all I find is something that doesn’t match my own experience (“manages to cause frequent crashes”) and really seems to be the same “dynamically-typed languages are all bad and constantly break” stuff that’s not at all backed up by the available literature on defect rates for static versus dynamic typing.

                                                                                1. 9

                                                                                  I’m not going to try to make an objective argument against any language because I just don’t think we’re at a point in our understanding of software engineering yet where we can make substantive objective claims about languages outside of some very narrow cases. I’m familiar with the literature you’re referring to and while I grant that the conclusions did not support static typing, I’m not convinced by the research for several reasons (methodological concerns as well as concerns about how broadly you could extend the conclusions given the pretty limited number of cases that were actually studied).

                                                                                  That said, I’m glad you’ve never had a problem. I have, and I’ve talked to quite a few other people who have as well (although they are generally dismissive of the problems). But it’s not strictly a matter of ahead of time type checking vs runtime checking as an absolute good/bad, it’s a matter of trade-offs.

                                                                                  Ahead of time type checking can eliminate categories of bugs, at the cost of not admitting some valid programs. More sophisticated type checking can admit more programs at the cost of sometimes higher requirements for the programmer to think about types (dependently typed languages for example can express far more granular constraints but might be harder for a programmer to use than something like Haskell (omitting dependents Haskell for the sake of this discussion), and there is a large range of languages along this curve).

                                                                                  Very dynamic languages on the other hand focus on flexibility of features at the cost of programs being less provable. A language like lisp, ruby, or erlang may have many programs that use this flexibility in ways that would make it very difficult to type check programs.

                                                                                  The problem as I see it is that python is the worst of both worlds. It offers no guarantees though type checking, requiring at best the programmer to manually implement their own verification through runtime type assertions, unit tests, or manual proofs outside of the program itself, or at worst programs crash while running. At the same time, the languages own grammar and idioms do not seem to support the dynamism that other languages offer in exchange for giving up safety.

                                                                                  In short, the problem with python isn’t that it’s dynamically typed per-se, but that it’s dynamically typed while being no more powerful or expressive than statically typed languages.

                                                                                  1. 4

                                                                                    It offers no guarantees though type checking,

                                                                                    Well, it offers some.

                                                                                    >>> "3" > 3
                                                                                    Traceback (most recent call last):
                                                                                      File "<stdin>", line 1, in <module>
                                                                                    TypeError: '>' not supported between instances of 'str' and 'int'
                                                                                    

                                                                                    If that doesn’t seem like much, consider that couple of the most popular programming languages today do not offer even this level of type checking.

                                                                                    1. 3

                                                                                      The problem is you still don’t find that out until runtime. That’s my fundamental point- to whatever degree there’s value in the sort of dynamism you’d get from having ‘3’ > 3, you give that up in python, but you don’t get anything in return. You just have to run it, and hope you exercise that code path early so it crashes while you’re in the office and not at 2am when you have to groggily debug stack traces under an SLA.

                                                                                      1. 1

                                                                                        The problem is you still don’t find that out until runtime.

                                                                                        Yeah, I get that, and have made the same arguments in mounting levels of anger when looking at logs with many versions of 'NoneType' object has no attribute 'foo' that nobody knows where they’re coming from. The unfortunate part is that the people who decide these things don’t really care that some engineers have to suffer from it.

                                                                                        but you don’t get anything in return

                                                                                        I’m not sure if that’s true, but I find proving that point difficult. One benefit of python is a greatly enhanced support for explorative programming that many stricter languages in practice do not give you – although some, like Haskell, are close. The language is stupidly simple (in a good way) in my opinion, and I think the dynamism is part of that somehow.

                                                                                        1. 2

                                                                                          I’m coming from Haskell as my primary language, but lately I’ve been forced into python at work. I find python far less capable for exploratory programming than Haskell, not just because of the lack of type safety but also the general lack of flexibility in the language. I’ll concede the situation might be different if the reference point for a typed language was Java or something.

                                                                                          1. 1

                                                                                            Perhaps things have changed since the last time I coded Haskell (which was ~10 years ago), but doesn’t ghci lose all local bindings when you reload your modules?

                                                                                            1. 2

                                                                                              Yes, that’s still a pain. I’m not going to defend Haskell as flawless or anything, it has a bunch of painful and irritating deficiencies. On balance though I still find it a nicer experience than python for exploratory programming.

                                                                                    2. 1

                                                                                      I tend to think of Ruby as being very similar to Python (though I haven’t spent a lot of time with Ruby). What makes it more dynamic than Python? What are the marginal features that you think make the dynamic nature of Ruby more worthwhile?

                                                                                      1. 3

                                                                                        Ruby is certainly the least differentiated from python of the three I listed, but I think there are some important differences in idioms at least, if not fundamental capabilities. In particular, ruby’s metaprogramming feels much more dynamic than python’s decorators (which in practice feel much more like something you’d get out of a preprocessor in any given statically typed language). Writing an embedded DSL in ruby, it feels much more dynamic and mutable than trying to do the same thing in a “pythonic” style.

                                                                                        Ultimately, because of the metaprogramming capabilities and slightly more flexible syntax, idiomatic ruby “feels” more like a very dynamic message-passing OO system. Python, on the other hand, “feels” much more structured; like writing C or C++ but instead of types the compiler people spent all their time anal-rentatively trying to prevent you from using code formatting they don’t like.

                                                                                      2. 0

                                                                                        I’m really not trying to be dismissive, but again this feels like a rehash of the same “dynamic typing is bad, you have to write unit tests to assert literally everything in your program” that always comes up in static-versus-dynamic debates, and unfortunately that tends to be a highly subjective argument. Summaries of what research there is on the topic (this one is often cited) are very far from conclusive on anything, for example.

                                                                                        So while I respect that you don’t care for Python, I also respectfully ask that you keep in mind how many other people have had experiences with dynamically-typed languages which don’t line up with your own.

                                                                                        Also, it’s worth noting that if you want something with Python syntax and static type checking, Python 3 supports annotating with types and there are static checkers, like mypy, available. Though personally I dislike the fact that mypy went all-in originally on a nominal-typing approach when I find that real-world Python tends to want a structural approach, but that’s my individual preference.

                                                                                        1. 4

                                                                                          I get that people might have had different experiences, but at the end of the day my experiences are my experiences, and they’ve lead me to the conclusions I’ve articulated. I don’t see any reason I shouldn’t share them on a discussion forum where they are on topic just because some people have had different experiences.

                                                                                          You like python? Never had a problem with it? Fantastic go write it all you want. I’ve had no end of trouble with it and furthers any discussions to hide the fact that I and others have come to the same conclusions about why, at least for some of us, it doesn’t work.

                                                                                          1. 1

                                                                                            Sharing opinions and experiences is fine!

                                                                                            My issue was with the way the original comment phrased things seemingly as assertions of fact; that style of argument too often dominates any discussion of dynamic versus status typing, and reality is that nobody’s really in a position to make such assertions – the most anyone can do is share their experience and opinion, and accept that someone else might have different experiences and opinions.

                                                                                      3. 2

                                                                                        I at least somewhat agree with Rebecca. Python is a pleasure to write and a disaster to debug. My last bug was a missed comma in a statement:

                                                                                        if word in [ 'keyword1' 'keyword2' ]
                                                                                        

                                                                                        Hidden within a couple of hundreds of lines, it can be very hard to figure out what’s going on.

                                                                                      4. 3

                                                                                        You’re not alone -

                                                                                        Python’s syntax makes me want to yank my hair out, while Ruby’s makes me gnash my teeth during the day, and grind them to a fine dust at night.

                                                                                        I agree with your points on Python - and have tried assembling a similar, grounded, reasonable list for Ruby, but that was before my descent in madness.

                                                                                        1. 2

                                                                                          Python’s syntax makes me want to yank my hair out, while Ruby’s makes me gnash my teeth during the day, and grind them to a fine dust at night.

                                                                                          Good example of how much peoples’ opinions on these matters differ. I find both Python and Ruby to be in the top 5 of most beautiful programming languages.

                                                                                          1. 2

                                                                                            And that’s how we can still all be civil friends: all it boils down to is beauty.

                                                                                        2. 3

                                                                                          I agree, and I would also say that I feel python has become a bit of a worse language in recent years. I think it peaked around python-2.7. I was hopeful for python-3, and it seemed pretty decent at first, but I was really disappointed that the “twisted style async” was the version that won out with asyncio, and I feel it has only gotten worse over the years (more complex, stranger/weirder syntax additions, i find the “type checking” bolt-on very awkward, etc).

                                                                                          1. 2

                                                                                            I agree, this has been my experience as well.

                                                                                          1. 3

                                                                                            Robert’s Rules of Order.