1.  

    This is an advert for their clang-tidy-like tool but in spite of that the advice all looks good and I learned about a couple of C++20 features. We’re currently using concepts only optionally to let us build with slightly older compilers, so we can’t replace std::enable_if with them but I look forward to the day that this is no longer the case.

    1.  

      This is an advert for their clang-tidy-like tool but in spite of that the advice all looks good…

      Yeah I was doubting to submit it, however, not just an ad, also code samples and rather technical contents, applicable to c++ users.

      For one project I’m still stuck with a pre c++ 11 compiler and for most others were on c++ 17, so that’s rather nice, the differences between the language versions almost make it two different languages. Don’t have much use for concepts in our codebase, yet.

    1. 10

      PCs that couldn’t boot from USB are newer than you might think. The motherboard in my NAS couldn’t do it before I upgraded it a few months back. It was only discontinued a few years ago and a couple of places seem to still be selling small PCs with the board.

      I mostly use ISOs for configuring or recovering local VMs. It’s convenient to have an immutable format, so I no nothing I did last time I used it may have modified it. With a USB image, I’d probably end up having to copy it each time I used it, or just download it again. For initial deployment, I’m increasingly moving to tools that build an image for me, rather than doing the manual install (which was always a last resort).

      1.  

        Yeah, most of the time when I download an .iso, it’s almost certainly for a VM, and deploying a USB image in i.e. VMware is annoying over just picking a CD image.

      1. 14

        Second paragraph and I’m already mad.

        Rule 8: Flags represent nations, not languages – so don’t use flags.

        Some obviously controversial flags: United Kingdom, Spain, France, Portugal. These examples have more speakers outside the origin country than within and is a very Euro-centric, colonial viewpoint of language to use any flag whatsoever. Not to mention, many countries have more than one language which further propagates stereotypes or belittlement of minority groups inside those countries.

        Luckily the Steady site doesn’t break this rule, just the blog entry.

        1. 11

          The reason flags are used is that if a website is in a language you do not understand you may not otherwise know where to click to change the language, or recognise the name of your language. The word for “English” in Russian is “английский”. Are you going to know to click on that unless there is a American or British flag next to it?

          Everyone knows that people get het up about flags. Flags are used despite this for usability reasons.

          1. 20

            That’s why the dropdown for language selection should list the name of each language in that language. Deutsch, English, Espanol, etc.

            1. 8

              My favorite “bug” I saw lately around this was a county drop-down that was translated to German but the sort order was still in English. So Germany (“Deutschland”) was not under “D”, but under “G” right after Gabun, where it is in the English sorting. Very confusing.

              1.  

                This can also be fun for country names. Sending something to someone in France, I had to find the UK in a French-language drop-down. At school, I learned a few variations on how the country name is translated into French, this web site introduced me to a new one.

                1.  

                  Le Royaume Uni I suppose?

                  The UK is a hard nut in these forms. I often try a number of options, but I can’t complain when even the Olympic team uses the wrong name (“Team GB” - the UK is not just Great Britain).

                2.  

                  Sure, you just need to find the “язык” dropdown. Should be easy as the currently selected value will be русскийрусский which is obviously wrong.

                  1.  

                    Yes! Languages get closer to nationalities than most other pictograms. I couldn’t know to pick a picture of Spain’s boarders to change language, nor would I know to click on the alphabet (which doesn’t work for languages without alphabets). And flags help. Then, you say what the language actually is in the drop down so you can select it…

                    Other rejected pictograms: Official bird View from the capitol Airport code Biggest company based there Slowly moving language names

                3. 7

                  As sibling noted, obviously they should be in the native language spelling (or maybe put both). With Spanish being the US’s #2 most spoken language (no official language), should those Spanish speakers not count and find it odd they speak Spanish daily and click the US flag where they live and get English? Should they look for a flag of Spain? Or Mexico? Or their birth country (which is likely missing)? “español” + es is very clear (even if all dialects aren’t yet translated) and doesn’t have the same degree of political baggage as flags and countries do. When people migrate – and they do a lot in the 21st century – their languages come with them because languages belong to the people and flags belong to the nation.

                  But do you really think people really know their flags? I don’t think this assertion is true. Which of these is Poland: 🇲🇨 🇵🇱 🇮🇩? Romania 🇦🇩 🇲🇩 🇷🇴? Ireland 🇨🇮 🇮🇪? Bolivia 🇧🇴 🇬🇭? Mali 🇸🇳 🇲🇱?


                  But imagine if a user could send their preferred language through the user-agent and the server or browser could choose a ‘good’ default for them … Accept-Language sounds like a good name for this, maybe even navigator.languages. That would be better than what Google does: ignoring my request and mislabeling me based on IP instead.

                  1.  

                    If you did user research on American Spanish speakers I wonder how many be confused by the American flag being used to denote English. Have you ever tested this?

                    I think using Accept-Language by default would be a big improvement though it’s not a panacea. To some extent it just punts the issue to the browser. Changing your language in most browsers requires you download a language pack which you won’t have permission to do in internet cafes. Maybe that is no longer a problem now people have smart phones?

                    1.  

                      Changing your language in most browsers requires you download a language pack

                      changing the Accept-Language header does not require any downloads. It is just a string that gets send. The browser UI stay as is.

                      1.  

                        your browser will use the language defined by the OS 99% of the time

                4. 6

                  I think that is because they developed it for the European market, as their title suggests, and to illustrate their text with emoji/icons.

                  1.  

                    The screenshot uses a flag for German/“Deutsch” which I’ve never seen before, and German is my first language :)

                    1.  

                      To quote the article:

                      First and foremost, and this is why this example has been used in this particular post, Revolve has bizarrely ended up with the flag of the United Arab Emirates for German

                    2.  

                      for the record: the use of flags to signify languages has since been corrected in the article

                      1.  

                        You love to see it :)

                        1. 5

                          nah actually i hated to see it 🙃 but instead of whining here i asked the author to reconsider… and it got fixed

                      2.  

                        What’s controversial about the Union Jack representing English, a language born of and primary to that soverign country?

                        1. 17

                          The Union Flag is the flag of several distinct political entities that have different sets of official languages:

                          • England does not have an official language, though practically English is a de-facto standard.
                          • Wales has English and Welsh as official languages. All official communications are required to be bilingual and some (such as tax things from HMRC) are bilingual for the whole of the UK as a result.
                          • Scotland has recognised Scottish Gaelic as an official language since 2005 and has had English as an official language since before then, though this recognition does not require government communication to be delivered in Gaelic and so has little effect. Scots (derived from Northumbrian Old English) is also supported by the Scottish government.
                          • The story of Irish Gaelic is very complicated because the English made an effort to marginalise it for a long time (the history of Ireland is largely omitted in English schools, on the basis that it’s just too embarrassing for the English). It now has similar status in Northern Ireland to Gaelic in Scotland.

                          So the flag points to at least three distinct language families and several overlapping ones. Only Wales (which is covered by the flag, but whose flag is not represented, in spite of being the part of the UK with the best flag) has a notion of an official language that carries any significant legal weight and it places English and Welsh on the same level.

                          You could probably use the George Cross to represent en_GB, although both Cornish (Celtic-family) and Scots (mostly the same ancestry as modern English, i.e. a creole of every language spoken by folks who invaded England over a period of a thousand years or so) originated in the area represented by that flag. Either way, you’re marginalising speakers of minority languages.

                          1.  

                            I didn’t say anything about official languages or political entities, which is almost exactly my point. Primarily, British English is spoken throughout the United Kingdom, the soverign country in which it developed to the standard of English which was then spread throughout the world. The flag points to multiple regions with different languages, none of them as immediately relevant as the English language - you don’t see the Union Jack and think of Cornish. If the language was Scots, use the Scottish flag. If the language is Gaelic, use the Irish flag (or Ulster Banner, lol). To feign shock and horror at the Union Flag representing the history and origin of the English Language is inane.

                            1.  

                              If I clicked the Scottish flag, I could be wanting either Scots or Gaelic, as mentioned by david_chisnall. Likewise, if I scanned for the word Gaelic, I’d personally be expecting Gàidhlig, not Irish. When it comes to English, there’s like half a dozen different flags that may have been chosen that I have to scan for (I have seen UK, USA, Canada, England, and Australia, frequently, and probably others less often), and that’s ignoring any personal feelings I have towards any of those. Country flags and $current_language names for other languages just aren’t the best way to display these things for translation pickers, for multiple reasons.

                          2. 5

                            Two issues:

                            1. The UK is by number of speakers, has the sixth most number of speakers. The language may have come from England, but without a standards body, it’s anyone’s language. The other variants of English are still very much valid and a part of the English language. Picking any of the nations is the wrong call.
                            2. In the weeds, historically England is the kingdom speaking English so if you want to go on history, 🏴󠁧󠁢󠁥󠁮󠁧󠁿 is the flag you are looking for which isn’t nearly as recognizable. Is this the Georgian flag? 🇬🇪

                            How do we avoid this issue? Just say “English” or en.

                            1.  

                              It doesn’t reflect all the other kinds of english spoken by the far majority of the world. We even call it “British English” to distinguish it from other flavours of English like American, where there’s a number of spelling and pronounciation differences (these distinctions even get taught in school in non-english speaking countries).

                              1.  

                                hunspell lets you choose ‘-ise’ vs ‘-ize’ for British English, en-GB.

                                1.  

                                  There’s also words that differ between American and British English.

                                  1.  

                                    That part is obvious but I think people forget how much diversity their is inside borders.

                                    1.  

                                      Oh, absolutely. British English is pretty well-known for that since there is a wide variety of English spoken between Scotland and South England.

                                      Similarly Danish has different amount of grammatical genders between the islands. It is all the same Denmark with the same flag.

                                2.  

                                  And for American English, a U.S. flag is oft used. Perhaps one should’ve been used in the article, but having not used Steady, I wouldn’t know.

                                  1. 9

                                    What language would you expect behind a Belgian flag? French or Flemish? Similar goes for Swiss flag. Or Indian flag.

                                    1.  

                                      What language would you expect behind a Belgian flag? French or Flemish?

                                      German of course! https://en.wikipedia.org/wiki/German_language#German_Sprachraum ;-)

                                      BTW, Flemish is a dialect, the official language is Dutch.

                                      1.  

                                        The language most spoken in Belgium, obviously.

                              1.  

                                If you’ve got another FreeBSD machine, you can use poudriere to build disk images. You can use the -a option when you create a poudriere jail and use qemu-user to run the things in the jail if you want to build a set of packages (rather than using an existing package repo) and populate it with other things. This is much easier than futzing with a pre-built image.

                                1. 8

                                  I’ve tried to use C++ in the Linux and FreeBSD kernels.

                                  For FreeBSD, it was relatively simple. There are a few things that are macros and should be functions (e.g. pause, which conflicted with a method name) but that’s easy to work around with some shims and I was able to run a kernel module with a few thousand lines of C++ without problems (I also have a port of libc++ to run in the kernel and an implementation of the emuTLS ABI for FreeBSD 11, in C++, so that thread_local can work in the kernel, though it’s a bad idea to actually use it). After a compiler update, I found that the compiler was emitting a relocation that the kernel’s loader didn’t understand and, since this was just an experiment, I didn’t bother chasing it down.

                                  The bigger problem in general was that it was fine to use C++ for a module, but C++’s ODR depends on deduplication for static linking and copy relocations for sharing. I had some thoughts about writing some tooling that could be run at module-install time to remove symbols that were defined in modules that you depended on (including the kernel) but I never got around to it.

                                  For Linux, the kernel headers are completely full of things that are valid C but not even GNU extensions in C++. Using class as an identifier was the least of it - that’s trivial to work around with:

                                  #define class class_identifier
                                  extern "C" {
                                  #include <some/header.h>
                                  }
                                  #undef class
                                  

                                  The biggest thing, as I recall, was string literals with another token immediately following them, which are user-defined literals in C++. These are all fixable, and if Linus didn’t have a religious objection to C++ then I’d be tempted to try, but I don’t want to carry a downstream fork of the kernel headers.

                                  1.  

                                    All of the implemented options are already in clang as well, so the same thing applies there. MSVC also has much more boring volatile behaviour, which should probably be added to the list. Clang’s UBSan provides a bunch of extra checks and in fast-fail mode is generally a good idea.

                                    The desired behaviour for array accesses is very ABI disruptive. Because C doesn’t know the difference between an array and a pointer, this would require representing pointers as a slice type (base, offset, length) or performing some look-aside checks dynamically.

                                    1. 2

                                      Anyone on windows not already using notepad++ does not care about having a decent notepad

                                      1. 13

                                        Sometimes people need to do things on a non-dev environment without a better notepad though. None of my customers have notepad++ installed and I don’t permissions to install or even run new apps - so sometimes when I need to see a file, it’s notepad - and any improvement to it is very welcome.

                                        1.  

                                          Ouch, I feel for you then. Consider me corrected

                                        2. 6

                                          I leave notepad open because some Windows apps still don’t have ‘paste as plain text’ options and so it’s useful to paste into notepad and then copy. Multi-level undo can be useful sometimes. I mostly use vim in WSL for text editing though, so I’m probably not representative of the wider Windows ecosystem.

                                          1.  

                                            I leave notepad open because some Windows apps still don’t have ‘paste as plain text’ options

                                            If this is your main motivation, Win+V allows you to do that globally. (Do note that I think you have to turn on Clipboard History, but it should prompt you if you do.)

                                            1.  

                                              Cant you paste unformatted text in vim?

                                            2.  

                                              I’m a fan of notepad2 myself… Notepad++ is too much

                                            1. 25

                                              I have watched the videos behind this text and I’m a bit frustrated. The most problems they have are either hardware problems or problems because they expect thinks work like on Windows (or believe they work on Windows).

                                              For the hardware the somehow acknowledge that this is more the problem of the vendors then of Linux. It still sounds the most time more like Linux is bad because this super fancy hardware don’t work. Yes I know the problems behind this are complex and as a normal user this is frustrating.

                                              And of course they expect a Windows like behavior, they have used Windows for years. What bugs me is that they claim that the Windows way is the better way without understanding what the problem is. There are two examples for this:

                                              First the Linus broke his Pop!_OS installation while he tried to install steam. This was because the steam package had a dependency problem which could only resolved by removing essential packages. The GUI tells him there was an error with some suggestions what might case the problems and output from apt hidden behind a details button. He reads out loud: “Warning: you trying to remove the following essential packages”. So he googled and found the command line to install steam. So the command prompted him a lot of text and at the end following two lines:

                                              You are about to do something potentially harmful

                                              To continue type in the phrase ‘Yes, do as I say!’

                                              So he typed in “Yes, do as I say!” and his installation was broken. He claimed later: “the thinks that I did are not entirely ridiculous or unreasonable”. He ignored all warnings and “dictated the computer” “Yes, do as I say!”, how is this not a clear user error[0]?

                                              So lets look what would had happen with a similar issue under Windows. First so similar we don’t get the issue, because under Windows there is no package manager accessible for somehow third party software. So lets assume there is an windows update which removes the wrong file and breaks your system. On the install the update would remove the wrong file and breaks your system. Other example the steam installer manage to have a bug with removes some necessary files from your Windows installation. Is there anything Windows protect you from this bug[1]?

                                              It’s late and the other stuff about the file exertion issue I might write tomorrow.

                                              [0] Of course this has also something to do with the spirit of some developers to create popups/warnings/info messages. Which leads users to ignore these messages.

                                              [1] I don’t know, but a few years ago windows installers where just executable which required to run as administrator.

                                              1. 31

                                                And of course they expect a Windows like behavior, they have used Windows for years

                                                I think the “Windows-like behaviour” in this case is that on Windows Steam works perfectly, you don’t have to think about installing it, there’s no chance it’s going to break your OS, nor will you have to you choose between installing an application you want and having a working OS.

                                                We could imagine a hypothetical Steam bug that somehow wrecks Windows installations, but in reality those don’t exist.

                                                1. 4

                                                  I think those kinds of comparisons don’t work very well, because of the range of options. For the Steam installation issue, on windows you basically have two options: you install it and it works or it doesn’t. In Linux you have the same two options + playing around with various tweaks and installation methods.

                                                  If we were going with a typical user windows-like approach, he’d declare it a failure after Steam failed to install from the default source. Going further with other solutions is both a good thing because it’s possible and a bad thing, because newbies get into a situation like a broken desktop. So once you start going past the basics it’s really on the user to understand what they’re doing. Otherwise it’s comparable to “I messed with some windows DLLs / registry trying to get Steam to work, despite warnings and now it doesn’t boot” - but that’s just not something average users do.

                                                  1. 14

                                                    on windows you basically have two options: you install it and it works or it doesn’t

                                                    On Windows you install Steam and it works. Installing Steam and it not working isn’t really an experience people have with Steam on Windows.

                                                    In Linux you have the same two options + playing around with various tweaks and installation methods.

                                                    I guess? But the Linux (Pop!_OS?) equivalent of “I messed with some windows DLLs / registry trying to get Steam to work, despite warnings and now it doesn’t boot” is [0] kind of the only experience that was available? It seems like there was no way to install it and have it work, or even install it and have it just not work. The only way to install it broke the OS?

                                                    [0] Disclaimer: I didn’t watch the videos, so I’m going off my understanding of the comment I originally replied to

                                                    1. 12

                                                      Installing Steam and it not working isn’t really an experience people have with Steam on Windows.

                                                      Not just that but you actually do have a lot of tweaks to play around with. They’re not common knowledge because it’s incredibly rare to need it in order to get something like Steam working. You don’t really need them unless you’re developing software for Windows.

                                                      I had this “it’s a black box” impression for a long time but 10+ years ago I worked in a Windows-only shopped that did a lot of malware analysis and the like. It’s quite foreign, since it comes from a different heritage, but the array of “power tools” you have on Windows is comparable to that of Linux. The fact that typical users don’t need them as frequently is a good thing, not an evil conspiracy of closed-source vendors to make sure you don’t have control over your hardware.

                                                      1. 3

                                                        Installing Steam and it not working isn’t really an experience people have with Steam on Windows.

                                                        That’s a bit hard to quantify, but sure they do. Just search for “Steam won’t start” or “steam installer fails” on Reddit or their forums. It’s also common enough for many SEO-spam sites to have listicles for that phrase that are actually steam-specific.

                                                        And my point was that this wasn’t there only experience available. The alternative was not to type “yes I’m sure I know what I’m doing” (or whatever the phrase was) when he did not. He went out of his way to break the system after the GUI installer refused to do it. I think you really should watch they fragment for the discussion context.

                                                    2. 3

                                                      there’s no chance it’s going to break your OS

                                                      Presumably because it’s the primary platform they test for.

                                                      1. 1

                                                        there’s no chance it’s going to break your OS

                                                        Of course with a simple installer (copy all files to a directory and add an entry to the windows registry) it’s quite hard to have a bug with breaks your OS. But a simple installer don’t have the features a package management system, i.e. central update mechanism. I don’t want to say package manager are better then the installer way used on Windows[0]. The problem I have with this case it’s not he has clicked some random button and then everything was broken. He has read the error, ignored all warnings and typed the prompt char by char and then wounder why it’s goes wrong.

                                                        I don’t say the UI[1] is perfect. The problem I have is this “I ignore all warnings and complain if it goes wrong” mentality[2]. apt is not a program witch bugs you with unnecessary questions or warnings. Install a package only ask for conformation if it does more then only install the requested package. The annoying conformation question is there only if you try to remove essential packages and is designed to give enough hassle to bring the user to question about this commands.

                                                        [0] I think systems with package manager are better, but this is not the point of the comment

                                                        [1] The error message in the GUI and the handling in the command line

                                                        [2] Yes some (or most) users don’t want to understand error messages, but shouldn’t they not stop at the error and look for (professional) help? And no copy paste a command from a random blog post is not help, if you don’t understand the error or the blog post.

                                                      2. 21

                                                        The entire point of Linus’ challenge is that desktop Linux is full of barriers and traps for new users who don’t (yet) know what they’re doing.

                                                        Explaining “well, it’s like that because you told it to florb the waggis instead of confeling rolizins, so it’s all your fault” may very well be technically correct, but it doesn’t change the fact that the OS hasn’t worked well for the user. “I want to install Steam in 5 minutes without learning about package sudoku solvers, or bricking my computer” is an entirely reasonable use-case.

                                                        Web dev community had a reckoning with this, and thinking has changed from “users are too stupid to understand my precious site” to “all my new users know only other sites, so I must meet their expectations”. If Linux wants to get new users it needs to be prepared for users who know only Windows, macOS, or even just Android/iOS.

                                                        1. 3

                                                          Explaining “well, it’s like that because you told it to florb the waggis instead of confeling rolizins, so it’s all your fault” may very well be technically correct, but it doesn’t change the fact that the OS hasn’t worked well for the user. “I want to install Steam in 5 minutes without learning about package sudoku solvers, or bricking my computer” is an entirely reasonable use-case.

                                                          That’s well and good, but there is a perfectly good fast path for this; install Pop!_OS or Ubuntu on a day where there’s not a bug in the packaging system, which is the vast majority of all days. Yep, it sucks that there was a bug, but that’s simply not going to affect anyone going forward - so why are LTT giving advice based on it?

                                                          1. 11

                                                            For every distro D there exists a problem P that is solved in a distro E.

                                                            That endless cycle of “then abandon your whole OS and install a completely new one” thing is another annoying problem “Linux desktop” has. It’s not any single distro’s fault, but it’s a pain that users need to deal with.

                                                            In my case: I want to use Elementary, but I hosed it trying to update Nvidia drivers. So I was told to switch to Pop!_OS — they do it right. But this one gets stuck seemingly forever when trying to partition my disk, presumably because of the combination of NVMe and SATA that I have. Manjaro worked with my disks, but I’ve run into bugs in its window manager, which wouldn’t be an issue in Elementary. I still use macOS.

                                                            1. 5

                                                              For every distro D there exists a problem P that is solved in a distro E.

                                                              Right, I agree that in general this is a problem; we need better ways to integrate the best ideas from multiple projects.

                                                              But for the problem stated, which was “I want to install Steam in 5 minutes without learning about package sudoku solvers, or bricking my computer”, Pop!_OS or Ubuntu are the way to go. Your problem is not that; it’s “I want Pantheon and a fast Nvidia card,” and Nvidia have intentionally made that harder than it needs to be.

                                                              To be totally clear, I’m under no illusions that every user can simply pick up a free desktop and be on their way, but I think it’s pretty unhelpful to cultivate a discourse which simultaneously says “Users should have a fast path for these common use cases” and “Users should be able to get whichever window manager, packaging system, and customizations they want.” Those are both valuable goals, but the former inherently precludes the latter, especially in a world where some hardware companies, like Nvidia, are actively hostile to free desktop projects.

                                                          2. 2

                                                            I switched from windows to Mint a couple of years back for gaming, in a similar experiment to this one (only not so public). I had no issues at all, steam was in the official applications, it installed with one click. Every game that steam claimed worked on linux did work. There were issues with my non-standard multi-monitor set up (there were issues with this in windows too, but they were worse in linux*) but nothing that prevented playing the games. It was only once I enabled the steam beta program which sets steam to attempt to open all games in wine that I had to get down in the weeds with configuring stuff and some things didn’t work. Steam has pretty clear warnings about this when you turn it on though.

                                                            I feel like for a tech tips site those guys are pretty non-technical. I never really watched their stuff anyway but now it seems like they should be calling me for help (and I am pretty noob when it comes to linux). This is the biggest criticism for me of this whole experiment. If these guys are an authority on computer tech informing users, they should simply be better at what they do. It is almost like they are running an investment advice channel and going ‘oh no I lost all my money investing in a random startup, guys don’t do the stockmarket it’s broken’. They should be informing people interested in linux what to do and what not to do, and if they are not qualified to do that they should state that and recommend alternatives sources of advice.

                                                            *I have a suspicion most of these issues were on the application level not the OS level. Games were probably getting the monitors list from the wrong place. Ironically once I set my monitors up in the way that the developers on both windows and linux were expecting me too, the problems on linux disappeared, but a few small issues persisted on windows.

                                                            1. 1

                                                              The entire point of Linus’ challenge is that desktop Linux is full of barriers and traps for new users who don’t (yet) know what they’re doing.

                                                              I have understand this. The problem I have with some of the complains is they proclaim the one or other way is clear better during the challenge. This is a bit more obvious in the file extension example[0]. I completely understand the experience is frustrating. But the “it is frustrating for me because the system don’t behave like I expect from the knowledge of an other system” don’t mean this system is bad.

                                                              Yes systems try to adopt behavior from other systems to make it for users better to adopt. But this has it down side, because you can’t change a bad design after the user get used to it. In this example users get used to ignore errors and warnings and just “click ok”.

                                                              Explaining “well, it’s like that because you told it to florb the waggis instead of confeling rolizins, so it’s all your fault” may very well be technically correct, but it doesn’t change the fact that the OS hasn’t worked well for the user

                                                              I don’t want to imply they are dump or just don’t want to learn the system. It is frustrating, if a system don’t work the way you expect. I would like to see a discussion after the challenges with an expert explaining why the UI behaves different.

                                                              [0] Which I don’t write today, it’s late again

                                                              1. 5

                                                                When doing usability evaluations, it’s normal to discount specific solutions offered by frustrated users, but never the problems they face.

                                                                There were a few problems here:

                                                                • Lack of hardware support. Sadly, that’s a broad problem, and difficult to fix.

                                                                • User needed to download and run a script from GitHub. I think distros could improve here. For a random developer who wrote a script, it’s difficult to distribute the code in a better way. There’s a very high bar for getting something to be an official package, and hardly any other viable alternative. There are several different packaging formats (some tedious to build, some are controversial), a few unofficial package repositories, a few “app stores” for some distros. All this fragmentation is a lot of work and maintenance headache. It makes just dumping a script on GitHub very easy and attractive in comparison. It may not be a failing of any single person or distro, but it is a failing of “Linux desktop” in aggregate.

                                                                • Browser and file manager did a crappy job by treating HTML with .sh extension as if it was a totally normal thing a user may want to do. The fight about file extensions has been lost in the ‘90s. I’ve been there, tweaking detection by magic bytes in my Directory Opus on AmigaOS, and fiddling with creator codes when copying stuff from classic MacOS. The reality is that file extensions exist, and are meaningful. No normal person stores web pages as “.sh” files.

                                                              2. 1

                                                                As a waggis / rolizins engineer, maybe I’m out of touch, but I don’t think “Doing this will cause everything to break. If you want everything to break, then type ‘Yes, please cause my computer to break!’” is quite as obscure a message as anything about florbing and confeling. This required not only a (very rare) bug in the dependency tree but also either a user that deliberately wanted to break his Linux install for YouTube content, or one that is the very embodiment of Dunning-Kruger.

                                                                Not only did the dependency tree break, but the package manager was smart enough to recognize that the dependency tree had broken, and stopped him from doing it and told him so. He then went out of his way and used another package management tool to override this and allow him to break his installation anyway. This tool then was also smart enough to recognize the dependency tree was broken, and again warned him what was about to happen. He read this message and copied the text from this warning into a confirmation prompt.

                                                                He could just as easily have typed sudo rm -rf /usr. He could just as easily have deleted system32 on Windows.

                                                                The only possible solution that could have prevented him from doing this would be to not tell him his own sudo password and to give him a babysitter to do everything requiring privilege escalation for him so he doesn’t hurt himself, but that solution has logistical issues when you try to scale it up to every desktop Linux user.

                                                                1. 3

                                                                  You need to have more empathy for the user.

                                                                  The prompt wasn’t “destroy my system”, it was “do as I say”, and user said to install Steam.

                                                                  No other operating system is stupid enough to delete itself when you tell it to add a new good application from a reputable publisher. Crappy Windows installers could damage the OS, but Steam doesn’t.

                                                                  It’s normal for OSes to sound dramatic and ask for extra confirmation when installing software from unusual sources, so the alarming prompt could easily be interpreted as Linux also warning about dangers of “sideloading” a package, which can be dismissed as “I’m not installing malware, just Steam, so it’s fine”.

                                                                  From user perspective the screen contained “Install Steam, wall of technogibberish user didn’t ask nor care for, type ‘Yes, do as I say!’”. The system frequently requires to type weird commands, so it requiring to type one more weird command wasn’t out of ordinary.

                                                                  The only possible solution… [condescending user blaming]

                                                                  The real solution would be for Linux to work properly in the first place, and actually install Steam instead of making excuses. Linux is just an awful target for 3rd party applications, and even the other Linus knows this.

                                                                  1. 2

                                                                    No other operating system is willing to give the user the ability to break the desktop environment intentionally (though I recall a lot of Windows bugs in the past that did this unintentionally). One of the fundamental problems Linux faces is that most users don’t actually want as much power as running as root gives you. They’ll say the do, but they really don’t, and their operating system choice generally reflects that.

                                                                    It’s normal for OSes to sound dramatic and ask for extra confirmation when installing software from unusual sources

                                                                    This is pretty obviously because it’s axiomatically impossible for the OS to actually tell if something the user does with sufficient privileges will break something (inter alia, you’d have to be able to solve the Halting Problem to do this). In this case, the package manager was obviously correct, which should be applauded. There are two obvious responses to this (maybe there are non-obvious ones I’m missing as well): restrict the user’s ability to do things to actions with a low likelihood of breaking the OS or trust the user to make a decision and accept the consequences after a warning.

                                                                    Broadly, Windows, the MacOSs, and the mobile operating systems have been moving towards restricting the user’s ability to do risky things (which also includes a lot of things proficient system operators want to do). That seems to be in response to consumer demand but I don’t think that we should enshrine the desires of the bottom 60% of users (in terms of system operation competence) as the standard to which all systems should be designed. This is not related to an “it should just work” attitude towards 3rd party software as there’s generally been a significant decrease in things like OS API stability over the past two decades (e.g. this rant of Spolsky’s). Users just think that anything they want to use should “just work” while anything they don’t care about should be marginally supported to minimize cost: the problem is that many people want different things to work.

                                                                    On the other hand, some users don’t want the operating system reasoning for them (at least some of the time). I don’t want an operating system “smart” enough to prevent me from doing something stupid on my project boxes or in a VM I’m playing with especially if it’s just something that looks stupid to the OS but I’m doing for some (moderately good) reason.

                                                                    1. 4

                                                                      You’re boxing this into a dichotomy of restricting user or not, but this isn’t the issue here.

                                                                      The issue is not about power, but about usability. You don’t need to block all failure paths. You need to communicate clearly and steer users towards success paths, so they never even come close to the dangerous commands by accident.

                                                                      1. 2

                                                                        I wouldn’t say this is really about power, so much as control though I tend to be a bit of a pedant about defining “power”.

                                                                        I think the communication here was reasonably good, though it could be improved. I think the real mistake Linus made was in choice of distribution. That is a real problem in the Linux community (and I think the one we should be focused upon here). I think the opportunity to improve communication here is marginal at best.

                                                                    2.  

                                                                      You need to have more empathy for the user.

                                                                      I do. I’m just saying that there’s nothing anyone could have done to prevent this except disallow even the root user from uninstalling xorg, and even then he could have just manually removed crucial files if he felt like it. OS maintainers are going to make mistakes occasionally. “Just don’t make mistakes ever” isn’t a viable strategy for avoiding things like this. What is a viable strategy is to build tools that detect and correct for errors like the one in Pop!_OS’s dependency tree. And that’s exactly what happened. He just disregarded the numerous protections from this bug that his OS afforded him.

                                                                      “From the user perspective,” the screen contained a list of packages that were about to be installed, a list of packages that were about to be uninstalled, and a message saying that the packages that were about to be uninstalled were essential to the operation of his computer and he should stop now rather than electing to uninstall those packages, along with a prompt that very deliberately requires you to have read that warning in order to proceed.

                                                                      The real solution would be for Linux to work properly in the first place, and actually install Steam instead of making excuses.

                                                                      Linux worked properly, apt even worked properly. Pop!_OS’s dependency tree was briefly broken. The package manager then recognized there was something wrong and explicitly told him he was about to uninstall his desktop and that he shouldn’t do it. It wasn’t “destroy my system.” That was me being (generously) 5% hyperbolic. In reality it was a warning that he was about to uninstall several essential packages including his desktop and a recommendation that he shouldn’t do this unless that was what he wanted to do. He was then required to enter a very specific message which was part of that warning, verbatim.

                                                                      Here’s the thing, no operating system has avoiding pushing out a bad or bugged update periodically. What’s great about Linus’s example is that Pop!_OS pushed out a bad update but the error was limited to one package, and the package manager was smart enough to stop Linus from breaking his system, and told him that it had stopped him from breaking his system. Linus then decided to use another tool that would allow him to break his system. This tool too was smart enough to notice that the package system had broken, and prevented him from breaking his system. He then deliberately bypassed these safeties and uninstalled gdm and xorg.

                                                                      What’s crucial to note here is that exactly nobody is making excuses for Pop!_OS — they messed up their dependency tree, yes — but also, this is a perfect example of all of these systems working exactly as intended. The package manager was smart enough to stop him from breaking his system even though the dependency tree was mangled, and he then overrode that and chose to break his system anyway. That’s more than can be said for many other operating systems. The tools he was using detected the error on Pop!_OS’s side and saved him

                                                                      It’s also worth noting that he literally didn’t brick his system, he could have fixed his machine if he’d just installed from the command line the same packages he had just uninstalled. Like, he didn’t actually break his system, he just uninstalled a few packages that were flagged as essential to stop newbies from uninstalling them because it might confuse them if they were uninstalled.

                                                                      1.  

                                                                        Your assertion that nothing could be done is provably incorrect. Alpine doesn’t have this problem — by design — and it isn’t any less capable than Debian family. It’s a matter of design of tools’ UI, and this part of apt is a poor design.

                                                                        People don’t accidentally uninstall their OS when installing Steam on other OSes, because everywhere else “install a new user program” and “catastrophically alter the whole system” are separate commands.

                                                                        Users generally don’t read walls of text. In usability circles this is accepted, and UI designers account for that, instead of wishing they had better users. Users aren’t illiterate, they just value their time, and don’t spend it on reading things that seem to have low value or relevance. The low signal-to-noise ratio of apt’s message and surprising behavior is apt’s problem, not user’s reading problem. And “this is just the way the tool works” is not a justification for the design.

                                                                2. 20

                                                                  At the risk of being that condescending Linux user (which would be pretty awful since I’m not really using Linux anymore) my main takeaway from these videos is “don’t use hipster distros”.

                                                                  Or, okay, hipster distros is where innovation happens. I get it, Gentoo was a hipster distro when I started using it, too. Okay, maybe don’t recommend hipster distros to beginners?

                                                                  I saw Manjaro mentioned here. I tried Manjaro. It’s not a beginners’ distro. It’s great if you’re a burned out Arch user and you like Arch but you already know the instructions for setting up a display manager by heart and if you have to do it manually again you’re going to go insane. There’s a (small!) group of people who want that, I get it. But why anyone would recommend what is effectively Arch and a rat’s nest of bash scripts held together with duct tape to people who wouldn’t know where to begin debugging a broken Arch installation is beyond me. I mean the installer is so buggy that half the time what it leaves you with is basically a broken Arch installation for heaven’s sake! Its main value proposition is in a bunch of pre-installed software, all of which can be trivially installed on Ubuntu.

                                                                  I haven’t used Pop!_OS but IMHO a distribution that can’t get Steam right, Steam being one of the most popular Linux packages, is just not a good distribution. It’s particularly unsettling when it’s a distro that’s supposed to have some level of commercial backing, and Steam is one of the most popular packages, so presumably one of the packages that ought to get the most testing. Hell even Debian has instructions that you can just copy-paste off their wiki without breaking anything. And the only reason why they’re “instructions”, not just apt install steam, is that – given their audience – the installation isn’t multilib by default.

                                                                  There’s certainly a possibility that the problem here was in the proverbial space between the computer and the chair, sure. But if that’s the case again, maybe it’s just time we acknowledged that the way to get “better UX” (whatever that is this year) for Linux is not to ship Gnome with the umpteenth theme that looks like all other theme save for the colors and a few additional extensions. It’s safe to say that every combination of Gnome extensions has already been tried and that’s not where the magic usability dust is at. Until we figure it out, can we just go back to recommending Ubuntu, so that people get the same bad (I suppose?) UX, just on a distribution with more exposure (and, thus, testing) and support channels?

                                                                  Also, it’s a little unsettling that the Linux community’s approach to usability hasn’t changed since the days of Mandrake, and is still stuck in the mentality of ESR’s ridiculous Aunt Tilly essay. Everyone raves about consistency and looking professional. Meanwhile, the most popular computer OS on the planet ships two control panels and looks like anime, and dragging things to the thrash bin in the second most popular OS on the planet (which has also been looking like anime for a few years now) either deletes them or ejects them, which doesn’t seem to deter anyone from using them. Over here in FOSS land, the UI has been sanitized for consistency and distraction-free visuals to the point where it looks like a frickin’ anime hospital, yet installing Steam (whether through the terminal or the interface it makes no difference – you can click “Yes” just as easily as you can type “Yes”) breaks the system. Well, yeah, this is what you get if you treat usability in terms of “how it looks” and preconceived notions about “how it’s used”, rather than real-life data on how it’s used. It’s not an irredeemable state of affairs, but it will stay unredeemed as long as all the debate is going to be strictly in terms of professional-looking/consistent/beautiful/minimal/distraction-free interfaces and the Unix philosophy.

                                                                  1. 14

                                                                    The issue about Linux distro here is that they didn’t know the differences between them, why that matters, and that Linux isn’t one thing. Without a knowledgeable person to ask what to use, this is how they ended up with these different flavours. They also didn’t know about desktop environments, or how much influence they have over their Linux experience.

                                                                    It’s unfortunately a hard lens for many technical people to wrap their head around. Heck, we are starting to see people that don’t need to interact with hierarchical file systems anymore. Something natural to everyone here, but becoming a foreign concept to others.

                                                                    1. 6

                                                                      Certainly. My response was mostly in the context of an underlying stream of “Ubuntu hate” that’s pretty prevalent in the circles of the Linux community that also have a lot of advice to give about what the best results for “best Linux distro for gaming” should be. I know I’m going to be obtuse again but if the l33t h4x0rz in the Linux community could just get over themselves and default to Ubuntu whenever someone says “I’ve never touched Linux before, how can I try it?” a lot of these problems, and several distributions that are basically just Ubuntu with a few preinstalled programs and a custom theme, would be gone.

                                                                      There’s obviously a huge group of people who don’t know and are not interested in knowing what a distribution is, what their desktop environment is, and so on. As the Cheshire Cat would put it, then it doesn’t really matter which one they use, either, so they might as well use the one most people use, since (presumably) their bugs will be the shallowest.

                                                                      I know this releases all sorts of krakens (BUT MINT WORKS BETTER OUT OF THE BOX AND HAS A VERY CONSISTENT INTERFACE!!!1!!) but the competition is a system whose out-of-the-box experience includes Candy Crush, forced updates, a highly comprehensive range of pre-installed productivity apps of like ten titles, featuring such amazing tools like Paint 3D and a Calculator that made the Win32 calculator one of the most downloaded programs in history, two control panels and a dark theme that features white titlebars. I’m pretty sure any distribution that doesn’t throw you to a command prompt on first boot can top that.

                                                                      1. 1

                                                                        Oh, I totally agree, I was just clarifying that they did some googling to try and find something to use, and it’s how they ended up with this mess of difficulties.

                                                                      2. 2

                                                                        I think you cut to the heart of the matter here. I also think the question they asked initially (what’s the “best” gaming Linux distro) wasn’t well formed for what they actually wanted: what the easiest to configure was. To forestall the “that’s a Linux problem” crowd, that’s an Internet problem, not a Linux problem. If you Google (or ddg or whatever) the wrong question, you’re going to get the wrong answer.

                                                                        I think we have to resign ourselves to the fact that users generally don’t want to learn how to operate their systems and don’t want meaningful choices. Therefore, many users are not good candidates for a *nix.

                                                                      3. 2

                                                                        Until we figure it out, can we just go back to recommending Ubuntu, so that people get the same bad (I suppose?) UX, just on a distribution with more exposure (and, thus, testing) and support channels?

                                                                        I wish Ubuntu offered an easier flow for getting a distribution with the right drivers out of the gate. This is what Pop_OS! does (source):

                                                                        Pop!_OS comes in two versions: Intel/AMD and NVIDIA. This allows us to include different settings and the proprietary NVIDIA driver for NVIDIA systems, ensuring the best performance and use of CUDA tools one command away. On Oryx Pro systems, you can even switch between Intel and Nvidia graphics using a toggle in the top right corner of your screen.

                                                                        IMO this is superior to in Ubuntu where you need to follow complex instructions to get NVIDIA proprietary drivers: https://help.ubuntu.com/community/BinaryDriverHowto/Nvidia

                                                                        And you need to follow different instructions for AMD graphics

                                                                        Also if you buy a System76 laptop all the drivers for your computer come set up, no driver manager needed. With Ubuntu you can buy from Dell but not with the same variety of hardware as System76.

                                                                        I agree that Ubuntu is a good option but I would like to see it improve in these aspects before I would recommend it to a random non-power user who wants to play video games.

                                                                        1. 2

                                                                          I haven’t used Ubuntu in a while, and that page doesn’t help because the instructions look like they haven’t been updated since Ubuntu 12.04, but the way I remember it all you needed to do was go to “Additional Drivers” or whatever it was called, choose the proprietary driver, hit OK and reboot. Has that changed in the meantime? Last time I used a machine with an NVidia card I was running Arch and it was literally just pacman -S nvidia, please tell me Ubuntu didn’t make it more complicated than that!

                                                                          Also… is the overlap between “people who write CUDA code” and “people who can’t install the proprietary NVidia drivers” really that big? Or is this aimed at people using third-party CUDA applications, who know statistics but suck at computers in general (in which case I get the problem, I’ve taught a lot of engineers of the non-computer kind about Linux and… yeah).

                                                                          Also if you buy a System76 laptop all the drivers for your computer come set up, no driver manager needed.

                                                                          If you choose the “Ubuntu LTS” option when ordering, doesn’t it come with the right drivers preloaded? I mean… I get that Pop!_OS is their thing, but shipping a pre-installed but unconfigured OS is not exactly the kind of service I’d expect in that price range.

                                                                          1. 2

                                                                            For a novice user, do you expect them to know before they download the OS whether they have an nVidia or AMD GPU?

                                                                            I seem to recall that a big part of the motivation for the complex install process for the nVidia drivers was the GPL. The nVidia drivers contain a shim layer that is a derived work of the kernel (it hooks directly into kernel interfaces) and so must be released under a GPL-compatible license and of the proprietary drivers, and the proprietary driver itself, which is first developed on Windows and so is definitely not a derived work of the kernel and can be under any license. The proprietary drivers do not meet the conditions of the GPL and so you cannot distribute the kernel if you bundle it with the drivers. The GPL is not an EULA and so it’s completely fine to download the drivers and link them with your kernel. The GPL explicitly does not restrict use and so this is fine. But the result is something that you cannot redistribute.

                                                                            FreeBSD and Solaris distributions do not have this problem and so can ship the nVidia drivers if they wish (PC-BSD and Nexenta both did). I wonder how Pop!_OS gets around this. Is it by being small and hoping no one sues them?

                                                                          2. 1

                                                                            From what I can tell, steam isn’t even open source. And while you assert it to be one of the most popular Linux packages, I hadn’t even heard of it until this video came up in all the non-gaming tech news sites despite having used Linux for 25+ years. Was it even a Pop!OS package or were they installing an Ubuntu package on an Ubuntu derivative and assuming it’d just work?

                                                                            1. 8

                                                                              it’s proprietary, yeah, but i just feel like someone has to tell you that there are several orders of magnitude more Steam users than Linux desktop users, and it’s not only a package in Pop!_OS and Ubuntu, it’s a package in Debian and just about every distro for the last decade.

                                                                              i honestly have gotta applaud you for being productive enough a person to have never heard of Steam. if you look at the install data from popularity-contest, ignoring firmware and libraries (i.e. only looking at user-facing applications), Steam is the third most-installed non-free package on all Debian-based distros, behind unrar and rar. pkgstats.archlinux.de suggests Steam is installed on 36% of Arch Linux installations. Steam is not only an official package on Pop!_OS but one of the most installed packages on desktop Linux overall.

                                                                              1. 5

                                                                                And while you assert it to be one of the most popular Linux packages, I hadn’t even heard of it until this video came up in all the non-gaming tech news sites despite having used Linux for 25+ years

                                                                                Someone else already pointed out how popular it is but just for the record, any one of us is bound to not have heard about most of the things currently in existence, but that does not make them pop out of existence. Whether you’ve heard of it or not affects its popularity by exactly one person.

                                                                                Also, lots of useful applications that people want aren’t even open source, and a big selling point of Pop!_OS is that it takes less fiddling to get those working (e.g. NVidia’s proprietary drivers). An exercise similar to this one carried out with, say, Dragora Linux, would’ve probably been a lot shorter.

                                                                                Was it even a Pop!OS package or were they installing an Ubuntu package on an Ubuntu derivative and assuming it’d just work?

                                                                                Most of Pop!_OS is Ubuntu packages on an Ubuntu derivative. Does it matter what repo it came from as long as apt was okay installing it?

                                                                                Edit: to make the second point clear, Pop!_OS is basically Ubuntu with a few custom Gnome packages and a few other repackaged applications, most of the base system, and most of the user-facing applications, are otherwise identical to the Ubuntu packages (they’re probably rebuilt from deb-srcs). No idea if what they tried to install was one of the packages System76 actually repackages, or basically the same as in Ubuntu, but it came from their “official” channel. I.e. they didn’t grab the Ubuntu package off the Internet, dpkg -i it and proceed to wonder why it doesn’t work, they just did apt-get install steam, so yes, it’s a Pop!_OS package.

                                                                            2. 10

                                                                              I mean, I have Big Opinions® on the subject, but my tl;dr is that Linux isn’t Windows, we shouldn’t give false expectations, have our own identity, etc. etc. But….

                                                                              So he typed in “Yes, do as I say!” and his installation was broken. He claimed later: “the thinks that I did are not entirely ridiculous or unreasonable”. He ignored all warnings and “dictated the computer” “Yes, do as I say!”, how is this not a clear user error[0]?

                                                                              I mean, the system should refuse to do that. Alpine’s and others refuse to allow the system to enter a boned state. One of the Alpine developers was rightly criticizing Debian for this issue in apt, citing it as one of the reasons why they stopped using Debian. The attention to the problem Linus gave in an embarrassing light was the push finally needed to fix it.

                                                                              1. 5

                                                                                Knowing how Internet guides work, now all guides will say “apt --allow-solver-remove-essential <do dangerous stuff> instead of “Type Yes, do as I say at the prompt”.

                                                                                1. 3

                                                                                  I like luke’s perspective that some distros should do different things. I think it’s reasonable for arch to be a ‘power user distro’ that is willing to bork itself. But PopOS is ‘an operating system for STEM and creative professionals’, so it probably should have some safeguards.

                                                                                  That being said I don’t think arch should ever be recommended to a brand new user. Linus shouldn’t even be on arch because 1) there should be better resources for picking a good distro for absolute beginners and 2) PopOS never should have that broken of a steam package in the first place.

                                                                                  1. 1

                                                                                    That being said I don’t think arch should ever be recommended to a brand new user.

                                                                                    I would qualify this; there are many users for whom arch was there first distro and it went great, but the key thing is these are not your typical computer user; they are people who are technically minded (not necessarily with deep deep knowledge of anything in particular, but they’re probably at least the person their friends ask for help), are up to and interested in learning about the system, and generally have been given some idea of what they’re getting into. That is to say, arch is definitely for “power users,” but that set includes some users who have not actually used Linux before.

                                                                                    For my part, Arch was the first distro that was actually reliable enough for me to do more than play with; I spent a year or so fussing with other stuff while dual booting windows, and Arch is the first one that actually worked well enough for me wipe the windows partition and stay. This was 15 years ago and I haven’t left, though I keep eyeing NixOS these days.

                                                                                    I think at the time folks still had fresh memories of before Linux desktop environments were even a thing, and there was this mentality that the barrier to entry was mostly around user interfaces. People hadn’t really internalized the fact that Linux had caught up decently well even by then (this was KDE 3.x era), but the problem was stuff needed to work better out of the box, and it needed to not break whenever you upgraded to the next release of the distro.

                                                                                  2. 1

                                                                                    I mean, the system should refuse to do that

                                                                                    The system had refused to do that. Then the user has told the system to shut up and do as he said. You could argue that this should not be possible, but if you are in the situation where you have fucked up your packages? The way around should be present within the package manager, because without it you need to do the way around without your package manager by deleting files and changing the database file.

                                                                                  3. 7

                                                                                    To answer some of your questions:

                                                                                    First so similar we don’t get the issue, because under Windows there is no package manager accessible for somehow third party software.

                                                                                    Technically not true; there is a Windows package manager and has been for a long time, and that’s the Windows Installer (MSI files). There’s also APIs and supported methods for 3rd-party installers to register an install with the system. What’s historically been missing are official package repositories for installing and updating applications (ala. APT, RPM, etc… repos). That’s slowly changing with the Microsoft Store, winget, and others, but this is an area Linux has long been very far ahead.

                                                                                    So lets assume there is an windows update which removes the wrong file and breaks your system. On the install the update would remove the wrong file and breaks your system.

                                                                                    This is incredibly rare. I won’t claim it hasn’t happened, but more common (while still very rare) is an update which causes a bluescreen on boot or exposes a bug in a critical system process. In either case, we’re talking very rare, but I’d suggest that’s true of Linux too.

                                                                                    Other example the steam installer manage to have a bug with removes some necessary files from your Windows installation. Is there anything Windows protect you from this bug[1]?

                                                                                    Yes, several things, and this is a genuine major contrast to Linux. Off the top of my head:

                                                                                    1. Window system files cannot be modified by default even with administrator privileges. You can’t simply run an elevated Command Prompt and run the equivalent of rm -rf C:\Windows. That’s because most operating system files are both owned and only writeable by a special account (TrustedInstaller). You can still modify or delete these files, but you have to jump through several hoops. At a minimum, you need administrator privileges (ala. root), and would have to take ownership of the file(s) of interest and subsequently grant yourself the relevant privileges. There are other ways you could gain the relevant access, but the point is it’s not a thing you could do by accident. That’s similarly true for installers, which also would need to take the same approach.

                                                                                    2. Windows has long had numerous recovery options for when things go pear shaped. Notable ones include Safe Mode and its various permutations (since forever), the ability to uninstall operating system updates (also forever), System Restore (since XP?), System Reset (Windows 10?), and a dedicated recovery partition with a minimal Windows 10 installation to serve as a recovery environment wholly independent of the main operating system. Obviously, none of these are a guarantee for recovery of an appropriately damaged system, but it’s long been the case that Microsoft has implemented numerous recovery/rollback mechanisms.

                                                                                    On Linux, it’s usually limited to one or more previous kernel versions, and that’s about it? Yes, there’s single-user mode, but that just drops you into a root shell, which is wholly unsuitable for non-experts to use.

                                                                                    1. 1

                                                                                      there is a Windows package manager and has been for a long time, and that’s the Windows Installer (MSI files). There’s also APIs and supported methods for 3rd-party installers to register an install with the system.

                                                                                      I believe we use the same words for different thinks. When I talk about a package manager I mean a system witch provides packages and resolves dependencies. If I understand your comment correct an MSI file installs Software and registers the Software. But there is no way a MSI file claims is it incompatible with version 3.6 of explorer. So that on install the installer solve the dependence graph and present what he need to install and remove.

                                                                                      On Linux, it’s usually limited to one or more previous kernel versions, and that’s about it?

                                                                                      This depends on your system. On debian based OS there are the packages still in the package cache. So you can easy downgrade. There are other options witch allows easy recovery from such bugs. There are most of the time not setup by default and still require some skill to solve your problem.

                                                                                      1. 2

                                                                                        I believe we use the same words for different thinks. When I talk about a package manager I mean a system witch provides packages and resolves dependencies. If I understand your comment correct an MSI file installs Software and registers the Software. But there is no way a MSI file claims is it incompatible with version 3.6 of explorer. So that on install the installer solve the dependence graph and present what he need to install and remove.

                                                                                        It’s true that MSI (and most competing technologies) generally will not compute and resolve a dependency graph for package installation, but it’s also worth noting this is in part because it’s far less applicable to Windows systems. As the operating system is a single unified system, versus hundreds or even thousands of discrete packages sourced from different projects and maintainers, it’s unusual for an application on Windows to have many dependencies. So in this respect the packaging tools functionality is very much in response to the needs of the underlying platform.

                                                                                        A system with the same sophistication for dependency resolution as the likes of Apt or Yum is simply just not as useful on Windows. Of course, that’s a separate argument from a system which provides a centralised catalogue of software ala. Linux software repositories. That’s an area Windows is very much still playing catch-up on.

                                                                                        This depends on your system. On debian based OS there are the packages still in the package cache. So you can easy downgrade. There are other options witch allows easy recovery from such bugs. There are most of the time not setup by default and still require some skill to solve your problem.

                                                                                        I think we have different definitions of easy here. Typically such an approach would minimally involve various command-line invocations to downgrade the package(s), potentially various dependency packages, and relying on cached package installers which could be removed at any time is less than ideal. Given the upstream repositories usually don’t to my knowledge maintain older package versions, once the cache is cleaned, you’re going to be in trouble. The point I’d make is that if something goes wrong with package installation that breaks your system, on most Linux distributions the facilities to provide automated or simple rollback are fairly minimal.

                                                                                        1. 1

                                                                                          As the operating system is a single unified system, versus hundreds or even thousands of discrete packages sourced from different projects and maintainers

                                                                                          I would doubt that Windows itself has/is no modular system. The Updater itself must also have some sort of dependency management. FreeBSD as an other unified OS is currently working on a package management system for there base system.

                                                                                          A system with the same sophistication for dependency resolution as the likes of Apt or Yum is simply just not as useful on Windows

                                                                                          Why not? Currently all software ships it dependencies on there own and updater have to implemented in all software. Maybe not with one big graph for all software, but with a graph for each installed program and with a duplicate elimination.

                                                                                          1. 1

                                                                                            I would doubt that Windows itself has/is no modular system. The Updater itself must also have some sort of dependency management. FreeBSD as an other unified OS is currently working on a package management system for there base system.

                                                                                            You’re right, Windows itself is very modular these days, but the system used for managing those modules and their updates is independent of other installers (inc. MSI). There’s some logic to this, given the updates are distributed as a single cumulative bundle, and MS clearly wanted to design something that met Windows needs, not necessarily broader generalised package dependency handling requirements. The granularity is also probably wrong for a more general solution (it’s excessively granular).

                                                                                            On my system, there’s around ~14,600 discrete components, going off the WinSxS directory.

                                                                                            Why not? Currently all software ships it dependencies on there own and updater have to implemented in all software. Maybe not with one big graph for all software, but with a graph for each installed program and with a duplicate elimination.

                                                                                            Several reasons. One is that most Windows software is predominantly relying on Windows APIs which are already present, so there’s no need to install a multitude of libraries to provide required APIs as is often the case on Linux. They’re already there.

                                                                                            Where there are 3rd-party dependencies, they’re usually a small minority of the application size, and the fact that software on Windows is much more likely to be closed source means it’s harder to standardise on a given version of a library. So if you were to try and unbundle 3rd-party dependencies and have them installed by package manager from a central repository, you’d also need to handle multiple shared library versions in many cases.

                                                                                            That’s a soluble problem, but it’s complex, and it’s unclear if the extra complexity is worth it relative to the problem being solved. I suspect the actual space savings would be minimal for the vast majority of systems.

                                                                                            I’m not saying it’s a bad idea, just that it’s solving a problem I’d argue is far less significant than in *nix land. Again, all of this is independent of centralised package repositories, as we’re starting to see with winget, scoop, choco, etc …

                                                                                      2. 1

                                                                                        On Linux, it’s usually limited to one or more previous kernel versions, and that’s about it?

                                                                                        https://documentation.suse.com/sles/11-SP4/html/SLES-all/cha-snapper.html

                                                                                        By default Snapper and Btrfs on SUSE Linux Enterprise Server are set up to serve as an “undo tool” for system changes made with YaST and zypper. Before and after running a YaST module or zypper, a snapshot is created.

                                                                                        1. 1

                                                                                          Excellent. Like ECC RAM, those who are already expert enough to devise ways to do the task are given the tools.

                                                                                          This doesn’t happen on mainstream user- friendliness- oriented distros.

                                                                                          I do wonder about a Nix- based highly usable distribution. All the tools are there to implement these protections, lacking only a general user interface.

                                                                                          1. 1

                                                                                            I think that’s an unfair summary. Implementing this properly takes time and few distros have even started to default to filesystems where this is possible. It’s coming desktops too: https://fedoraproject.org/wiki/Changes/BtrfsWithFullSystemSnapshots

                                                                                            1. 1

                                                                                              Of course it’s coming.

                                                                                              I still think the criticisms are valid and help drive these technologies arriving for the common user.

                                                                                          2. 1

                                                                                            That’s pretty cool. I hope it becomes more widely accessible on end-user distributions (I expect SLES is a pretty tiny minority of the overall desktop/laptop Linux userbase).

                                                                                        2. 1

                                                                                          bug

                                                                                          It was a good old package conflict, wasn’t it? The normal way this happens is if you try to install a package from a foreign distro.

                                                                                          Different distros have different versions of packages, so unless the foreign package’s dependencies happens to line up with every installed package, the only way to install the foreign package is going to be to uninstall everything that depens on a conflicting version of something, which can be quite much.

                                                                                          If so, I wouldn’t call it a “bug”, since that’s a term used on software – the package manager itself, not its input. For user expectations, this means that bugs are fixable, whereas package conflicts (at least of the self inflicted kind) are not. The software can only heuristically refuse to do stupid things.

                                                                                        1. 2

                                                                                          I find it hard to believe that all their services are completely portable between their Linux servers and their MacOS dev machines. But maybe I’m just too accustomed to C++ and programming to the syscall interface.

                                                                                          1. 1

                                                                                            I’m accustomed to C++ and programming to the syscall interface and it’s quite rare for me to have problems porting code between macOS and Linux. Between macOS / Linux / *BSD and Windows is another matter, but between two POSIX platforms you have to be doing something pretty unusual for it to matter. For example, the sandboxing frameworks and hypervisor interfaces are different and they spell futex differently so I often need a small platform layer, but it’s a tiny fraction of the code.

                                                                                            1. 1

                                                                                              Yeah, depends on what you’re doing for sure. In my work I directly depend on Linux-only APIs like epoll (though I’d prefer kqueue), memfd sealing, io_uring, etc., so portability isn’t something I either try for or could easily achieve at this point. POSIX compatibility simply isn’t worth it, since our product is only expected to ever run on Linux.

                                                                                              1. 2

                                                                                                epoll vs kqueue isn’t as big a deal as it used to be. There’s a libkqueue for Linux and a libepoll for everything else that implement one interface in terms of the other.

                                                                                                Memfd sealing is a mechanism created to introduce security vulnerabilities because it depends entirely on getting the error handling (which is tested only when under attack) correct. We proposed an alternative mechanism when it was introduced where you could request a snapshot mapping and explicitly pull updates. If everyone followed the rules, this is nice and fast (no CoW faults) but if someone doesn’t then it falls back to copying. No need for applications to handle the error condition because the attack is not observable.

                                                                                                io_uring is starting to look very nice. Hopefully other kernels will pick it up soon, since it seems to be stabilising. It may be a bit late though. For anything high-performance, things like DPDK / SPDK seem to be the future and the intersection of ‘need very high performance’ and ‘are happy to have the kernel in the fast path’ is shrinking.

                                                                                                I’m curious what the product is.

                                                                                                1. 1

                                                                                                  I don’t do networking, but my impression from reading Cloudflare blog posts etc. was that eBPF has largely removed the need for userspace network stacks in Linux.

                                                                                                  Not sure I can talk about the product yet; it’s in closed beta but should be public beta relatively soon.

                                                                                          1. 40

                                                                                            Looks like the employee is based in the UK. As you might expect, most of the responses to his announcement are Bad Legal Advice. This comment is also going to be Bad Legal Advice (IANAL!) but I have some experience and a little background knowledge so I hope I can comment more wisely…

                                                                                            The way FOSS (and indeed all private-time) software development works here for employees is that according to your contract your employer will own everything you create, even in your private time. Opinions I’ve heard from solicitors and employment law experts suggest that this practice might constitute an over-broad, “unfair”, contract term under UK law. That means you might be able to get it overturned if you really tried, but you’d have to litigate to resolve it. At any rate the de facto status is: they own it by default.

                                                                                            What employees typically do is seek an IP waiver from their employer where the employer disclaims ownership of the side-project. The employer can refuse. If you’ve already started they could take ownership, as apparently is happening in this case. Probably in that scenario what you should not do is try to pre-emptively fork under some idea that your project is FOSS and that you have that right. The employer will likely take the view that because you aren’t the legal holder of the IP that you aren’t entitled to release either the original nor the fork as FOSS - so you’ve improperly releasing corporate source code. Pushing that subject is an speedy route to dismissal for “gross misconduct” - which a sufficient reason for summary dismissal, no process except appeal to tribunal after the fact.

                                                                                            My personal experience seeking IP waivers, before I turned contractor (after which none of the above applies), was mixed. One startup refused it and even reprimanded me for asking - the management took the view that any side project was a “distraction from the main goal”. Conversely ThoughtWorks granted IP waivers pretty much blanket - you entered your project name and description in a shared spreadsheet and they sent you a notice when the solicitor saw the new entry. They took professional pride in never refusing unless it conflicted with the client you were currently working with.

                                                                                            My guess is that legal rules and practices on this are similar in most common law countries (UK, Australia, Canada, America, NZ).

                                                                                            1. 27

                                                                                              The way FOSS (and indeed all private-time) software development works here for employees is that according to your contract your employer will own everything you create, even in your private time.

                                                                                              This seems absurd. If I’m a chef, do things I cook in my kitchen at home belong to my employer? If I’m a writer do my kids’ book reports that I help with become privileged? If I’m a mechanic can I no longer change my in-laws’ oil?

                                                                                              Why is software singled out like this and, moreover, why do people think it’s okay?

                                                                                              1. 10

                                                                                                There have been cases of employees claiming to have written some essential piece of software their employer relied on in their spare time. Sometimes that was even plausible, but still it’s essentially taking your employer hostage. There have been cases of people starting competitors to their employer in their spare time; what is or is not competition is often subject to differences of opinion and are often a matter of degree. These are shadow areas that are threatening to business owners that they want to blanket prevent by such contractual stipulations.

                                                                                                Software isn’t singled out. It’s exactly the same in all kinds of research, design and other creative activities.

                                                                                                1. 12

                                                                                                  There have been cases of people starting competitors to their employer in their spare time;

                                                                                                  Sounds fine to me, what’s the problem? Should it be illegal for an employer to look for a way to lay off employees or otherwise reduce its workforce?

                                                                                                  1. 3

                                                                                                    what’s the problem?

                                                                                                    I think it’s a pretty large problem if someone can become a colleague, quickly hoover up all the hard won knowledge we’ve together accumulated over the past decade, then start a direct competitor to my employer, possibly putting me out of work.

                                                                                                    You’re thinking of large faceless companies that you have no allegiance to. I’m thinking of the two founders of the company that employs me and my two dozen colleagues, whom I feel loyal towards.

                                                                                                    This kind of thing protects smaller companies more than larger ones.

                                                                                                    1. 2

                                                                                                      …start a direct competitor to my employer, possibly putting me out of work.

                                                                                                      Go work for the competitor! Also, people can already do pretty much what you describe in much of the US where non-competes are unenforceable. To be clear, I think this kind of hyper competitiveness is gross, and I would much rather collaborate with people to solve problems than stab them in the back (I’m a terrible capitalist). But I’m absolutely opposed to giving companies this kind of legal control over (and “protection” from) their employees.

                                                                                                      1. 2

                                                                                                        Go work for the competitor!

                                                                                                        Who says they want me? Also I care for my colleagues: who says they want them as well?

                                                                                                        where non-competes are unenforceable

                                                                                                        Overly broad non-competes are unenforceable when used to attempt to enforce against something not clearly competition. They are perfectly enforceable if you start working for, or start, a direct competitor, profiting from very specific relevant knowledge.

                                                                                                        opposed to giving companies this kind of legal control

                                                                                                        As I see it we don’t give “the company” legal control: we effectively give humans, me and my colleagues, legal control over what new colleagues are allowed to do, in the short run, with the knowledge and experience they gain from working with us. We’re not protecting some nameless company: we’re protecting our livelihood.

                                                                                                        And please note that my employer does waive rights to unrelated side projects if you ask them, waives rights to contributions to OSS, etc. Also note that non-compete restrictions are only for a year anyway.

                                                                                                        1. 1

                                                                                                          Who says they want me? Also I care for my colleagues: who says they want them as well?

                                                                                                          Well then get a different job, get over it, someone produced a better product than your company, that’s the whole point of capitalism!

                                                                                                          They are perfectly enforceable if you start working for, or start, a direct competitor, profiting from very specific relevant knowledge.

                                                                                                          Not in California, at least, it’s trivially easy to Google this.

                                                                                                          As I see it we don’t give “the company” legal control: we effectively give humans, me and my colleagues, legal control over what new colleagues are allowed to do, in the short run, with the knowledge and experience they gain from working with us.

                                                                                                          Are you a legal party to the contract? If not, then no, it’s a contract with your employer and if it suits your employer to use it to screw you over, they probably will.

                                                                                                          I truly hope that you work for amazing people, but you need to recognize that almost no one else does.

                                                                                                          Even small startups routinely screw over their employees, so unless I’ve got a crazy amount of vested equity, I have literally zero loyalty, and that’s exactly how capitalism is supposed to work: the company doesn’t have to care about me, and I don’t have to care about the company, we help each other out only as long as it benefits us.

                                                                                                        2. 1

                                                                                                          Go work for the competitor?

                                                                                                          Why would the competitor want/need the person they formerly worked with/for?

                                                                                                          1. 1

                                                                                                            Why did the original company need the person who started the competitor? Companies need workers and if the competitor puts the original company out of business (I was responding to the “putting me out of work” bit) then presumably it has taken on the original company’s customers and will need more workers, and who better than people already familiar with the industry!

                                                                                                      2. 1

                                                                                                        Laying off and reducing the workforce can be regulated (and is in my non-US country). The issue with having employees starting competitor products is that they benefit from an unfair advantage and create a huge conflict of interest.

                                                                                                        1. 2

                                                                                                          Modern Silicon Valley began with employees starting competitor products: https://en.wikipedia.org/wiki/Traitorous_eight

                                                                                                          If California enforced non-compete agreements, Silicon Valley might well not have ended up existing. Non-enforcement of noncompetes is believed to be one of the major factors that resulted in Silicon Valley overtaking Boston’s Route 128 corridor, formerly a competitive center of technology development: https://hbr.org/2016/11/the-reason-silicon-valley-beat-out-boston-for-vc-dominance

                                                                                                          1. 1

                                                                                                            I don’t think we are talking about the same thing. While I agree that any restriction on post-employment should be banned, I don’t think it is unfair for an organization to ask their employees to not work on competing products while being under their payroll. These are two very different situations.

                                                                                                          2. 2

                                                                                                            If the employee uses company IP in their product then sure, sue them, that’s totally fair. But if the employee wants to use their deep knowledge of an industry to build a better product in their free time, then it sucks for their employer, but that’s capitalism. Maybe the employer should have made a better product so it would be harder for the employee to build something to compete with it. In fact, it seems like encouraging employees to compete with their employers would actually be good for consumers and the economy / society at large.

                                                                                                            1. 1

                                                                                                              An employee working on competing products on its free time creates an unfair advantage because the employees have access to an organization IP to build its new product while the organization does not have access to the competing product IP. So what’s the difference between industrial espionage and employees working on competing products on their free time?

                                                                                                              1. 1

                                                                                                                If the employee uses company IP in their product then sure, sue them, that’s totally fair.

                                                                                                                That was literally in the comment you responded to.

                                                                                                      3. 4

                                                                                                        Joel Spolsky wrote a piece that frames it well, I think. I don’t personally find it especially persuasive, but I think it does answer the question of why software falls into a different bucket than cooking at home or working on a car under your shade tree, and why many people think it’s OK.

                                                                                                        1. 3

                                                                                                          Does this article suggest the employers view contracts as paying for an employee’s time, rather than just paying for their work?

                                                                                                          Could a contract just be “in exchange for this salary, we’d like $some_metric of work”, with working hours just being something to help with management? It seems irrelevant when you came up with something, as long as you ultimately give your employer the amount of work they paid you for.

                                                                                                          Why should an employer care about extra work being released as FOSS if they’ve already received the amount they paid an employee for?

                                                                                                          EDIT: I realise now that $some_metric is probably very hard to define in terms of anything except number of hours worked, which ends up being the same problem

                                                                                                          1. 2

                                                                                                            Does this article suggest the employers view contracts as paying for an employee’s time, rather than just paying for their work?

                                                                                                            I didn’t read it that way. It’s short, though. I’d suggest reading it and forming your own impression.

                                                                                                            Could a contract just be “in exchange for this salary, we’d like $some_metric of work”, with working hours just being something to help with management? It seems irrelevant when you came up with something, as long as you ultimately give your employer the amount of work they paid you for.

                                                                                                            I’d certainly think that one of many possible reasonable work arrangements. I didn’t link the article intending to advocate for any particular one, and I don’t think its author intended to with this piece, either.

                                                                                                            I only linked it as an answer to the question that I read in /u/lorddimwit’s comment as “why is this even a thing?” because I think it’s a plausible and cogent explanation of how these agreements might come to be as widespread as they are.

                                                                                                            Why should an employer care about extra work being released as FOSS if they’ve already received the amount they paid an employee for?

                                                                                                            As a general matter, I don’t believe they should. One reason I’ve heard given for why they might is that they’re afraid it will help their competition. I, once again, do not find that persuasive personally. But it is one perceived interest in the matter that might lead an employer to negotiate an agreement that precludes releasing side work without concurrence from management.

                                                                                                            1. 1

                                                                                                              I only linked it as an answer to the question that I read in /u/lorddimwit’s comment as “why is this even a thing?” because I think it’s a plausible and cogent explanation of how these agreements might come to be as widespread as they are.

                                                                                                              I think so too, and hope I didn’t come across as assuming you (or the article) were advocating anything that needs to be argued!

                                                                                                              I didn’t read it that way. It’s short, though. I’d suggest reading it and forming your own impression.

                                                                                                              I’d definitely gotten confused because I completely ignored that the author is saying that the thinking can become “I don’t just want to buy your 9:00-5:00 inventions. I want them all, and I’m going to pay you a nice salary to get them all”. Sorry!

                                                                                                        2. 3

                                                                                                          There is a huge difference: We’re talking about creativity and invention. The company isn’t hiring your for changing some oil or swapping some server hardware. They’re hiring you to solve their problems, to be creative and think of solutions. (Which is also why I don’t think it’s relevant how many hours you actually coded, the result and time you thought about it matters.) Your company doesn’t exist because it’s changing oil, the value is in the code (hopefully) and thus their IP.

                                                                                                          So yes, that’s why this stuff is actually different. Obviously you want to have exemptions from this kind of stuff when you do FOSS things.

                                                                                                          1. 2

                                                                                                            I think the chef and mechanic examples are a bit different since they’re not creating intellectual property, and a book report is probably not interesting to an employer.

                                                                                                            Maybe a closer example would be a chef employed to write recipes for a book/site. Their employer might have a problem with them creating and publishing their own recipes for free in their own time. Similarly, maybe a writer could get in trouble for independently publishing things written in their own time while employed to write for a company. I can see it happening for other IP that isn’t software, although I don’t know if it happens in reality.

                                                                                                            1. 3

                                                                                                              I think the “not interesting” bit is a key point here. I have no idea what Bumble is or the scope of the company, and I speak out of frustration of these overarching “legal” restrictions, but its sounds like they are an immature organization trying to hold on to anything interesting their employees do, core to the current business, or not, in case they need to pivot or find a new revenue stream.

                                                                                                              Frankly if a company is so fearful that a couple of technologies will make make or break their company, their business model sucks. Technology != product.

                                                                                                              1. 2

                                                                                                                Similarly, maybe a writer could get in trouble for independently publishing things written in their own time while employed to write for a company

                                                                                                                I know of at least one online magazine’s contracts which forbid exactly this. If you write for them, you publicly only write for them.

                                                                                                            2. 10

                                                                                                              This is pretty much my (non-lawyer) understanding and a good summary, thanks.

                                                                                                              If you find yourself in this situation, talk to a lawyer. However I suspect that unless you have deep pockets and a willingness to litigate “is this clause enforceable” through several courts, your best chance is likely to be reaching some agreement with the company that gives them what they want whilst letting you retain control of the project or at least a fork.

                                                                                                              One startup refused it and even reprimanded me for asking - the management took the view that any side project was a “distraction from the main goal”

                                                                                                              I think the legal term for this is “bunch of arsehats”. I’m curious to know whether you worked for them after they started out like this?

                                                                                                              1. 6

                                                                                                                I think the legal term for this is “bunch of arsehats”.

                                                                                                                https://www.youtube.com/watch?v=Oz8RjPAD2Jk

                                                                                                                I’m curious to know whether you worked for them after they started out like this?

                                                                                                                I left shortly after for other reasons

                                                                                                              2. 2

                                                                                                                The way FOSS (and indeed all private-time) software development works here for employees is that according to your contract your employer will own everything you create, even in your private time

                                                                                                                Is it really that widespread? It’s a question that we get asked by candidates but our contract is pretty clear that personal-time open source comes under the moonlighting clause (i.e. don’t directly compete with your employer). If it is, we should make a bigger deal about it in recruiting.

                                                                                                                1. 1

                                                                                                                  I would think the solution is to quit, then start a new project without re-using any line of code of the old project - but I guess the lawyers thought of this too and added clauses giving them ownership of the new project too…

                                                                                                                1. 10

                                                                                                                  His AppleScript paper is a favorite of mine.

                                                                                                                  RIP to a fellow computer scientist and Austinite.

                                                                                                                  1. 4

                                                                                                                    AppleScript is the only language I’ve ever used that I’d describe as a read-only language (the opposite of Perl, for example). I’ve never come across an AppleScript script that I couldn’t understand from a quick skim but writing them is something I’ve always struggled with. The scoping rules (which dictionary will actually provide the implementation of a word) are confusing.

                                                                                                                    There are some really nice features in the AppleScript’s interface in the frameworks. The idea of exposing operations on models to scripting is very simple and powerful but I’m not aware of anything prior to AppleScript that did this. Windows 3.0 had a Recorder app that let you capture the input events sent to the system and replay them. This was really fun when you were opening new windows because each window was moved down and to the right from the previous one and so your Recorder events would be up and to the left of the UI widgets in the new window.

                                                                                                                    To my mind, this is the biggest contribution of AppleScript and the retrospective talks about it a lot. Almost every macOS app exposes scripting functions. These days, you can use them directly from JavaScript instead of AppleScript (OS X shipped with a framework for plugging in alternative scripting language implementations and I heard about a couple of third-party ones but never used them). This is an incredibly powerful. I’ve used it to export an OmniOutliner outline as a directory structure full of .tex files with the outline contents, as a way of integrating OmniGraffle export into Makefiles (so if I edited a file in the GUI, the Makefile would ask the GUI to export as PDF for pdflatex to consume) and a load of other things. I think automation is supposed to do the same thing on iOS but I’ve never used it.

                                                                                                                    One of the things I really like about macOS is that features like this are integrated with the UNIX underpinnings. Just as you can use pbpaste / pbcopy to get rich interaction with the pasteboard, you can use osascript to invoke AppleScript scripts from shell scripts (you can run commands from AppleScript as well, or you can tell Terminal.app to do things). This lets you do things like write a shell script that grabs something from the pasteboard, filters it through some command-line applications, puts it back on the pasteboard in the new format, then tells a GUI application to do something with it.

                                                                                                                    The biggest problem with the AppleScript model was the lack of atomicity. This was fine on classic MacOS, where you had cooperative multitasking and so the app that you’re controlling would run a script command, yield, and transfer control back to the command interpreter. It’s not great on a multicore system with a kernel that does preemptive multitasking because state can change out from under you. For example, a load of the Mail.app scripting things are really dangerous because you query the mailbox state and then do something with it, but the mailbox state can be changed in between and there’s no way of building any kind of transaction.

                                                                                                                  1. 6

                                                                                                                    Heidi is the only person I have seen explain Paxos in such a way that I actually understood it. For at least 30 minutes after she stopped talking.

                                                                                                                    1. 3

                                                                                                                      The patent bit is particularly interesting. When we started CHERI, we used MIPS III as the base ISA because it was 20 years old and so there existed at least one possible implementation that didn’t trample anyone’s patents. I have no idea if we did infringe any patents (our branch predictor was more clever than 1992 MIPS cores and our TLB was optimised for FPGA, so it’s possible that we did) but no one cared because we were a research project producing a prototype softcore.

                                                                                                                      Intel and AMD have a massive patent portfolio. Arm maintains one for the partnership that every partner has access to for Arm cores. The odds of building a high-performance implementation of a CPU without accidentally infringing at least one patent is incredibly low. While RISC-V is fairly niche and while it is mostly deployed in simple core designs, it’s safe, but as soon as it starts to cut into business for the big players then expect the lawsuits to start.

                                                                                                                      The nice thing about hardware, from the perspective of a patent troll, is that anyone who can bring a competitive chip to market needs a budget of at least $20m, so they’re high-value targets compared to most open source software projects.

                                                                                                                      1. 19

                                                                                                                        This is not just about transgender folks (though they’re the ones most likely to suffer abuse if you don’t do it right). A lot of folks in the US use their middle name in preference to their first name. A system that allows your display name to be configured lets them use their middle name in preference. This is something that Active Directory / Exchange / Teams actually do very well. I have several colleagues who set the display name to match what they actually use in face-to-face interactions. The only folks who see their legal name are folks who need access to HR systems.

                                                                                                                        1. 12

                                                                                                                          My dad only learned his mother’s legal first name when he was in his 30s. There is no necessary relationship between legal name, billing name, and display name. Legal name is for interactions with the government, and if someone is going to verify your identity by looking at your driver’s license or something. Most applications, unless they’re doing identity verification themselves, shouldn’t care about legal names at all; that’s for the government. Billing name could be a totally different person, because someone else might be paying for your service. Display name could be as you say a middle name, or a nickname, or a shortening of the first name, or a name of a different gender because changing one’s legal name is difficult or impossible, or the name could be different because the person is from India and they don’t all have the same first/last-distinction that we do so their legal name gets jumbled.

                                                                                                                          Legal name, billing name, and display name, all need to be changeable, because they all really do change. It’s not even much of an edge case.

                                                                                                                        1. 2

                                                                                                                          Spending the weekend seething at Apple and UPS for lying (both outright and by omission) for the last 4 days about the delivery date of my new Air, and then out of nowhere updating it to be AFTER the weekend. Not that I even trust that date anymore…

                                                                                                                          Other than that, $WORK is “continue leaving Mongo” and $HOME is “finding a game or housework that can distract me from my anger”

                                                                                                                          1. 1

                                                                                                                            Your anger seems to stem from entitlement. Sure, the ‘social contract’ say you may be entitled to certain ToS but your mental health knows better. The problem with humility is that it is seen as weakness by exploiters and so many of our interactions are with exploitative entities. Finding people who don’t take advantage of me even though I let them has been a really high signal criteria for me but don’t take this as me giving you advice, I’m not qualified…

                                                                                                                            1. 1

                                                                                                                              Spending the weekend seething at Apple and UPS for lying (both outright and by omission) for the last 4 days

                                                                                                                              It could be worse. When I sent my first Mac (a PowerBook) in for repair, they sent a box and someone from a courier company to fetch it. I waited and a week later I called them and asked when I’d expect it back. They told me it had shipped and I’d get it soon. I waited again and they told me the same thing. After a month of this (and £20 of phone calls, because back then their support line was a non-geographic number with call charges), they finally admitted that they had no record of the machine ever making it into their repair centre’s pipeline. It had been signed for with the courier and then disappeared.

                                                                                                                              I was very glad I’d used CarbonCopyCloner to back up the data and then wiped the disk. They didn’t do anything to actually fix the problem until I contacted their press-enquiries email with a draft article that I’d written about their awful experience (being a journalist was useful for once). They then sent me out a loan unit that the press office had and eventually replaced the machine (with a newer model).

                                                                                                                              Their support story got a lot better over the next few years but I understood then why Apple had no presence in the corporate world.

                                                                                                                            1. 2

                                                                                                                              Not if you’re willing to make other compromises. If you restrict pointer arithmetic, pointer aliasing, etc. you can make a fast language with no undefined behavior. You just won’t be able to write operating systems or such with it.

                                                                                                                              1. 4

                                                                                                                                A talk I was at last week cited a paper that showed that optimisations that depend on UB give ‘only’ an average 1.7% (I think - definitely in the 1-2% range) speedup. The speaker seemed to think that this meant that they weren’t necessary, but these days a 1% speedup on average is a huge win. That usually translates to a 10% speedup on a single important workload. Even if it didn’t, if I committed something to LLVM that gave a 1% speedup on average than I’d be confident that I was carbon negative for my entire life. Reducing CPU usage by 1% across a cloud deployment is millions of dollars.

                                                                                                                                UB exists because some things can’t easily be statically proven. It is UB to access an object after it has been deallocated. This means that the compiler doesn’t need to insert dynamic checks to ensure that there is deterministic behaviour if a deallocated object is referenced on any code path where it can’t see the complete lifetime of the object. Even in Rust, you can violate lifetime safety in unsafe blocks, but if you do then it’s UB.

                                                                                                                                UB is useful at multiple levels. If your language is being used to build the abstract machine guarantees for higher-level languages (as C/C++ are for most safe languages) then it is used for the programmer to assert that a condition won’t occur without requiring the low-level implementation to check it. It’s also useful in mid-level IRs, for the front end to assert to the optimisers that certain things aren’t possible (either because you’re coming from a language like C where it’s nasal demon territory, or because your source-language type system prevents them).

                                                                                                                                The thing that most objections to UB miss is that there isn’t a single bit in the compiler saying ‘aha, you’ve invoked UB, we will be evil now!’. There are a set of analyses that make claims about whether things may happen in code and a set of transforms that take advantage of these claims. UB increases the space of things that the analyses are allowed to claim (or makes the reasoning more local, which makes it tractable).

                                                                                                                                1. 2

                                                                                                                                  Do you have references for the talk or the paper? Part of the tricky nature of UB is that its performance effects are hard as heck to measure. Partially ’cause performance is hard to measure in the first place, partially because “increasing the space of things that analyses are allowed to claim” is a hard feature to turn on and off in a compiler.

                                                                                                                                  Edit: It just occurred to me that at a large-institution level, a bug or vulnerability can also cost millions of dollars, to say nothing about the costs of developer time, tooling, QA, etc. It’s a tough balance. :/

                                                                                                                                  1. 2

                                                                                                                                    Reducing CPU usage by 1% across a cloud deployment is millions of dollars.

                                                                                                                                    I liked the way Patrick Walton stated this:

                                                                                                                                    The problem with all the articles that talk about the effects of undefined behavior optimizations in C/C++ compilers is that they never acknowledge what is by far the most important issue: economics. C/C++ compiler devs are disproportionately employed by the largest companies where a 1% win in performance translates to massive amounts of money saved. Their job is to eke out those tiny wins. Any article that does not acknowledge this economic reality is irrelevant.

                                                                                                                                    So true.

                                                                                                                                  2. 2

                                                                                                                                    I don’t know about that. Ada’s selling point is that it has very little undefined behavior and you can write operating systems with it.

                                                                                                                                    1. 1

                                                                                                                                      It does sound nice, I’ll be looking into it more someday. Rust similarly has less UB than C does. Can Ada be optimized as well as C and such? I actually don’t know; I’m sure it comes close, but as the sibling post points out, 1% difference is a big deal to some people.

                                                                                                                                      1. 1

                                                                                                                                        Can Ada be optimized as well as C and such?

                                                                                                                                        Yes, there’s this story about one of the first maintainers/contributor to GNAT (the Ada compiler based on GCC) maintaining a collection of C and Ada programs that compiled down to the exact same object file. There are some cases where Ada can even do better, since it allows specifying e.g. pointers that can’t be null, which is an assumption that C compilers sometimes aren’t allowed to make, hindering optimizations.

                                                                                                                                        Usually the reason Ada has bad results in online benchmarks (like, e.g. https://youtu.be/pv4Yq35Chx0 ) is that the Ada program is not using the same algorithm as the C/C++/Rust one and/or that the optimizations used aren’t the same.

                                                                                                                                        I’ll admit that Ada is at a disadvantage when compared to C++ though. C++ has benefited from a lot of investment from a lot of companies and the major implementations of its runtime are state of the art when it comes to performances. Ada implementations do not have nearly the same amount of resources behind them, but that’s a separate question from whether the semantics of the language allow writing fast programs.

                                                                                                                                  1. 2

                                                                                                                                    I am a bit out of the loop, does this mean that GDC has finally become part of GCC? If so, congrats to Iain Buclaw who has been working on this since years and years! Glad it has finally paid off.

                                                                                                                                    I was quite impressed with D when I read the D book but I fear that now with Rust it is too late for broad adoption since they seem to serve similar niches.

                                                                                                                                    1. 3

                                                                                                                                      Does this mean that GDC has finally become part of GCC?

                                                                                                                                      Yes, support for the D programming language has been added to GCC, and got released with GCC 9 in 2019.

                                                                                                                                      1. 1

                                                                                                                                        I looked at D almost 20 years ago but the fact that the only reliable compiler was the Digital Mars D compiler and it had limited platform support put me off. Now, D has GCC and LLVM front ends that are actively maintained (is the Digital Mars implementation still going?). Rust still has a single implementation (though others are in progress), so D has some advantages here.

                                                                                                                                        Looking at the Wikipedia page, I think the biggest problem with D is that it is now quite a dated language. It solves problems that I had with C++98 and is very much an object-oriented language. Languages like Rust and modern C++ are very much compromises picking the bits of object orientation, functional programming, and generic metaprogramming that work and letting you adapt them for the problem at hand.

                                                                                                                                        1. 2

                                                                                                                                          There are 2 capabilities that, in my view showed, that D can advance with time:

                                                                                                                                          a ) Sub-setting the language to have narrower capabilities, in exchange for wider cross-language integration/interfacing opportunities:

                                                                                                                                          https://dlang.org/spec/betterc.html

                                                                                                                                          b ) Compile time programming: eg

                                                                                                                                          https://wiki.dlang.org/User:Quickfur/Compile-time_vs._compile-time

                                                                                                                                          Certainly, plugging gaps in C++ as a product-roadmap, hindered language formalisms and its runtime. But having the language now to be part of GCC, while still maintaining separate backends – is a big deal, and perhaps could put D closer to the top of the list for some larger projects.

                                                                                                                                          I also think specifically full-featured compile-time programming, could be a way to integrate a language with a new breed of formal verification tools (although this is just a thought at this point).

                                                                                                                                          1. 1

                                                                                                                                            very much compromises picking the bits of object orientation, functional programming, and generic metaprogramming that work and letting you adapt them for the problem at hand

                                                                                                                                            Honestly that describes D too. In any case, I wouldn’t say that D is “very much” an OO language. It has OO (Java 5 style) in the language, true, but you don’t have to use it if it doesn’t solve your problem.

                                                                                                                                            I mean, for example D had ranges before they were cool :)

                                                                                                                                        1. 28

                                                                                                                                          As far as I can tell the only apps you’re allowed to put in the app store are ones that should have just been a web page.

                                                                                                                                          1. 16

                                                                                                                                            I have:

                                                                                                                                            • Logic Pro (DAW)
                                                                                                                                            • Affinity Photo (photo editor)
                                                                                                                                            • Affinity Designer (vector editor)
                                                                                                                                            • AdGuard for Safari (advert blocking plugin)
                                                                                                                                            • Duck Duck Go Privacy Essentials (privacy plugin for Safari)
                                                                                                                                            • SomaFM Radio player
                                                                                                                                            • All the Microsoft Office apps

                                                                                                                                            Plus lots more that could have web versions (and some do) … but the native apps are proper native apps.

                                                                                                                                            1. 2

                                                                                                                                              Along with some of the above, I have:

                                                                                                                                              • WiFi Explorer (wifi scanner)
                                                                                                                                              • DaisyDisk (disk space visualiser)
                                                                                                                                              • Kaleidoscope (diff tool)
                                                                                                                                              • BBEdit (text editor)
                                                                                                                                              1. 2

                                                                                                                                                I don’t have any of those. But I have Clocker. It’s just a menu-bar widget but I manage a distributed team and it’s really useful!

                                                                                                                                                BTW, what do you think of DaisyDisk? Was thinking about getting it recently, but then I found that About this Mac -> Storage -> Manage -> Reduce Clutter did what I needed.

                                                                                                                                                1. 2

                                                                                                                                                  I have bought DaisyDisk a few years ago, frustrated by the average state of Diskinventory X http://www.derlien.com/. I still use from time to time to find where I’m wasting large chunks of disk. The overall UX is pretty cool.

                                                                                                                                                  I never really used Reduce Clutter. My main disk usage is often multiple large Git repositories with their binaries.

                                                                                                                                              2. 1

                                                                                                                                                Further complicating this, the leading competitor to Office is just a web app. There are fewer competitors to editing audio and photos that are web apps, but it can be done.

                                                                                                                                              3. 4

                                                                                                                                                I don’t think that’s a fair assessment. The App Store requires your apps to be sandboxed but the set of entitlements that you can request is pretty large. As long as you’re using the right APIs, you can have full filesystem access, access to peripherals, and so on.

                                                                                                                                                The biggest obstacle I see is that Apple takes 30% of the sale price for App Store apps. This buys you two things:

                                                                                                                                                • Apple handles distribution and taking money.
                                                                                                                                                • It’s easy to find the app by searching the store.

                                                                                                                                                I don’t think most Mac users search the store first (I never do, at least), so the the second option is of far less value than on iOS (where the App Store is the only place to install things and so also the first place to look for things to install). If your app is already popular then there’s no marketing advantage to the App Store. If you already have a distribution channel, it probably costs a lot less than 30%.

                                                                                                                                              1. 3

                                                                                                                                                I have loads of vacation time left, so this Wednesday is my last day of work for the year. Coincidentally, it is also the day that the first instalment of the single-player campaign for Halo Infinite is suppose to come out, so I have a pretty good idea of what I’m going to be doing as soon as I finish work.

                                                                                                                                                1. 16

                                                                                                                                                  I think you’ve listed all of the caveats. You might not be aware of the degree though:

                                                                                                                                                  • Rack-mounted servers are heavier than they look. I’m always surprised when I pick one up.
                                                                                                                                                  • They are super noisy. Typically the fans in desktops are connected to temperature sensors and slow down when not in use. Rack-mounted systems usually run at full speed all of the time because replacing a machine in a server room due to thermal failure is more expensive than the power draw for the fans (and because consistent airflow in a server room is often important to cooling everything else). Their cooling is also often designed for an air conditioned room so may not work well if the input air temperature is too high.
                                                                                                                                                  • Rack-mounted servers are increasingly designed to run at full power all of the time (as one Google engineer put it: if you have idle servers, you’ve bought too many servers. Power management should be a thing datacenters do, not a thing nodes do), so their power consumption may be higher than an equivalent desktop-case system.

                                                                                                                                                  Of course, this can all be offset by the fact that rack-mounted hardware is intrinsically fun.

                                                                                                                                                  The server that you link to looks pretty reasonably priced. If you want to play with multi-socket NUMA things, it’s probably a good system. Multi-socket has a lot of problems that single-socket doesn’t. That said, it’s pretty slow. It’s a 2010 CPU and a fairly low clock frequency.

                                                                                                                                                  The other caveat if you want to play wth new technology is that the server CPUs typically get ISA extensions last. This is especially important when you’re looking at something old. For example, the CPU in that has only SSE 4.2, no AVX. Definitely no SGX, no MPK, and so on.

                                                                                                                                                  A low-power core like the J5040 comes with SGX and MPX (which is an incredibly stupid design and is gone in newer cores, but is fun to play with) and can support 64 GiB of RAM if you buy the right modules (this is what I bought when I upgraded my NAS). It’s slower, but it’s modern hardware and might be more fun for playing with new technology. Not sure if it would be fast enough to run a gaming server

                                                                                                                                                  Oh, and server systems typically don’t come with GPUs, and even a slow GPU with a modern feature set is a fun topic.

                                                                                                                                                  1. 2

                                                                                                                                                    Typically the fans in desktops are connected to temperature sensors and slow down when not in use. Rack-mounted systems usually run at full speed all of the time because replacing a machine in a server room due to thermal failure is more expensive than the power draw for the fans (and because consistent airflow in a server room is often important to cooling everything else).

                                                                                                                                                    I have never encountered a server for which that was the case – every one I’ve dealt with has had temperature-based fan control in some form or another (once the BMC’s booted enough to provide that service anyway, though they’ll typically be at full speed when you first power on the machine). They often have BMC configuration options available to run the fans at 100% full time if you decide that’s what you want, but I’ve never seen one that didn’t have variable fan speed available (and enabled as the factory default). Also, that power consumption is decidedly non-trivial – maxed out fans in a 1U system can easily draw well over 100W; most data center operators probably don’t want another whole heavily-loaded CPU’s worth of power getting sucked down by every server if it’s not actually needed.

                                                                                                                                                    1. 4

                                                                                                                                                      Prior to around 2010-2012ish, all Dell’s rackmount servers ran the fans at full speed permanently. I distinctly remember R410 series being unusually not-horrible because they were the first ones that were quiet when I had them on my desk setting the OS up prior to taking them to the colo.

                                                                                                                                                      1. 2

                                                                                                                                                        It depends on the scale of things, I guess? I do know of some big operators that configure pretty much everything that has fans in it to run them at full speed, all the time, too. They figured, as david_chisnall mentioned, that the extra airflow headaches, motor wear and tear (though I’m not fully convinced about this one), the additional response time (takes a little time between when the fans kick off and when the temperature re-stabilizes) and so on are really not worth the money you save on 0.1 KW on a unit that easily draws 2.5-4 KW. Maybe, for reasons of economy of scale, they can get servers without the sensors, too.