Threads for flyingfisch

  1. 20

    It’d be nice to have some actual background on hashing in here instead of just broad generalizations and links to various hash functions. Examples:

    • There’s no mention of cyclic redundancy checks and why they are not valid as crypto functions (a mistake some programmers have made).
    • There’s no mention of avalanche effects, which is a good way of seeing how “random” a digest scheme is (with some implications for how well the output can be predicted/controlled by an attacker).
    • The mentioned attack on JSON hash tables in PHP (if you dig into it) would’ve been a great place to talk about trivial hashes (e.g., f(x) =0 or f(x)=x) and why they cause problems even in non-hostile environments, but that would’ve required more of an introduction to how hashing works…)
    • Lots of usage of jargon like “non-invertible”, “collision-resistance”, “preimage attack resistance”, etc. which is probably inaccessible if your audience is programmers who “don’t understand hash functions”.
    • There’s not really an explanation about the differences/similarities of crypto-strong hash functions, password hash functions, and key derivation functions, other than a mention that there is some relation but which isn’t elaborated on at all.
    • There’s not really any useful information at all about perceptual hashing vs other forms of multimedia digest approaches–there’s just some Apple hate.
    • etc.

    Programmers might not understand hash functions, but infosec furries may also not understand pedagogy.

    (also, can you please cool it with the inflammatory article headlines?)

    1. 24

      Programmers might not understand hash functions, but infosec furries may also not understand pedagogy.

      Please don’t pick a fight. It seems more angry than friendly.

      1. 22

        Honestly I think it’s a valid concern. One of the biggest problems with the computer security world, as stated repeatedly by leading experts in the field, is communication and teaching.

        1. 23

          A valid concern would be “infosec experts may not understand pedagogy” but why call out “infosec furries” specifically? Unless we should be concerned about infosec furries in particular vs other infosec experts?

          Are these acceptable?

          • but infosec gays may also not understand pedagogy
          • but infosec women may also not understand pedagogy
          • but infosec people of color may also not understand pedagogy

          No. So why furries? People need to get over it and quit furry bashing. This isn’t acceptable behavior on Lobste.rs, and I’m tired of it.

          1. 3

            See elsewhere for the explanation; furry bashing doesn’t enter into it, though I see why you might have read it that way. Furries are internet denizens like the rest of us, with all that entails.

            1. 12

              I agree with you that it’s a bad title.

              I also think that you wouldn’t have reacted nearly this strongly to the title if it wasn’t a furry blog.

              1. 11

                I read your other comments. But you said what you said, and that undermines all your pontificating about the harm of “insulting/demeaning a group” and “the sort of microaggression/toxicity that everybody talks so much about.” Take your own advice.

              2. 2

                “Furry” is a kink, not an identity or protected class. And normally you have to get people’s consent before you bring them into your kink.

                1. 7

                  I don’t see any sexual imagery in this blog post.

                  1. 2

                    The OP’s site has some pretty well reasoned and presented articles on precisely why “furry” cannot reasonably be summarized as “a kink”.

                    And, no, you do not “normally” have to get someone’s consent to introduce them to the idea of your kink, unless said introduction involves you engaging them in the practice of your kink.

                  2. 1

                    Sorry, I didn’t realize the “furry” part was what you were opposed to. It sounded like you were upset with the implication that the infosec world is bad at teaching.

              3. 6

                Programmers might not understand hash functions, but infosec furries may also not understand pedagogy.

                (also, can you please cool it with the inflammatory article headlines?)

                https://www.youtube.com/watch?v=S2xHZPH5Sng

                1. 10

                  One of the things he talks about there is testing the hypothesis and seeing which title actually worked. I only clicked this link because I recognized your domain name and knew you had written interesting articles in the past and might legitimately explain something I didn’t know. If not for that, I probably would have bypassed it since the title alone was not interesting at all.

                  1. 9

                    Even so, it is still possible to write clickbait titles that aren’t predicated on insulting/demeaning a group.

                    • “Hash functions: hard or just misunderstood?”
                    • “Things I wish more programmers knew about hashes”
                    • “Programmer hashes are not infosec hashes”
                    • “Are you hashing wrong? It’s more common than you might think”
                    • “uwu whats this notices ur hash function

                    How would you feel if I wrote “Gay furries don’t understand blog posting”? Even if I raise good points, and even if more people would click on it (out of outrage, presumably), it would still probably annoy a gay furry who wrote blogs and they’d go in with their hackles raised.

                    1. 8

                      The important difference between what I wrote and your hypothetical is the difference between punching up and punching down.

                      My original title was along the same lines as “Falsehoods Programmers Believe About _____” but I’ve grown a distaste for the cliche.

                      1. 7

                        The difference between “Programmers don’t understand hash functions” and “Gay furries don’t understand blog posting” is quite obvious to me and I definitely don’t want to engage in whatever Internet flame is going on here. Especially since, uh, I have a preeetty good idea about what the problem here is, and I tend to think it’s about gay furries, not article titles, which is definitely not a problem that I have. (This should probably be obvious but since I’m posting in this particular thread, I wanted to make sure :P).

                        But I also think this title really is needlessly nasty, independent of how it might be titled if it were about other audiences. It’s a bad generalisation – there are, in fact, plenty of programmers who understand hash functions – and it’s not exactly encouraging to those programmers who want to get into security, or who think their understanding of these matters is insufficient.

                        I am (or was?) one of them – this was an interest of mine many, many years ago, at a time when I was way too young to understand the advanced math. My career took me elsewhere, and not always where I wanted to go, and I tried to keep an eye on these things in the hope that maybe one day it’ll take me there. Needless to say, there’s only so much you can learn about these topics by spending a couple of evenings once in a blue moon studying them, so I never really got to be any good at it. So I think the explanation is amazing, but it would definitely benefit from not reminding me of my inadequacy.

                        And I’m in a happy boat, actually, this is only an interest of mine – but there are plenty of people who have to do it as part of their jobs, are not provided with adequate training of any kind, have no time to figure it out on their own, and regularly get yelled at when they get it wrong.

                        Now, I realise the title is tongue-in-cheek to some degree, the playful furries and the clever humour scattered throughout the post sort of gives it away. If you think about it for a moment it’s pretty clear that this is meant to grab attention, not remind people how much they suck. But it’s worth remembering that, in an age where web syndication is taken for granted to the point where it sounds like a Middle English term, this context isn’t carried everywhere. Case in point, this lobste.rs page includes only the title. Some people might react to it by clicking because you grabbed their attention, but others might just say yeah, thanks for reminding me, I’ll go cry in a corner.

                        Even if I didn’t realise it was tongue-in-cheek, it probably wouldn’t bother me, partly because I understand how writing “competitively” works (ironically, from around the same time), partly because I’ve developed a thick skin, and partly because, honestly, I’ve kindda given up on it, so I don’t care about it as much as I once did. But I can see why others would not feel the same way at all. You shouldn’t count on your audience having a thick skin or being old enough to have given up on most of their dreams anyway.

                        I know this is a real struggle because that’s just how blogs and blogging work today. You have to compete for attention to some degree, and this is particularly important when a large part of the technical audience is “confined” to places like HN and lobste.rs, where you have to grab attention through the title because there’s nothing else to grab attention through. But maybe you can find a kinder way to grab it, I dunno, maybe a clever pun? That never hurt anyone. These radical, blunt (supposedly “bluntly honest” but that’s just wishful thinking) headlines are all the rage in “big” Internet media because, just like Internet trolls, they thrive on controversy, us vs. them and a feeling of smugness, but is that really the kind of thing you want to borrow?

                        (Edit: just to make sure I get the other part of my message across, because I think it’s even more important: title aside, which could be nicer, the article was super bloody amazing: the explanation’s great, and I like the additional pointers, and the humour, and yes, the drawings! Please don’t take any of all that stuff above as a criticism of some sort: I wanted to present a different viewpoint from which the title might read differently than you intended, not that the article is bad. It’s not!)

                        1. 15

                          How do you know that you’re punching up?

                          What if the person encountering your blog is a programmer from an underrepresented background, just barely overcoming imposter syndrome, and now here’s this scary suggestion that they don’t understand hash functions? What if they actually made one of the mistakes in the article, and feel like they’re a complete fraud, and should leave the industry? This is the sort of microaggression/toxicity that everybody talks so much about, if I’m not mistaken.

                          The point is: you don’t know. You can’t know.

                          So, err on the side of not adding more negative shit to the world accidentally in the name of pageviews–especially when there are many, many other more positive options in easy reach.

                          EDIT:

                          I wouldn’t care if it weren’t for the fact that you’re a smart dude and clearly passionate about your work and that you have good knowledge to share, and that it pains me to see somebody making mistakes I’ve made in the past.

                          1. 8

                            I wouldn’t care if it weren’t for the fact that you’re a smart dude and clearly passionate about your work

                            I’m neither of those things :P

                            and that you have good knowledge to share, and that it pains me to see somebody making mistakes I’ve made in the past.

                            I appreciate your compassion on this subject. It’s definitely new territory for me (since forever I’ve been in the “boring headline out of clickbait adversion” territory).

                            1. 9

                              Do you actually not see a difference between saying a slightly negative thing about people of a certain profession and how they engage in that profession, and an ad-hominem using sexual orientation? What a weird and bad analogy?

                              I’m trying to assume good intent here but all your comments make it sound like you’re annoyed at the furry pics and awkwardly trying to use cancel culture to lash out the author.

                              1. 7

                                Neither the label of programmers (with which I identify) nor of gay furries (with which the author identifies, according to their writing) is being misapplied. I’m sorry you feel that a plain statement of fact is somehow derogatory–there is nothing wrong with being a proud programmer or a proud gay furry.

                                My point in giving that example was to critique the used construction of “ is ”. I picked that label because the author identified with it, and I picked the “bad at blogging” because it’s pretty obviously incorrect in its bluntness. If I had picked “lobsters” or “internet randos” the conjured association for the person I was in discussion with may not have had the same impact it that “programmers” had on me, so I went with what seemed reasonable.

                                1. 4

                                  What do you gain by emphasizing soatok’s sexual identity, other than this morass of objections?

                                2. 5

                                  I’m trying to assume good intent here

                                  that’s exactly what friendlysock is hoping for

                                  1. 5

                                    you’re right but it’s best not to feed them

                                  2. 8

                                    What if the person encountering your blog is a programmer from an underrepresented background, just barely overcoming imposter syndrome, and now here’s this scary suggestion that they don’t understand hash functions?

                                    Or they may read this and think ‘I’m glad it’s not just me!’. As a programmer who probably has a better than average understanding of hash functions, I don’t feel demeaned by this generalisation, if I were worried about my level of understanding I’d feel comforted by the idea that I wasn’t in a minority in my lack of understanding.

                                    What if they actually made one of the mistakes in the article, and feel like they’re a complete fraud, and should leave the industry?

                                    Or they may feel better that this mistake is so common that someone writes about it on a list of mistakes programmers make.

                                    1. 1

                                      What if the person encountering your blog is a programmer from an underrepresented background….

                                      While I said you’re picking a fight (and would add: “look at the thread, it’s a fight”), I see what you’re saying in this paragraph. I also value non-judgmental explanations.

                                  3. 6

                                    My problem with the title isn’t that it’s insulting, but that it’s inaccurate. Clearly some programmers do understand hash functions, even if other programmers do not. If nothing else, @soatok, a programmer, presumably understands hash functions, or why else would he write a blog post purporting to explain the right way to use them?

                                    Programmers don’t understand hash functions, and I can demonstrate this to most of the people that will read this with a single observation:

                                    When you saw the words “hash function” in the title, you might have assumed this was going to be a blog post about password storage.

                                    Specifically is wrong, at least about me, and almost certainly among other programmers as well. I don’t claim to have deep knowledge about cryptography, and I do expect that there’s probably something I could learn from this blog post, which I will read more carefully when I have a chance. But I am aware that the computer science concept of hash functions is useful for a variety of programming problems, and not just storing password-related data.

                              1. 10

                                I’m not a huge fan of IDEs but this article is mostly nonsense.

                                This in particular I take exception to:

                                Less Code, Better Readability

                                Not having Autocomplete / Code Generation guides you naturally to writing more compact and idiomatic Code in the Language of your Choice. It helps you to learn language-specific features and syntactic sugar. Consider

                                System.out.println(“hello”);

                                printf(“hello”);

                                You see that in C, where using an IDE is uncommon, the languge/libraries/frameworks naturally becomes more easily readable and writable.

                                I see this as a win for IDEs especially in large projects because the cost of avoiding useless abbreviations is minimal.

                                ShoeApi.GetPriceAndFeatures();
                                

                                is way more readable and explicit than

                                Api.GetPrcFeat();
                                

                                Maybe not the most realistic example but you get what I’m saying and we’ve all seen code like the latter and had no clue what it does without drilling into the method.

                                Also since when does having autocomplete equal full-blown IDE?

                                1. 4

                                  The reason the C library and Unix functions have such short names is, in part, because the original C linker only looked at the first 8 characters of symbol names.

                                  (Likewise, I seem to recall that the original Unix filesystem only allowed 8-character filenames, forcing shell commands to be terse. I may be wrong on this; but most filesystems of that era had really limited names, some only 6 characters, which is why the classic Adventure game was also called ADVENT.)

                                  1. 3

                                    I think you might be conflating Unix with MS-DOS. The early Unix file systems allowed 14 character names, while MS-DOS limited filenames of 8 (well, 8 characters for the name, plus 3 for the extension).

                                    1. 8

                                      I guess Ken could have spelt creat with an e after all.

                                    2. 3

                                      The reason the C library and Unix functions have such short names is, in part, because the original C linker only looked at the first 8 characters of symbol names.

                                      This was actually part of the first C standard, and it was limited to “6 significant initial characters in an external identifier”. (Look for “2.2.4.1 Translation limits” here.)

                                      This was almost certainly due to limitations from FORTRAN and PDP-11. PDP-11 assembly language only considered the first 6 characters. (See section 3.2.2, point 3.) FORTRAN (in)famously only used 6 characters to distinguish names. If you wanted interoperability with those systems, which were still dominate in the 80s, then writing everything to fit in 6 characters made sense.

                                    3. 3
                                      ShoeApi.GetPriceAndFeatures();
                                      

                                      is way more readable and explicit than

                                      Api.GetPrcFeat();
                                      

                                      I see a few independent criteria these comparisons:

                                      1. The inclusion of the namespace (System. / ShoeApi. / Api vs… not)
                                      2. Low vs. high context names (ShoeApi vs. Api)
                                      3. Abbreviated names GetPriceAndFeatures vs GetPrcFeat

                                      I prefer to elide the namespace if it appears more than a couple times. (X; Y; Z; over HighContextName.X; HighContextName.Y; HighContextName.Z;)

                                      I prefer high context names, especially when there’s already a namespace. (service.Shoes.Api over service.Shoes.ShoeApi)

                                      I prefer to not abbreviate. (GetPriceAndFeatures over GetPrcFeat … though both aren’t great.)

                                      Best (if I must use a Java-like): Api.Fields(Price, Features).Get()

                                    1. 6

                                      Why compare with 3G? I can only assume that is due to availability in developing nations. When I search for ‘1996 worldwide internet coverage’ the very first link for me claims that at that time only 20 million Americans had internet access. So it seems that if we’re intent on using 3G as a comparison, then to be fair we should compare that with the probable equivalent in 1996 – no internet access at all.

                                      Look, I hate modern web bloat too, but this is cherry picking.

                                      1. 1

                                        100% agree. I don’t disagree with the general sentiment of the article, but the example is extremely contrived.

                                        1. 1

                                          Not only that, but this movie is presumably mostly targeted at people with money, not people without.

                                        1. 15

                                          Haskell is awesome, but like most languages there is cruft and legacy to be avoided. Haskell has a standard library known as base which unfortunately has a fair amount of unsafe or unperformant functions included. As such I went with an alternative standard library relude that builds on and improves base. On top of this, there are many core libraries that are not part of the standard library I wanted to use and have nice patterns around.

                                          Maybe I’m spoiled working in the .NET ecosystem, but large amounts of the standard library being unusable shouldn’t be considered par for the course when working with a language. This reminds me of PHP.

                                          Parsing Libraries […] Why is this nice in Haskell? The ‘monad’ abstraction is excellent for dealing with code with a lot of failure conditions (ie. parsing) and avoids ‘pyramid of doom’ type code. Haskell worked out really well in this key area.

                                          The author doesn’t really explain how monads help with parsing, but I’ve written parsing logic in C# that didn’t result in a “pyramid of doom”. I don’t think the pyramid of doom is a language issue, but an architecture issue.

                                          Compile Times.. Were Fine

                                          I thought I’d call this out as it is a common complaint I see around Haskell. […] Compile dependencies from scratch Time: 17m44s

                                          A 17 minute compile time is considered fine? Even the 1 minute development build time seems slow for such a small project.

                                          Between the compile time, the library issues, and the issues with the official standard library, I don’t understand how the author can claim that Haskell and it’s ecosystem is production-ready. Production-ready isn’t a term that means someone, somewhere, has used it in production. Also it’s important to understand that not only the language and runtime need to be ready for production use, but also the ecosystem. Without all three being stable, other languages become the wiser and more logical choice.

                                          I like Haskell. I’ve built several hobby projects in it. I think it’s a great language to learn to extend your development skills and think about problems in different ways. But never would I consider pushing it to be used in most production applications as it stands right now. For most companies, using it right now would be a mistake.

                                          Five years ago, when I first started working in it, I had hoped the language and ecosystem would mature to a point where it could be recommended for most serious projects, but seeing the lack of progress since then I’ve since set my sights on other functional languages like F#.

                                          1. 12

                                            Maybe I’m spoiled working in the .NET ecosystem, but large amounts of the standard library being unusable shouldn’t be considered par for the course when working with a language.

                                            The .NET standard library also has the same kind of unsafe and unperformant functions the author is talking about, the type of runtime safety he’s talking about just isn’t really a focus when working with .NET. He’s referring to functions like head which throw an exception if passed an empty list instead of returning a Maybe a, and I think we can agree that there are plenty of .NET functions that throw exceptions on invalid input.

                                            The author doesn’t really explain how monads help with parsing, but I’ve written parsing logic in C# that didn’t result in a “pyramid of doom”. I don’t think the pyramid of doom is a language issue, but an architecture issue.

                                            I agree that the author greatly exaggerated how parsing code in non-functional languages usually turns out, but if you haven’t written a parser in Haskell or using something like FParsec in F#, it really is worth it to see how nice a more functional parser library is to work with. Definitely one of the places Haskell shines.

                                            A 17 minute compile time is considered fine? Even the 1 minute development build time seems slow for such a small project.

                                            Agreed, Haskell build times are bad. Hopefully they’ll get there someday.

                                            1. 3

                                              The .NET standard library also has the same kind of unsafe and unperformant functions the author is talking about, the type of runtime safety he’s talking about just isn’t really a focus when working with .NET. He’s referring to functions like head which throw an exception if passed an empty list instead of returning a Maybe a, and I think we can agree that there are plenty of .NET functions that throw exceptions on invalid input.

                                              Right, but even the community explicitly mentions not using base in Haskell. With .NET that is not the case. It’s an important distinction; the community expects the .NET stdlib to be “first class” in .NET development, the Haskell community does not have the same expectation with base.

                                              1. 4

                                                Right, but even the community explicitly mentions not using base in Haskell.

                                                Maybe? Basically all Haskell code is still written targeting base. People have feelings about things like head and maximum and foldl, but in practise it’s at most a “maybe avoid those” tip from people with those feelings.

                                                1. 3

                                                  Right but that adds a barrier to entry for new folks. There are good reasons not to use Prelude (and OP’s article brings up some of these good reasons imo), but if I were a new programmer learning Haskell, it would be get another thing I need to learn and understand. Why should I use an alternate Prelude? When? Which Prelude is better than others? Haskell has long prioritized progress and innovation over production stability which I think is a very reasonable for a language like Haskell but isn’t always the best fit for being productive.

                                                  Edit: FWIW I think developing in Haskell is great (oh and thanks so much for working on JMP @singpolyma!). I’m just trying to say I’d love to see these barbs in the ecosystem fixed a bit. Good on the Haskell Foundation for pushing this forward, and I’d love to see more production-oriented advice (and reports, like the OPs) with Haskell.

                                            2. 5

                                              The author doesn’t really explain how monads help with parsing,

                                              That’s true,

                                              but I’ve written parsing logic in C# that didn’t result in a “pyramid of doom”

                                              But it’s worth reading up on the monadic parsing approach before declaring an opinion on the matter. The search term you want is “parser combinators”. It really is a fantastic approach.

                                              1. 2

                                                For what it’s worth I wasn’t really declaring an opinion, I was just saying that if they only thing you’re attempting to avoid is a pyramid of doom, there are ways to do that in other languages. I haven’t looked at Haskell parsing logic but it sounds like there are some interesting advantages it offers.

                                                1. 1

                                                  There a various ways in other languages to avoid the ‘pyramid of doom’, but they are much more situational. For example, ruby has &. for null safe access ie. person&.pet&.num_legs which avoids the pyramid. However, they are very specific and break down quite easily.

                                                  Say, you want person&.pet(if pet_type == 'cat')&.is_purring which you want to return null if any of these objects are null (or the pet is not a cat), or true/false if they are not null and the pet is cat. Probably you can do something like this in ruby, but Haskell via ‘monad’ (and friends) has highly generic and composable techniques like this that are very clean to use.

                                                  I’m glossing over ‘monad’, it is not complex, but you need to learn the prerequisites before it makes sense. Actually I thought https://www.youtube.com/watch?v=J1jYlPtkrqQ was pretty good as a shotgun explanation if you are somewhat familiar with ruby.

                                                  1. 2

                                                    person&.pet(if pet_type == 'cat')&.is_purring

                                                    This looks more like a place where I’d use a prism, in Haskell with lens I imagine it’d be person ^? pet . asCat . isPurring :: Maybe (). I’d like to know how this is a parsing issue, it looks more like a object traversal problem.

                                                    1. 1

                                                      Yes not a parsing problem. Just trying to explain how Haskell avoids the pyramid of doom problem in a general way that is very flexible. Whereas other languages solutions are very specific and situational.

                                              2. 3

                                                What progress were you hoping for but didn’t see? The Haskell Foundation was created to work on ways to improve the Haskell ecosystem and I’m always looking for more improvement ideas myself.

                                                1. 2

                                                  It’s worth stressing that that 17m compile time is a one off cost. GHC is of course an incremental compiler, so you only pay for the graph of modules affected by a change when developing which is significantly quicker, on the of seconds, not minutes.

                                                  1. 1

                                                    I don’t think the pyramid of doom is a language issue, but an architecture issue.

                                                    I haven’t seen it come up in the context of parsing but instead in chaining together asynchronous operations in languages that lack coroutines, so it’s most common in JS where nearly all IO is forced to be async. In C# you can just do normal IO so it’s not surprising it doesn’t come up. (or maybe because C# has coroutines? honestly not that familiar with it)

                                                  1. 24

                                                    Since it’s a medium post with a clickbait title here’s a TLDR:

                                                    While attempting to hack PayPal with me during the summer of 2020, Justin Gardner (@Rhynorater) shared an interesting bit of Node.js source code found on GitHub.

                                                    The code was meant for internal PayPal use, and, in its package.json file, appeared to contain a mix of public and private dependencies — public packages from npm, as well as non-public package names, most likely hosted internally by PayPal. These names did not exist on the public npm registry at the time.

                                                    The idea was to upload my own “malicious” Node packages to the npm registry under all the unclaimed names, which would “phone home” from each computer they were installed on.

                                                    Apparently, it is quite common for internal package.json files, which contain the names of a javascript project’s dependencies, to become embedded into public script files during their build process, exposing internal package names. Similarly, leaked internal paths or require() calls within these files may also contain dependency names. Apple, Yelp, and Tesla are just a few examples of companies who had internal names exposed in this way.

                                                    This type of vulnerability, which I have started calling dependency confusion, was detected inside more than 35 organizations to date, across all three tested programming languages.

                                                    Feels weird and scary that this had always been possible! Another incident to add to the “package management is solved” meme. Great article.

                                                    1. 10

                                                      public packages from npm, as well as non-public package names, most likely hosted internally by PayPal.

                                                      Even if you’re not using npm’s organization feature to host your modules, you probably want to use names scoped to an npm account or organization you control, so others can’t publish packages with matching names to the public registry.

                                                      That said, dependency managers probably shouldn’t be running arbitrary code on users machines during installation, as in the case with the preinstall used in this example. Unfortunately, this was reported back in 2016 (VU#319816) and nothing came of it.

                                                      1. 8

                                                        I don’t really know how anything about npm dependency fetching works, but shouldn’t the logic be, “Do we have an internal package called ‘foo’? If not, look for public packages called ‘foo’.”? Based on the article description it sounds like it must be doing, “Is there a public package called ‘foo’? If not, look for an internal one”. Is this really how it works?

                                                        1. 7

                                                          npm has a limited concept of different registries. It fetches all packages from the one set in the global configuration file, a environment variable, or a CLI flag. The exception is scoped modules (modules whose names look like @mycompany/foobar), where each scope (the @mycompany part) can be assigned a registry.

                                                          If you pay npm, you can set scoped packages published on their registry to only be installable by users logged into your organization.

                                                          Before scoped modules were added to npm, the best you could do is create unscoped packages that didn’t exist, and point npm at a proxy that decided what backend to fetch a package from based on the requested name. A common implementation checked an internal registry first, and if it didn’t exist, then it fetches from the public registry.

                                                          The author of this post provides examples of internal modules being unscoped, so I’m assume these companies are relying on developers connecting to a proxy to fetch the correct dependencies. I could easy invision scenarios where new developers, CI systems, IDEs are improperly configured and fetch those names instead from the public registry, thus this vulnerability.

                                                          1. 3

                                                            If the package exists on both [the internal and public], it defaults to installing from the source with the higher version number.

                                                            The kicker there being you can make an arbitrarily higher-versioned package e.g., 9000.0.1 to force the public (malicious, in this context) dependency. The article also describes that same behavior in Artifactory which is popular within companies to host various internal packages (including npm):

                                                            Artifactory uses the exact same vulnerable algorithm described above to decide between serving an internal and an external package with the same name.

                                                            I think for npm, using the save-exact feature would be a fix—and imho a sane default—but I’m not 100% certain.

                                                            1. 2

                                                              I’m not sure this is accurate, or at least it wasn’t the implementation of any proxies I worked on or with back when I was still working on npm.

                                                              npm would ask the proxy for information about a package name. All the ones I used would query that metadata from an internal version, and only if it returned nothing, did it fetch information from the public proxy.

                                                              This implementation choice was made in the proxies to allow teams to hold back or override open source modules they used (especially useful with deeply nested dependencies before lockfiles) and to avoid situations where someone else claimed the same name to try to get you to fetch it instead (this being before scoped modules).

                                                              I haven’t been in the Node.js community for about 4 years now, and have never had access to Artifactory, so I can’t confirm or deny what implementation they’re using now. It would be a shame if they forged ahead without the security concerns open sourced alternatives had long considered.

                                                              1. 1

                                                                I’ll be honest: not sure on the technical differences to how Artifactory works compared to the proxies you worked with. When I’ve previously used Artifactory (as a humble user) it’s effectively worked as a pull-through cache of sorts: serve a package that exists internally then fall back to the public if necessary. What comes to mind as of recent was the change by Docker Hub that rate-limited requests.

                                                                Anyways, your reply made me think more specifically about the Node.js/npm vector from the article:

                                                                Unless specified otherwise (via --registry or in a .npmrc) then the default (public) registry is used. Given that, I think it’s not out of question for a npm install acme-co-internal-package to be blindly ran which would hit the public (malicious) package if there’s no internal registry specified. Just my $0.02.

                                                                1. 2

                                                                  Yeah, that’s the conclusion I wrote up thread.

                                                                  I could easy invision scenarios where new developers, CI systems, IDEs are improperly configured and fetch those names instead from the public registry, thus this vulnerability.

                                                                  1. 1

                                                                    D’oh, I missed that. Just like the pesky step in a project’s README that tells (hypothetical) you to set the internal registry. ;^]

                                                                    I’m sure it’s a curious sight internally at npm to see all the 404ing requests for packages—many of which exist in an internal registry.

                                                        2. 3

                                                          The article is (intentionally, I believe) vague about it, but I’m curious how they came across all the dependency declaration files in the first place.

                                                          common for internal package.json files, which contain the names of a javascript project’s dependencies, to become embedded into public script files

                                                          I don’t quite follow. Anyone have insights on the semantics of “leak” in this context?

                                                          1. 1

                                                            I think they might be concatenated into the production minified js file due to a misconfigured js build pipeline, but that’s just a guess.

                                                        1. 13

                                                          The larger problem, though, is that it’s not at all clear that Firefox will remain a viable alternative to Chrome. Its market share has been falling for years, and not everybody is pleased with the directions that the Mozilla Foundation has taken. The creators of web sites have responded by not caring about Firefox; having to retry broken web sites in Chrome is a ritual that many Firefox users have had to get used to. It’s not surprising that users give up and just run Chrome from the outset.

                                                          This is the real problem here, in my opinion - even if there are other freely-licensed browsers which use Blink, the trend towards obsolescence for Blink’s only competitor is a fairly grim sight to behold. I actually use Firefox because I prefer it to Chrome & derivatives, but at this point I have a secondary Chromium window open most of the time anyway, not least because Microsoft Teams requires it now.

                                                          1. 4

                                                            I have a secondary Chromium window open most of the time anyway, not least because Microsoft Teams requires it now

                                                            I had to resolve to the exact same thing. All virtual meetings Google Meet, Microsoft Teams, Slack calls do not support Firefox and explicitly tell you to switch away…

                                                            1. 19

                                                              Jitsi, BigBlueButton, Zoom and Discord do support Firefox and have good user experience fwiw, I would particularly recommend the first two as they are freely-licensed. Took me a while to find a decent platform for casual videoconferencing at the start of the pandemic.

                                                              Obviously, that only works if you can choose the platform, but it’s worth a try anyway.

                                                              1. 1

                                                                I’m using Google Meet everyday with Firefox, the experience is 99% great and I haven’t been told to switch away. Only feature missing that I know of is changing the background.

                                                              2. 3

                                                                I came to Firefox, way back in the day (like, 2007-ish), because of the dev tools. We actually ported our IE-only application over to support Firefox solely to get access to those dev tools - none of our customers used Firefox, or were asking for it.

                                                                These days the Chrome dev tools are really good, they’re an entire complex application hidden inside another one - most users will never see it, but there’s a lot of development time put into Chrome’s tools. Today all the developers on my team use Chrome, though there’s no mandate to do that, and in practice every other browser is a second-class citizen.

                                                                I don’t know what they’d have to do, but if Firefox could make the development experience amazing, then maybe we’d see support pick up, too?

                                                                (I assume it’s not amazing today when compared to Chrome, because I’ve never heard anyone mentioning that)

                                                                1. 7

                                                                  Firefox’s devtools have really caught back up again in recent years. The JS debugging stuff was still better in Chrome last time I had to use it, but I’ve found Firefox far better for everything else, especially styling. It probably depends what parts of the tools you need most often, so I’d definitely recommend giving them a try again if you don’t spend all your time in the debugger.

                                                                  1. 4

                                                                    I use firefox for personal browsing, chrome for webdev.

                                                                    The firefox devtools aren’t bad, but they are definitely not as good as the chrome ones. I’d say they’ve been consistently a year or so behind chrome.

                                                                    That said, support for video/audio in firefox is fickle (eg different feature release dates for different OSes - you can’t just say “supports firefox”, you end up having to say “supports firefox on some versions of windows” - at which point it’s easy to write off entirely)

                                                                    1. 1

                                                                      I honestly disagree, especially for CSS firefox has superior dev tools.

                                                                    2. 1

                                                                      I still use firefox because it has superior dev tools in my opinion, especially for CSS.

                                                                      These days the Chrome dev tools are really good, they’re an entire complex application hidden inside another one - most users will never see it, but there’s a lot of development time put into Chrome’s tools.

                                                                      This is also true of firefox.

                                                                  1. 16

                                                                    This is a particular reputational problem for unusual language choices because failures of a team or product tend to be blamed on the weirdest things that a team does. When a Go project fails due to design issues, people rarely say “this failed because of Go” because there are so many examples of projects written in Go that did not fail. (On the flip side, design failure is also more likely because there are so many more examples of successful Go projects to follow than there are examples of successful Haskell projects.)

                                                                    1. 5

                                                                      On the flip side, design failure is also more likely because there are so many more examples of successful Go projects to follow than there are examples of successful Haskell projects.

                                                                      I feel like this is a big part of it. Another issue is that often the developers choosing languages like Haskell are less likely to have used it at a large scale than people working with conventional languages. For many people this is because you don’t get the opportunity to work with a language at scale without using it at work.

                                                                      1. 8

                                                                        Indeed. And things work much differently at scale than they do in the small, the tradeoffs get different, and one has to develop a plan to compartmentalize ugliness and complexity.

                                                                        1. 2

                                                                          For an average project… I seriously doubt the “less likely to have used it at a large scale” part is true. Many teams don’t have a person on board who’d have practical experience using something at an actually large scale, much less designing for a large scale.

                                                                          Just because there are more people with that experience in the general population, doesn’t mean a particular team has one of those. Also, many projects never reach a truly large scale, and with modern hardware, large is really quite large.

                                                                          Of course, “using $language isn’t a stand-in for good software design”. But first, it’s true for any language, and second, there are already enough people trying to discourage everyone from moving beyond the current mainstream.

                                                                          1. 3

                                                                            I can’t tell you the number of Python shops that said the same thing, only to have their engineers perform expensive rewrites in more performant language runtimes. Twitter here is the poster child of doing a large-scale rewrite from Rails into Scala for performance reasons. It’s true that large scale does not happen to every company, but I also think optimizing solely for developer ergonomics will put you in a bind any time you do need to scale.

                                                                            Of course, “using $language isn’t a stand-in for good software design”. But first, it’s true for any language, and second, there are already enough people trying to discourage everyone from moving beyond the current mainstream.

                                                                            Who? So many Silicon Valley companies have seen success embracing new technological stacks (like Rails and Django when they were hot, to Scala when it became cool, Go when it came onto the scene, and now Rust), so I can’t see why a new company would not want to use a new language if their devs were comfortable in it and confident in its ability to scale to the market they wished to address.

                                                                            the current mainstream

                                                                            There’s wisdom in accepting tried-and-true solutions. I’ve dug into new language libraries only to find undocumented settings or badly chosen constants more times than I can count. Edge cases in LRU caches, bugs in returning connections back into connection pools, circuit breakers that will oscillate between on-and-off when degenerate conditions are hit, these are all examples of algorithms that were incorrectly implemented, and it’s not always clear if the value proposition of a new language overcomes the complexity of implementing tried-and-true algorithms. Choosing an “unproven” language is not a light decision, especially when several engineers will spend their time and money on making it work.

                                                                            1. 3

                                                                              Most places aren’t Silicon Valley. Most companies aren’t startups. Most projects aren’t web services with open registration.

                                                                              And it’s not about optimizing for developer ergonomics. Advanced type systems are about correctness first of all. It’s just sort of taking off with Scala, Swift, and Rust. Sort of. Those clearly still face more opposition than 70’s designs like Python, Ruby, or Go.

                                                                              1. 5

                                                                                Most places aren’t Silicon Valley. Most companies aren’t startups. Most projects aren’t web services with open registration.

                                                                                According to StackOverflow [1], Typescript is a top 10 language, and Rust, Swift, and Typescript are top 20 languages. So while there is a bias for tried-and-true languages like Python and Java, languages with “advanced” type systems are in the top 20.

                                                                                Advanced type systems are about correctness first of all

                                                                                Is it? I’m not sure if there’s any proof that advanced type systems actually lead to more correct programs. I certainly don’t remember that when I was in grad school for PLT either. I understand that practitioners feel that type systems allow them to make more correct programs with less cognitive load, but I would bin that into developer ergonomics and not correctness until there’s proof positive that ML-based type systems do actually result in more correct programs.

                                                                                It’s just sort of taking off with Scala, Swift, and Rust. Sort of. Those clearly still face more opposition than 70’s designs like Python, Ruby, or Go

                                                                                Or, perhaps, most programmers genuinely do not enjoy working with heavily restrictive type systems or with monad transformer stacks and free monads. Haskell is a year older than Python and is an order of magnitude less widely used than Python. It’s clear that recent languages like Rust, Swift, Typescript, and Scala do use a lot of ideas from ML-descended type systems but it’s not clear whether they are popular as a whole or not. Many languages have taken pieces of these type systems (such as the Optional/Maybe sum type) and bolted them onto their language (Kotlin), but I think that ML-style languages will always be enjoyed by a minority, though how large that minority is time will tell.

                                                                                1: https://insights.stackoverflow.com/survey/2020#technology-programming-scripting-and-markup-languages-all-respondents

                                                                                1. 2

                                                                                  I understand that practitioners feel that type systems allow them to make more correct programs with less cognitive load, but I would bin that into developer ergonomics and not correctness until there’s proof positive that ML-based type systems do actually result in more correct programs.

                                                                                  This is an accurate statement I think. No type system can guarantee you are more correct unless the “spec” you are implementing is more correct. What it does help with is giving the developer more information on where they are starting to deviate from the spec. But even then it doesn’t guarantee that they are implementing the spec correctly in the type system. ML Type systems give you early information that your code won’t work as implemented when it hits certain edge cases. Those edge cases will sometime but not always manifest as bugs in production. So depending on the ergonomics you favor in your programming language you will either love that early information, be ambivalent, or you will dislike it.

                                                                      1. 28

                                                                        Any of y’all want me to throw my hat in the ring?

                                                                        Another time. :)

                                                                        Okay fisch. I’ll try. If enough folks are interested I’ll shoot an app in.

                                                                        1. 41

                                                                          friendlysock is pretty much the only user who I have mentally flagged as consistently antagonistic and obnoxious, generally to the detriment of friendly and civil discussion. Other users may have particular topics which they feel sufficiently strongly about that they occasionally get a little antagonistic responding to criticism. With friendlysock, I see unnecessarily inflammatory comments often enough that I now mentally think, “ugh, I won’t bother reading this comment chain, it looks like another friendlysock spat”. If you can’t moderate your own comments, I don’t think you’d be good at moderating other peoples.

                                                                          So if you really want our opinions, no, I do not want you to throw your hat into the ring.

                                                                          1. 25

                                                                            Strong disagree. friendlysock consistently engages in civil and friendly discussion, even when finding himself on the other side of an argument with someone whose political convictions make them feel they shouldn’t even attempt to be civil and friendly. I’ve never seen him make a comment I think could fairly be called unnecessarily inflammatory (and I say this as someone who has disagreed with him in the past). I generally enjoy seeing his posts and think he’s a good contributor to the site.

                                                                            1. 32

                                                                              You’re painting a picture where angersock is the civil one who just so happens to be constantly surrounded by people mad at him.

                                                                              That’s wrong: angersock frequently accuses others or entire communities of bad faith and assumes a position of authority he doesn’t have when saying content doesn’t belong here (do I even need to link that one?).

                                                                              I’ve rarely seen anybody argue with angersock twice. That alone should be pretty damning: The only constant in arguments involving angersock is he himself.

                                                                              One can be inflammatory, incite flamewars and toxic communication while saving face by “remaining civil”. I’m not sure how much of it was intended in /u/Thra11’s post, but to me the point is that angersock remains civil, but brings incivility.

                                                                              That is not to say that he doesn’t try his best, and I don’t think he does any of this on purpose (though I am really not sure). But I really don’t think he is cut out for this job, and given the comment ratio on his top-post vs the rest of the thread, I think he would be quite a controversial mod to say the least.

                                                                              1. 14

                                                                                It’s also missing the point: One can be inflammatory, incite flamewars and toxic communication while saving face by “remaining civil”.

                                                                                That form of trolling is called Sea-lioning. http://wondermark.com/1k62/

                                                                                1. 13

                                                                                  I strongly disagree that how friendlysock has been showing up here can be seen as a form of sealioning.

                                                                                  1. 8

                                                                                    It still blows my mind that not only do some people think the woman rather than the sea-lion was the sympathetic character in that comic, but that there are enough such people for “sea-lioning” to have become a meme.

                                                                                    1. 8

                                                                                      I suspect it’s because many people use public social media for private conversations with their friends (as they would speak while walking about town). A stranger injecting themselves into the conversation to demand your time and attention (regardless of how righteous they are) is unwanted and weird.

                                                                                      1. 5

                                                                                        It’s pretty fitting, I think. Most people who cry “sea lioning” are just upset that someone responded to their public statements.

                                                                                        1. 5

                                                                                          I was puzzled by that as well. There were enough of us that the author wrote a three paragraph clarification on the errata page. It’s possibly worth reading the explanation there. I’d summarize it as “the sea lion is a stand-in for people who behave a certain way and the woman’s objection is based on that behavior”.

                                                                                        2. 6

                                                                                          I only have this comic as reference for as to what sealioning means, but the situation I see with angersock is not one where he actively seeks out people to engage in stupid arguments with. Maybe the term has evolved beyond that specific example, but then, without a new real definition, it has lost its meaning.

                                                                                          1. 3

                                                                                            The term has not lost its meaning, it has always been used to refer to people who make unwelcomed responses to publicly made statements.

                                                                                        3. 9

                                                                                          My own interactions with ‘sock have actually been pretty good, even in cases where we disagreed (as in this thread), and I don’t off-hand recall seeing and recent(ish) comments where I was “sjeez ’sock, relax mate”.

                                                                                          But I also skip most Rust stories, as I don’t have a lot of interest in Rust (not at the moment anyway), and that link is indeed very much a “sjeez ’sock, relax mate” type of conversation.

                                                                                          Point being: I guess people have a limited/biased view of ’sock (or any other members, for that matter) based on which stories they read and comment on. I certainly do, because I never would have seen that comment if you had not linked it here.

                                                                                          1. 2

                                                                                            do I even need to link that one?

                                                                                            Would be helpful for people like me who aren’t as deep in the day-to-day of lobste.rs.

                                                                                            1. 4

                                                                                              It appears lobste.rs has some sort of retention on the index of comments per user, but here’s the most recent examples (not the best ones):

                                                                                              All of those assume a place of authority and tell others how to use the site.

                                                                                          2. 6

                                                                                            In all fairness, this was not always the case (see also why I’m friendlysock instead of angersock), and even as recently as that Rust thread a few days ago I can still be more inflammatory than is helpful (less charitably: I can be a shithead). I’m no saint.

                                                                                            1. 4

                                                                                              and yet, gestures frantically below

                                                                                            2. 6

                                                                                              I would have to concur with this

                                                                                            3. 34

                                                                                              I personally would prefer not to have a moderator who thinks having Nazis participating is a fine idea (https://lobste.rs/s/nulfct/problem_with_code_conduct#c_dwa6s5). “You could exclude neither [Nazis nor the target of Nazis], and let them sort it out themselves elsewhere. Indeed, seeing each other in a context that doesn’t constantly reinforce their ideology might serve to build bridges and mellow both sides.”

                                                                                              Seeing as my grandmother was almost murdered by Nazis the “mellowing both sides” bit did not go over well with me.

                                                                                              1. 26

                                                                                                It’s taken me quite some time to form a response.

                                                                                                Here in Bloomington, IN, last year and the year prior, we had to deal with a real Nazi problem in our city. It was BAD. https://www.nytimes.com/2019/08/18/us/indiana-farmers-market-white-supremacy.html

                                                                                                We have had a city govt run farmers market near the city square. It was on the largest walking/biking/running trail the city has.. It really was an amazing market.

                                                                                                Then, the Unicorn Riot discord hack happened. Normally, this would oust Nazies and similar ideology. Except this time, it ousted a lady by the name of Sarah Dye, a farmowner and a stall vendor at the farmers market. It only outed the first name in the general vicinity and owned a farm - I was the one who found her account on Youtube by the name of Volkmom, and got her banned from the other 2 farmers market boards she was on. I forwarded the videos to their boards. They compared her voice to her damning videos.

                                                                                                However, Bloomington IN doubled down, claiming 1st amendment concerns. Peaceful protests to Dye and the city were done… And the cops arrested the peaceful protesters, up to and including the president of low barrier homeless shelters - dressed as a purple unicorn ( https://www.thedailybeast.com/unicorns-arrested-at-protest-of-white-supremacy-at-bloomington-indianas-farmers-market ).

                                                                                                And since Dye was being defended by the city, we had other undesirables show up. Other neonazies did. So did the 3 percent’ers. But when the 3%ers showed up, they were armed to the teeth, with AR15’s strapped to them, handguns (plural), zipties, and more. There was no question - they were not peaceful. They wanted to make a show of force that they were present to support their kind. Having them all show up shat on the very idea of the farmer’s market of inclusivity and coming together over shared food.

                                                                                                We (public) finally solved this by deprecating the city run market, and a new market was made by a non-profit org. All the vendors showed up here, with exception of Sarah Dye and her stall. And unlike the city market, visible weaponry wasn’t allowed. And being in Indiana, people will pack heat; but it can at least be diminished.

                                                                                                When nobody knew she was a Nazi and she didn’t do anything suspicious publicly, it was uneventful and peaceful. People just bought their groceries and all was good. The moment it was known, all the dregs, white nationalists, neonazies, kkk, and similar moved in to support “their kind”. We all literally had to abandon and regroup to get them to stop.

                                                                                                If you don’t strongly deal with white nationalist groups, they’ll eat you out of house and home, run everyone off, and leave you with a shell of a community. I’ve seen it happen locally how it progresses in real life… and damned if I’ll let it happen to communities I’m currently a moderator of.

                                                                                                1. 21

                                                                                                  Forgive me for being dense, but my reading of this is that everything was quiet and peaceful until you went out of your way to dox a Nazi and get her kicked out, and then people decided to protest a lawful application of the 1st Amendment, and then counter-protests happened, and a bunch of ugliness occurred, and then after all this you got the original market back less one Nazi.

                                                                                                  If this is an accurate reading (and it may not be!), how could one not conclude that everything was fine until you got a bee in your bonnet about somebody being a Nazi in their free time? How is everything that followed not your fault? That being the case…how is all of the following ugliness not the result of the efforts to purge a secret Nazi?

                                                                                                  My desire to follow rules of topicality and civility is very much due to a desire to avoid that sort of protest-counterprotest stuff that harms communities more than it helps.

                                                                                                  1. 23

                                                                                                    how could one not conclude that everything was fine until you got a bee in your bonnet about somebody being a Nazi in their free time? How is everything that followed not your fault?

                                                                                                    Who escalated to violence? The white nationalists did. Arguing that the exposers of secret Nazis are at fault is the argument employed by domestic abusers. “Woman, why do you make me beat you? Why do you do this to me?”

                                                                                                    I know you’re arguing in good faith. But please do not try to justify violence from this crowd. They proved that they weren’t standing on moral high ground when they showed up with firearms and zipties.

                                                                                                    The violent response from white nationalists to nonviolent protests should prove just how much of a charade their pearl-clutching about “muh free speech” really is.

                                                                                                    1. 13

                                                                                                      Forgive me for being dense, but my reading of this is that everything was quiet and peaceful until you went out of your way to dox a Nazi and get her kicked out, and then people decided to protest a lawful application of the 1st Amendment, and then counter-protests happened, and a bunch of ugliness occurred, and then after all this you got the original market back less on Nazi.

                                                                                                      More specifically, there was already an anti-nazi campaign locally going against her with what I considered shaky proof. Many of us were very hesitant to engage in protests in person or online, without solid proof. I used my OSINT skills and was able to positively identify that it was her. Had it not been, I would have also said so. I’m not going to engage in a protest against an individual unless I’m damned sure I can prove it… And I proved it beyond a reasonable doubt.

                                                                                                      Speaking to “and then people decided to protest a lawful application of the 1st Amendment, and then counter-protests happened”…

                                                                                                      The problem was that the city was supporting the nazi speech AND show of force, while arresting peaceful (non-weapon-possessing) protestors. If the city had applied equal force to both sides, there would have been less of an issue with respect to 1FA.

                                                                                                      If this is an accurate reading (and it may not be!), how could one not conclude that everything was fine until you got a bee in your bonnet about somebody being a Nazi in their free time? How is everything that followed not your fault? That being the case…how is all of the following ugliness not the result of the efforts to purge a secret Nazi?

                                                                                                      You’re extrapolating and assuming when you don’t have the information.

                                                                                                      My desire to follow rules of topicality and civility is very much due to a desire to avoid that sort of protest-counterprotest stuff that harms communities more than it helps.

                                                                                                      This sort of civility is similar to Sea-lioning ( http://wondermark.com/1k62/ ).

                                                                                                      Simply put, there is no civility when discussing people who want to murder people (and have done so) who differ only in race, skin color, or sexuality.

                                                                                                      1. 21

                                                                                                        Over and over and over again the same “both sides are at fault” message, Nazis and their victims. You simply cannot get yourself to say “let’s leave Nazis out”, huh.

                                                                                                        1. 13

                                                                                                          A few questions to make sure I understand your arguments:

                                                                                                          • Assuming Lobste.rs vows to leave the Nazi out, who is going to decide which user is a Nazi? What is the definition of a Nazi?
                                                                                                          • Since we’re bound to leave the Nazi out, how can we ensure that there won’t be a “leave the Y out”, where “Y” can be muslim from Saudi Arabia, Palantir developers (are they morally superior to Nazis?), Steven Pinker, Noam Chomsky and everyone else group X doesn’t like ?

                                                                                                          ps. This discussion is not new by any means. It is a hard discussion, Karl Popper wrote extensively about this exact issue.

                                                                                                          1. 8

                                                                                                            Thank you for your observation.

                                                                                                            For me, I can’t help but notice that even if we say “Okay let’s get rid of the Nazis”, we still have the question of who is a Nazi?

                                                                                                            Form a practical standpoint: half of my country (US) voted for Trump, for whatever reason. That makes them some flavor of Republican–or worse. It is not a stretch (and is pretty common in various circles) to see any affiliation with Republicans as basically being a Nazi.

                                                                                                            If half of Lobsters is from the US, this means that like a quarter of the users–based on back-of-the-envelope calculations–are Nazis and should be banned, for being Nazis.

                                                                                                            If we just ban based on civility and topicality, we get to sidestep this issue.

                                                                                                              1. 7

                                                                                                                Any of the comments that article references are clearly outside decorum and, if posted here, would warrant administrative action.

                                                                                                                1. 8

                                                                                                                  Weev is a public figure. Weev was banned from gab. Weev could participate anonymously on lobsters. If weev wants to post here as weev, is that OK?

                                                                                                                  1. 8

                                                                                                                    Why wouldn’t it be, if he follows the rules and isn’t an asshole and contributes to on-topic discussion?

                                                                                                                    It being weev, I imagine it would be less than an hour before he gets banned for saying stupid Nazi shit, but might as well give the fellow a chance.

                                                                                                                    Our purpose here isn’t to punish people for actions in other communities; our purpose is to discuss technology.

                                                                                                                    1. 5

                                                                                                                      Weev is a public figure known for being a Nazi. For weev to be named as weev, it’s the same as https://lobste.rs/u/neonazi .

                                                                                                                      Weev could go by a different name to participate in lobsters.

                                                                                                                      1. 0

                                                                                                                        Pretty sure there are many internet users with that nickname - most probably are unaware of some rando from US. To be honest I never heard about that guy until today. If he would have an account here I would judge him by what he writes here without crosschecking him across other sites. Who does that?!

                                                                                                          2. 7

                                                                                                            I won’t say it because I don’t believe it.

                                                                                                            I would rather have a polite Nazi talking to me about technology than either a rude not-Nazi talking about technology or a polite not-Nazi talking about not-technology. As somebody mentioned above re: the Nazi variant of the Turing test…a sufficiently polite and topical Nazi is indistinguishable from a normal user, because they’re presumably not talking about Nazi shit and picking on Nazi victims.

                                                                                                            If they are, the rules of civility and topicality give a handy way–and a more uniform way–of dealing with them. Even better, it gives a way of dealing with them that doesn’t give them the recourse of saying “Well you’re just doing this because you hate Nazis”, or “You’re just doing this because you support SJWs”, etc. I can point at the rules and say “You were off-topic and being uncivil. I don’t need to believe anything about Nazis or your relationship with that ideology to get rid of you.”

                                                                                                            1. 22

                                                                                                              Apparently you definition of civility includes telling me and other Jews to “mellow out” about people wanting to murder us. No thanks.

                                                                                                              1. -9

                                                                                                                Do you want to murder them, given that you (by my reading here) believe they are a clear and present danger to you and yours?

                                                                                                                1. 17

                                                                                                                  This is too far. There are diminishing returns now on this conversation and also both of you seem to have lost perspective that this post is about finding new moderators because pushcx might be under huge moderator load - you’re not helping. At the least, take this to a different venue or to personal chat to hash it out and bring back here any positive results.

                                                                                                                  @itamarst You are talking about a subject which is understandably extremely sensitive and important to you. I think everyone can and would acknowledge the pain that you and your family must have gone through, and it is a failing of people in this conversation that that is not the first and most obvious point to be reiterated and repeated without fail. We all must acknowledge that terrible things have happened and that we want to take positive actions to prevent them happening again. That being said you are grossly not applying good faith in a situation where one person’s actions seem to have been offensive to you, and you are bringing a subject that is most definitely off topic for lobste.rs into this space. In relation to the former, you could have chosen a much more amicable way of bringing your point forward such as: Quoting friendlysock, explaining how you reacted to and felt when you read his comment and asking friendlysock to confirm if that was his intention and to clarify his meaning if it was. You definitely could have done that constructively inside the context which was friendlysock applying to be a moderator, so you could have phrased your question in a way relevant to this topic. No one would ever question your pain or your discomfort at seeing discussions of a group of people that brought great harm to your family and by extension pain to you; you do not have to not be angry, or not be in pain; but having the expectation that you can bring this up in this way in this space and the outcome be constructive is poor judgement: whether or not this was a motivation, you are not going to get personal resolution to political issues that cause you pain on lobste.rs.

                                                                                                                  @friendlysock Whatever your position you are grossly failing to take a step back and acknowledge itamarst’s point where he is now, not where you think he should be or how you think his point relates to lobste.rs. If you keep doubling down on your position, itamarst has to double down on his. This does not seem like rocket science. Whether this is on topic or not, when someone has gone to the effort and made themselves vulnerable by presenting something they are angry or in pain about, particualrly if it’s such a HUGE subject as this with so much emotion attached, step 1 is acknowledge that and consider your position in relation to what they said. You have no idea how they feel and you can not begin to understand their position so if they are offering you this level of confrontation the most you can do is acknowledge and listen. You don’t have to take responsibility for having caused their pain - no one is calling you a nazi or accusing you of murdering people, but you do have to acknowledge that they felt a particular way after reading what you wrote, and if you want to, you can explore that, but with about 1000 times more sensitivity. Acknowledgement and reiteration of your fundamental positions as they relate to lobste.rs, or moderation on lobste.rs would perhaps be a way to frame your position, if you’re interested in doing that.

                                                                                                                  1. 16

                                                                                                                    “Good faith” only goes far when some spends so much effort explaining how important it is we include Nazis in our discussions. Especially when they want to be a mod.

                                                                                                                    And really the whole point of the exercise is mod policy. As I’ve said before, in other discussions, you gotta pick a side. And the clearer friendlysock’s opinions, the clearer the choice pushcx has to make.

                                                                                                                  2. 13

                                                                                                                    Enough is enough. You are bullying itamarst with repeated emotional manipulation by way of a topic that has violently effected them, apparently so that you can get them to call for killings on a thread in which you nominated yourself to moderate the community in pursuit of civility. Are you done trolling yet?

                                                                                                                    1. 6

                                                                                                                      Do you want to murder them

                                                                                                                      Come on, this is too much.

                                                                                                                      1. 6

                                                                                                                        No, of course not.

                                                                                                            2. 32

                                                                                                              no offence, but I find that “mellowing both sides” is a very legit goal. seeing as I’ve spent most of my life in a warzone, this goes very well with me. I’m not jewish, but I’ve had multiple run-ins with Neo-Nazis due to the way I look and where I escaped the war to. I used to hang out in this bar that was split in half, one of it was extreme leftists, and the other were staunch Nazis, some not even Neo. we were all fucked, so we just drank together in a weird peace of sorts. one of the Neo-Nazis never liked the fact that I started hanging out there, and was constantly hostile, and due to past experiences I had to often stay alert and make sure to be ready for whatever may come, but the beer was cheap mind you and the weed was good.

                                                                                                              one of the Neo-Nazis in particular was this big guy who had it so clear in his eyes that he’d like to beat the shit out of me to prove his worth or whatever. I didn’t care as this was the least of my worries (at that time). one of the old men I used to hang out with was a programmer as well, so we’d get high and discuss all sorts of computer things. one day the convo came to Blender and 3D modelling, and all of a sudden this big guy who never wanted to exchange a word with me and rather punches came and started talking about Blender with love in his eyes instead of hate, after a couple of hours of that he threw the shittiest but unfortunately the most fitting line of all:

                                                                                                              “your people aren’t too bad after all.”

                                                                                                              we actually continued conversing after that and went through a couple of his traumas and why he ended up on the path he ended up on. I by no means expect everyone suffering from oppression to engage in such antics with their oppressors, but I’d rather the ones who can’t, let the one who can, do what they gotta do.

                                                                                                              at the very least, you can try to not monopolize suffering under your own school of thought, and within only your own context.

                                                                                                              this is probably my last comment here for a while, so feel free to PM if you wanna discuss this further. I am also very sad to hear about your grandma, it sucks to be almost murdered, it sucks to see people you love get murdered, and it sucks to see people you love commit murder, but that shit happens on all sides of aisle.

                                                                                                              dehumanize one, and you dehumanize all, I find.

                                                                                                              fucking hell, I need a beer.

                                                                                                              1. 27

                                                                                                                Thank you for sharing! I think that’s slightly missing the point, though:

                                                                                                                1. The issue was with “both sides”. Why do I need to “mellow” if someone wants to murder me?
                                                                                                                2. You are describing a truce backed by violence. And that might work for some, but the more common case is people not going into the bar at all, because they don’t feel safe.

                                                                                                                I’m sure many Nazis have reasons for how they ended up where they are (though in the US a lot of them aren’t suffering at all, they’re upper middle class or rich). Maybe hanging out with Nazis will make them change their mind. I doubt it, but it’s possible.

                                                                                                                But given the choice between making a safe environment for everyone, and letting some Nazis in in the vague hope they will learn something and lots of other people choosing not to participate, I’d rather choose the latter former.

                                                                                                              2. 10

                                                                                                                You know, I can sympathise with your viewpoint here, especially as a Muslim in the current global climate, but the problem I see is that this seems to be leading to such extreme echo chambers, that it makes people say things like what one user in the thread you linked said:

                                                                                                                Feminists believe that women are as human and as entitled to agency and dignity as men are; MRAs believe that women are inferior to men and should be enslaved.

                                                                                                                This is such an absurd statement to make without backing up and so patently false; the only way someone can believe this is by being fed a constant diet of lies people who really hate MRAs instead of just speaking to MRAs directly.

                                                                                                                Suddenly, we’re not just banning Nazis who want to kill you and me and our entire family trees, we’re banning practicing religious people who aren’t willing to rewrite their holy scripture or reinterpret it to suit people’s desires, we’re banning critics of said religious folks who believe baby penises should remain intact — hey, they’re MRAs, right?; whatever, they must be islamophobes or antisemites either way — we’re banning critics of affirmative action, we’re banning all manner of people with valid and not so valid positions or arguments.

                                                                                                                We don’t discriminate on truth, we discriminate on whether it’s comfortable or not to a select group of people. People who can’t discriminate between a belief like, “men and women have roughly equal average IQ, but the distribution is wider for men, so the ratio of men to women at Google is roughly what we’d expect if Google were selecting for such and such IQ” — responding with such inanity as “do the women at Google not belong there, then?” — and a belief like, “women are inferior to men and so should be enslaved to them”.

                                                                                                                1. 20

                                                                                                                  I think that if I were on a rocketry forum I’d be interested in hearing what Wernher von Braun had to say (not merely a Nazi, but an officer in the SS). If I were on a forum about filesystems, I’d be happy to talk to Hans Reiser. If I were given the opportunity, I think that Konrad Zuse (not a Nazi, but certainly a collaborator) would have interesting things to say about electromechanical computer design.

                                                                                                                  I’d be more than happy to throw any of them out if they start going into politics or murder, but if they have useful expertise and follow the rules of decorum, they should have a place.

                                                                                                                  1. 16

                                                                                                                    Let me put it like this: if Hans Reiser would join a forum where Nina Reiser’s brother (or sister, close friend, etc.) would also participate, would you think it’s reasonable if they would object to this?

                                                                                                                    It’s not hard to see how this would also extend to neo-Nazis (as in, literal neo-Nazis, who looked at the Holocaust and thought that all of that was just a spiffing good idea); would you enjoy interacting with someone who literally wants to kill you and everyone like you and worships an attempt to do exactly that? Are many people not a victim of these people’s actions just as much as Nina’s Reiser’s brother is? Would you happily discus webdesign best practices with the person running StormFront or some other neo-Nazi website?

                                                                                                                    I’m not so sure if “it’s limited to just technical conversation” is really all that important, never mind that this is too limited of a view of Lobsters IMHO, as it’s a community centred around technical topics.

                                                                                                                    For all we know Reiser or the StormFront maintainer are already participating on Lobsters anonymously. We can’t really prevent that because the only alternative would be to actively vet members. But if you know you’re talking to the StormFront webmaster then … yeah, I’d rather not.

                                                                                                                    I’m not suggesting that we implement some sort of wrongthink policy or anything of the sort; you put forth the extreme scenarios so I’m replying to those, and in more realistic scenarios things tend to be some shade of grey. If someone on Twitter said “I don’t like people of religion/ethnicity/identity X” then that would probably be okay; as in, I won’t like them more for it, but I see no reason to ban them here for just that. But I do think all of this is a bit more complicated than you put forth.

                                                                                                                    1. 19

                                                                                                                      Would you happily discus webdesign best practices with the person running StormFront or some other neo-Nazi website?

                                                                                                                      Let’s apply a variant of the Turing Test to this: if people from the interactions alone cannot tell whether they are made by a regular person or a Nazi, then the poster/commenter can be regarded as worthwhile talking to as any other normal person.

                                                                                                                      1. 5

                                                                                                                        Yes. Nobodies forced to use real names on lobsters. If someone posts anonymously, respect it. Don’t dox.

                                                                                                                        It’s not the same if he/she uses their neo-Nazi name. Lobsters has no moral obligation to be known as the place where neo-Nazis hang out.

                                                                                                                        1. 10

                                                                                                                          Yeah I think there’s a bit of a straw man being thrown around in some of these discussions about being randomly chosen as the target of doxxing. It’s pretty easy to be anonymous on this website.

                                                                                                                          To even be perceived as a member of a hate group on a site like this would require affirmative signaling to one’s peers that they hold hateful views towards other members of the community for their birth-given human characteristics, which seems like a good enough reason to remove such a user in the first place.

                                                                                                                          1. 3

                                                                                                                            Yes. Nobodies forced to use real names on lobsters. If someone posts anonymously, respect it. Don’t dox.

                                                                                                                            Yes, I pretty much said as much later on: “We can’t really prevent that because the only alternative would be to actively vet members” (that this isn’t feasible isn’t stated explicitly, but it’s pretty clear to everyone that it’s not).

                                                                                                                            I think both you and @ewintr have missed the point of my reply; this entire discussion is fairly hypothetical because of course no neo-Nazi is going to link to their StormFront account on their Lobsters profile (or Gab, or wherever these people hang out these days). I just wanted to point out why having known neo-Nazis on Lobsters is something that people would object to, and why some people would choose not to visit Lobsters if this were the case.

                                                                                                                            1. 3

                                                                                                                              No. You’re wrong. It won’t remain hypothetical. Look at how many people got caught from the 6th based on social media.

                                                                                                                        2. 6

                                                                                                                          would you think it’s reasonable if they would object to this

                                                                                                                          I totally would understand why they might object to this. Then again, dude was put into prison and served his time. According to the law, he has received his punishment. Anything further is just extrajudicial retribution–understandable but not lawful.

                                                                                                                          would you enjoy interacting with someone who literally wants to kill you and everyone like you and worships an attempt to do exactly that?

                                                                                                                          If they were polite and solved my problem, sure. It’d be weird, but I’d rather have the help than not. The second they started going on about that other stuff, I’d report them cheerfully.

                                                                                                                          For all we know Reiser or the StormFront maintainer are already participating on Lobsters anonymously.

                                                                                                                          Exactly. For the dedicated opposition, this kneejerk intolerance serves no real obstacle–and can even be really useful as a leveraging point to disrupt a community. It’s like people have never played Among Us.

                                                                                                                          but I see no reason to ban them here for just that.

                                                                                                                          The problem is, several Lobsters I believe would be more than happy to do that, and would want it in a CoC. Further, where do you draw the line? How much Nazi is too Nazi? How little pedophilia is acceptable? I don’t want to make those calls–I’d rather focus on the (much simpler) tests of a) has this user treated other users respectfully in this space and b) has this user stayed on-topic. If followed, I believe those two rules are sufficient to guarantee a good time for everybody.

                                                                                                                          But if you know you’re talking to the StormFront webmaster then … yeah, I’d rather not.

                                                                                                                          As an aside, the world-wide experts in decentralization are about to all be, or keep company with, some really distasteful people. Ignoring their experience because they’re icky strikes me as a waste.

                                                                                                                          1. 4

                                                                                                                            The Reiser case is a bit more complicated, as I agree criminals should be given a second chance. However, it’s not unreasonable for victims of the crime to still harbour (strong) feelings of animosity; I don’t think that’s “extrajudicial retribution”. I don’t think that many people would happily chat with their sister’s murderer about filesystems after they served their time.

                                                                                                                            At any rate, I only mentioned Reiser to illustrate the perpetrator/victim relationship, as it’s so clear in this case. I was tempted to leave that out entirely as it’s quite a different case from neo-Nazis.

                                                                                                                            would you enjoy interacting with someone who literally wants to kill you and everyone like you and worships an attempt to do exactly that?

                                                                                                                            If they were polite and solved my problem, sure. It’d be weird, but I’d rather have the help than not. The second they started going on about that other stuff, I’d report them cheerfully.

                                                                                                                            Alright, fair enough. But it’s not hard to see how other people would make a different choice here.

                                                                                                                            where do you draw the line? How much Nazi is too Nazi? How little pedophilia is acceptable?

                                                                                                                            I don’t have clear answers to that; but this is a kind of reasoning I don’t really like. Maybe there’s a better name for this, but I like to call the “it’s hard fallacy”, which goes like: “it is hard to draw a line, therefore, we should not draw a line at all”.

                                                                                                                            I’ve seen the same type of reasoning in conversations about civility. It can be really hard to draw a clear line about what is or isn’t acceptable, but that doesn’t mean we shouldn’t try at all. Clearly there should a line somewhere otherwise people replying with just “you’re a cunt” would be “acceptable”, and I think we can agree that it’s not. You can also see this fallacy in some other (political) topics.

                                                                                                                            I’m not actually in favour of banning people for off-site behaviour unless it’s particularly egregious, such as active neo-Nazis, and even then I’d have to carefully look at the specific case at hand. In general I think the bar should be pretty high for this, but I do think there is a bar … somewhere.

                                                                                                                            I mean, do you really expect black people or Jewish members to happily interact with people we happen to know are neo-Nazis or KKK members? If someone in your local soccer club is a great bloke and fun to hang out with, and then you discover he’s a Grand Hobbit Ghoul in the KKK (or whatever ridiculous ranks they have) then you would continue that relationship as-if nothing happened (and before you answer “yes I would”, would you expect everyone to do so, including your black teammates?)

                                                                                                                        3. 16

                                                                                                                          The problem, of course, is that then you lose all the people who don’t want to hang out with Nazis, or with people (like Hans Reiser) who murdered their wife.

                                                                                                                          1. 25

                                                                                                                            In an online forum for talking about X, I’d much rather have a room full of people who may be assholes elsewhere talking politely about X than I would a room full of people who might be lovely elsewhere being assholes in my forum because of something completely unrelated to X.

                                                                                                                            1. 7

                                                                                                                              Thank you for this succinct explanation.

                                                                                                                            2. 12

                                                                                                                              On the internet, no one knows you’re a dog.

                                                                                                                              Who’s to say what someone’s intentions are? If people start causing problems, by all means remove them. The alternative is doxxing everyone who joins lobsters or digging up dirt, is that somehow a better alternative?

                                                                                                                              I get it, no one wants to share a board with Nazis or murderers. I don’t either. But this social equivalent of a preemptive strike has the potential to be way worse.

                                                                                                                              1. 11

                                                                                                                                A good rule of thumb, in programming and elsewhere, is to always consider at least three solutions to any problem. There are in fact other solutions beyond the false dichotomy “doxxing everyone” and “accepting everyone”, one common one being a Code of Conduct. Personally I would go with “you must pass this very bar to participate”.

                                                                                                                                1. 7

                                                                                                                                  Just because a comparison of two solutions are presented doesn’t mean you have to jump to “this is a false dichotomy.” Also, I thought we already had that with the lobsters rules? How does a code of conduct actually differ?

                                                                                                                                  1. 15

                                                                                                                                    Well, friendlysock apparently can compare Nazis as somehow equivalent to their victims (both sides apparently need to “mellow”). Most CoC would involve kicking him out for that.

                                                                                                                                    1. 6

                                                                                                                                      I don’t agree with the comparison and I don’t think friendlysock would be a good mod based on the fact that he could draw it. I just want to put this out there though - if there was a felon, Nazi or other unsavory person who could provide some insight into problems I’m trying to solve then I would still have an open ear so long as they stay on topic and don’t bring up their unrelated interests. Not doing so seems short sighted.

                                                                                                                                      Most Codes of Conduct are pretty crappy btw. Ruby has a good one, nearly all of the others are too suffocating.

                                                                                                                                      1. 3

                                                                                                                                        I think both you and @itamarst may be missing something in how I wrote that–and that’s on me for articulating incorrectly.

                                                                                                                                        My point was not to draw equivalence between those groups. My point was that everybody has some outgroup that they would prefer to see kicked out.

                                                                                                                                      2. 4

                                                                                                                                        Maybe you should resolve that with friendlysock, then. Not going to fan these flames anymore.

                                                                                                                                  2. 9

                                                                                                                                    How is it “pre-emptive strike” to just not want to hang out with people you don’t like?

                                                                                                                                    This isn’t like…. the seat of government. This is a place to talk with people. Absolutely nobody is under any obligation to listen to people (short of mods basically “kicking people out”). There is zero moral requirement to listen to “varied viewpoints” or have an open mind.

                                                                                                                                    EDIT: And pointing to a previous declaration of moderation wishes as “digging up dirt” in a conversation about mod applications is rich. Are we supposed to just treat every conversation in some weird vacuum even when it comes to something so obviously relevant? I know you’re saying this in good faith but how is that not fair game?

                                                                                                                                    And like… you know what? These people that get doxxed or whatever? They are the ones that are vocal about their opinions. That’s how you even know that they are these kinds of people. If they kept their mouth shut we wouldn’t even be able to know!

                                                                                                                                    I’m tired of being lectured about how I’m the bad person for not wanting to deal with people who not only are (IMO) morally bad people, but also don’t have the social IQ to keep it to themselves.

                                                                                                                                    1. 10

                                                                                                                                      These people that get doxxed or whatever? They are the ones that are vocal about their opinions.

                                                                                                                                      Alright, where does the dirt digging stop, then? Everyone that’s somehow associated as commenting in this thread, supportive or otherwise? Because they may somehow have an agenda too?

                                                                                                                                      Dude, you’re not the bad person. No one’s saying you are. I’m just done with communities that engage in shit slinging, doxxing, and public shaming rather than actual discussion in good faith.

                                                                                                                                      Anyway, peace out, lobsters. N-gate was right about you.

                                                                                                                                      1. 4

                                                                                                                                        I had someone PM me with personal details about myself while using a randomized username on reddit a few years back because I said that I didn’t think Ohio State was very good that year. People dox and dig up dirt for varied reasons. The nazi thing is an extreme example of that, but it happens for all sorts of other strange reasons as well.

                                                                                                                                        I no longer use Reddit because of that event, and now I try to stick to a minimal set of social sites (like this one) where it’s obvious who I am if you search my username or look at my profile.

                                                                                                                                        I don’t think you should feel obligated to listen to someone’s viewpoint if it’s non-technical (or even if it is technical really), but in this forum, the less I know about people, the better. I like hearing opinions or thoughts on tech without knowing who they are. I can’t control how they think or feel otherwise.

                                                                                                                                    2. 5

                                                                                                                                      Are you asking for Lobsters (and its mods, etc.) to:

                                                                                                                                      • Explicitly condemn Nazism, white supremacy, and murder
                                                                                                                                      • Ban anyone who publicly espouses these ideas, on or off our site
                                                                                                                                      1. 24

                                                                                                                                        You write as if that would be some kind of absurd idea, when it seems quite sensible to me..?

                                                                                                                                        1. 10

                                                                                                                                          thank you for objecting to that.

                                                                                                                                          reductio ad absurdem requires absurdity, and I’m not used to seeing “explicitly condemn Nazism” held forth as obviously absurd.

                                                                                                                                          1. 5

                                                                                                                                            It seems absurd to me because it’s kind of a given. Not every site needs to say “hey don’t murder people” for me to feel good about using it. It’s a general human sentiment that murder is bad. Explicitly stating it and only targeting those viewpoints makes me wonder why we aren’t explicitly denouncing every type of supremacy, nativism, genocide, rape, etc.

                                                                                                                                            But I do think banning people who espouse any of those views (spoken or unspoken) on the site is not only warranted, but should also lead to a probationary period for the person who invited them.

                                                                                                                                            1. 7

                                                                                                                                              I don’t think we need to make a list of things we don’t agree with. But I do think that we should be clear that people who are known for their malicious activities (e.g. support for murder or racism) are not welcome here.

                                                                                                                                            2. -1

                                                                                                                                              Putting this bluntly, the second one is stupid and anyone who argues for it is stupid. On or off our site? What the hell. Maybe in person I could logic my way into thinking that it’s ok but online? Thousands of miles away with no immediate threat to my wellbeing?

                                                                                                                                              Online there’s always going to be that one jerk who doxes someone else for wrong-think and it’ll start with this.

                                                                                                                                              1. 12

                                                                                                                                                Thank you for proving your commitment to the cause of rational discussion by calling me stupid.

                                                                                                                                                The thing is, we want Lobsters to be a place where all people are welcome. If we allow known neo-nazis to hang out with us, then people that feel threatened by those neo-nazis won’t come here. Sure, it’s not a threat to them per se, but why would you want to spend your free time talking to people that literally want you dead?

                                                                                                                                                Being a neo-nazi is a choice. Belonging to a minority group isn’t. We should give the neo-nazis the boot and welcome the members of minority groups.

                                                                                                                                                1. 5

                                                                                                                                                  why would you want to spend your free time talking to people that literally want you dead?

                                                                                                                                                  Because they have information I want and are capable of staying on topic for the site I’m on. I do not care what they do anywhere else. It is incredibly vexing that people are making me defend the scum of humanity.

                                                                                                                                                  I believe all people are welcome on lobste.rs if they’re not talking about tons of off-topic stuff and spewing out hate while they’re here.

                                                                                                                                                  1. 13

                                                                                                                                                    Do you also want information from people who, for example, would feel uncomfortable sharing a discussion forum with neo-nazis?

                                                                                                                                                    This isn’t value-neutral, we have a choice to make: either we welcome the neo-nazis, or we welcome the people-who-don’t-want-to-talk-to-neo-nazis. I know who’s getting my vote.

                                                                                                                                                    1. 5

                                                                                                                                                      This isn’t value-neutral

                                                                                                                                                      I reject that premise.

                                                                                                                                                      The nazi stuff should not enter the flow of conversation for nearly any thread on lobste.rs. The only reason we’re discussing it now because this is a meta thread and it was brought up by itamarst. If he hadn’t then we’d not know and not care.

                                                                                                                                                      So I think that if we actually talk about the things that we thought we were going to talk about when we were invited in the first place there won’t be any issues with your first sentence.

                                                                                                                                                2. 7

                                                                                                                                                  Please don’t call other users or standpoints stupid. It’s okay to disagree, it’s even better to providing reasoning, but name-calling never helps.

                                                                                                                                            3. 7

                                                                                                                                              You only lose the people who care more about Nazi status more than technology–and they’d doubtless be happier elsewhere, in a community that puts ideology and identity above knowledge and civility. I’ve made my peace with that.

                                                                                                                                              I don’t think that you can fundamentally ensure that people always feel welcome, and there is no surer road to ruin than to cater to everybody’s exclusionary preferences. Everybody has a reason to hate Nazis, or furries, or Republicans, or women, or whatever–the only way a community grows and flourishes is by providing people the space and protocols to interact without requiring alignment on those things.

                                                                                                                                              Don’t want to take up more space here on it, but am happy to continue discussing in DMs with whoever would like to.

                                                                                                                                              1. 34

                                                                                                                                                The fact that you seem to define “civility” as - roughly speaking - some sort of shallow politeness enabling us all to chum it up with nazis so long as we’re speaking about computers, rather than as good citizenship and strong community built on respect for one’s peers suggests to me that you’d be a terrible moderator.

                                                                                                                                                1. 20

                                                                                                                                                  Agreed, that kind of response seems like it comes from a place of privilege. As in, “this doesn’t concern me too much, what’s the big idea?”

                                                                                                                                                  It’s been interesting to see convos here and elsewhere around accepting views that are rooted in hate but somehow we should all just suck it up because that’s “fair.” I’m often the only Black person in cis-White male dominated spaces so this is nothing new to me. Just…interesting to see this play out in the open for the first time.

                                                                                                                                                  Confronted with the knowledge of one’s privilege blinding oneself to what the disenfranchised has known to be true for eons is fascinating to watch/read.

                                                                                                                                                  1. 5

                                                                                                                                                    I’ll politely point out that my view would extend, were the conversations civil and on-topic, to folks like Malcolm X or Newton or Seale–not just stuffy old white dudes.

                                                                                                                                                    I think that, as John Perry Barlow observed, we here in cyberspace have the opportunity to transcend the strife we were all born into. Part of that means evaluating people based on their behaviour and not on what we think about their beliefs.

                                                                                                                                                    Edit: fixed rather embarrassing misattribution.

                                                                                                                                                    1. 13

                                                                                                                                                      (Davos is a place in Switzerland. That piece was authored by John Perry Barlow. I recommend the movie Hypernormalisation, there’s a very interesting part featuring Barlow and the other technolibertarians, discussing the connections to the counter-culture movement in the 60s)

                                                                                                                                                      I cannot help but find this sort of cyber-utopianism incredibly naïve. Things that happen on the internet can and do have effects on people in the real world. It’s been a long, long time since “just walk away from the screen, just close your eyes” was a genuine take to have.

                                                                                                                                                      1. 4

                                                                                                                                                        Thanks for catching that, still waking up.

                                                                                                                                                        It’s a naive approach, but that’s kinda the point right? Like, should we not strive to live in that more ideal, simpler, better world?

                                                                                                                                                  2. 2

                                                                                                                                                    good citizenship

                                                                                                                                                    What do you mean by this?

                                                                                                                                                    I agree btw.

                                                                                                                                                  3. 18

                                                                                                                                                    Everybody has a reason to hate Nazis, or furries, or Republicans, or women, or whatever

                                                                                                                                                    I think you may be lumping together several dissimilar attitudes here.

                                                                                                                                                    I do not think lobste.rs is suffering from including “the wrong people” or anything like that. We probably do have some people with terrible opinions, but it doesn’t leak into our usual discussions.

                                                                                                                                                    However, I do think it would be bad to have a mod to express the attitude that “some people hate Nazis, some people hate women. A pox on both their houses!”

                                                                                                                                                    I say “express” because I am not saying what you really think is “hating women is equivalent to hating Nazis”. But a mod has to be careful.

                                                                                                                                              2. 6

                                                                                                                                                Why stop with Nazis? If anyone shows any Nazi propaganda, they should be out. But let’s extend it to all other groups that cause harm to others. Any member of US army should be gone, heck, they didn’t try to kill my grandma, they killed my relatives, which were civilians (and they are still killing others in my country due to depleted uranium that was used in bombings). Also all the members of tech companies that help these strikes (looking at you, Microsoft et al).

                                                                                                                                                Obviously, I’m exaggerating here to show a point that if we only look at membership of a group to exclude someone, we might also start extending the groups, as various people can/are affected. Personally, I don’t care which group people belong to, as long as they are not a threat to my family and are trying to help (or are just plain neutral) — which I think plenty of people here are, and that’s the main reason I come to this site.

                                                                                                                                                1. 9

                                                                                                                                                  We did exactly this when a Palantir showed up to show a neat thing. It was one of the most shameful things I’ve seen in my time here.

                                                                                                                                                  1. 5

                                                                                                                                                    You are not exaggerating at all.

                                                                                                                                                    1. 2

                                                                                                                                                      This reads like the opposite-day version of “First they came…” by Martin Niemöller.

                                                                                                                                                      1. 1

                                                                                                                                                        That is a great poem that I have only heard so far paraphrased. Thanks for sharing! However, it has been a rough week for me, so I don’t get the “opposite-day version” part, could you elaborate?

                                                                                                                                                    2. 4

                                                                                                                                                      Circumstances under which I would be OK with an Actual Nazi participating (both conditions must hold):

                                                                                                                                                      1. User does not reveal themselves to be a Nazi on the site, either by explicit statement or in the way they act, and
                                                                                                                                                      2. User is not notoriously a Nazi externally to the site, either for having done something terrible or by making themselves a “public figure” wrt their viewpoints.

                                                                                                                                                      If someone behaves themselves on the site, and their behavior on the site does not create distress for others, I don’t see why people should be encourage in shitstirring. (If it is inevitable that someone’s presence will create distress, regardless of the behavior of anyone on the site, I would strongly suggest they use a pseudonym.)

                                                                                                                                                      “Nazi” is an unlikely and hyperbolic example, but I’ve seen people go and seek out damning information of one sort or another about a member of a community (including doxxing them), and then make it a thing. It wouldn’t have been a thing, and wouldn’t have caused stress to members of oppressed populations, if they didn’t do that! By digging, they’ve actually caused harm. So my rule would be that the notoriety has to originate externally or via direct actions on the site, or you just incentivize this ugly community antipattern.

                                                                                                                                                      (Some of my ancestors were murdered by Actual Nazis or had to emigrate to avoid them, in case you need that for my opinion to be valid.)

                                                                                                                                                      ((EDIT: I don’t want to be a mod, though.))

                                                                                                                                                    3. 8

                                                                                                                                                      Maybe don’t apply if you’re seeking to do if because you think it’s what people want you to do… Someone with that personality might be inclined to lose interest before their term is up if they think popular opinion is drifting away from them…

                                                                                                                                                      1. 22

                                                                                                                                                        My reasoning–and I’ve always held this position–is that anybody seeking such a position is either a lunatic, a tyrant, or both, and not to be trusted. Myself included.

                                                                                                                                                        That said…

                                                                                                                                                        Look, if we’re down to just one moderator, that’s a rough gig. That, plus the current state of the world, makes me worry for the site focus and discussion culture of Lobsters, and if I can help I’m happy to do so–and pushcx is welcome to shitcan and ban me (and will likely do so with great relish) at will should I fail in my duties.

                                                                                                                                                        Asking for sufficient votes before appliying is me, in effect, getting a gauge of if the community would agree to abide. As we’ve seen in my country this year, the legitimacy of government ultimately stems from the consent of the governed.

                                                                                                                                                        1. 11

                                                                                                                                                          And as I’ve seen in my country (US) this year, it’s wise not to give power to folks who are in it for the attention :P

                                                                                                                                                          1. 5

                                                                                                                                                            I personally (and I have a decidedly average number of internet points) like the way your postings changed when your nick changed to friendly. That change shows an appreciation of your past and new styles that I would like to see in moderators.

                                                                                                                                                          2. 2

                                                                                                                                                            TBH asking to be upvoted seems like a bit of a conflict of interest with wanting to be a mod… as friendlysock said

                                                                                                                                                          3. 7

                                                                                                                                                            :(

                                                                                                                                                          1. 2

                                                                                                                                                            That’s great. I really like when web designs have identities, not just a plain copy of Medium. I have a photographic memory, that’s how I remember websites. Another example of identity is fasterthanli.me’s design, I really like it.

                                                                                                                                                            1. 2

                                                                                                                                                              The need to support mobile devices is a real personality killer. It’s a hard choice, whether to make the pages hard to read for a large portion of the audience, or sacrifice their visual design. I’m not happy when people choose the former and switch from their old design to an “ISO standard 2010’s theme”, but I can’t blame them.

                                                                                                                                                              The pointer media query made it somewhat better though. At least you can offer different styles to mobile device users without resorting to JS trickery or maintaining completely different themes for deskop and mobile.

                                                                                                                                                              1. 1

                                                                                                                                                                There’s a lot of personality a site can have while being mobile friendly. CSS-Tricks.com is a good example IMO.

                                                                                                                                                              2. 1

                                                                                                                                                                I might be wrong, but that site strikes me as a modified bootstrap layout.

                                                                                                                                                                1. 2

                                                                                                                                                                  Maybe the link I provided is not the best example of “personality”. The blog posts don’t look like the standard “boostrap” design: (For example this is the last article that he wrote: https://fasterthanli.me/articles/whats-in-a-rainbow-table )

                                                                                                                                                              1. 8

                                                                                                                                                                Smartphones are replacing the PC

                                                                                                                                                                I don’t agree with this. I would argue that many task are still better performed on a laptop or desktop computer. Smartphones have their role, every new thing doesn’t have to replace every old thing. The airplane didn’t replace the car.

                                                                                                                                                                1. 1

                                                                                                                                                                  The airplane didn’t replace the car.

                                                                                                                                                                  This is an excellent analogy.

                                                                                                                                                                1. 9

                                                                                                                                                                  Blue text, while also a widely recognizable clickable-text indicator, is crass and distracting. Luckily, it is also rendered unnecessary by the use of underlining.

                                                                                                                                                                  Not only does removing the blue coloring for links break user’s expectations, but the links are also missing :visited styling. I don’t like the preference of form over function in this instance.

                                                                                                                                                                  1. 3

                                                                                                                                                                    I didn’t realise anything underlined was a link until you mentioned this.

                                                                                                                                                                    1. 2

                                                                                                                                                                      removing the blue coloring for links break user’s expectations

                                                                                                                                                                      Really? I find that almost no websites use blue text with underlines for links anymore. I can only think of a couple and they are very focused on developers who prefer a ‘minimalist web’ aesthetic. Even on lobste.rs, while the article links may be blue, they are not underlined, and all of the other links are shades of gray (and most of those don’t have underlines!)

                                                                                                                                                                      1. 5

                                                                                                                                                                        I overwrite website styles in my browser and this also applies to links for which I have a fair bit of contrast (and a different color for visited links). I spot links instantly and feel a clear difference with stock configurations: links are a core aspect of the web, they should be easy to spot and deserve contrast.

                                                                                                                                                                        1. 3

                                                                                                                                                                          That’s fair, come to think of it you’re actually right. Still not stoked about the lack of :visited styling though.

                                                                                                                                                                          Edit: I’m looking at it other websites and I think that most sites have at least some difference in color between the links and body text. Maybe it’s not blue, but it’s more than a simple underline.

                                                                                                                                                                          1. 2

                                                                                                                                                                            Minimalist aesthetic was indeed the key for me when I chose Tufte CSS for my site and the end result has stuck with me, saving me from other-framework envy for the past 3 years. Blue underlines and past visit hints have not (yet) been missed.

                                                                                                                                                                        1. 1

                                                                                                                                                                          The fact that moving the vehicle backwards in the car example turns on the reverse lights makes me very happy for some reason.

                                                                                                                                                                          1. 7

                                                                                                                                                                            True, but there’s a lot more that doesn’t work or works weirdly on Linux. It’s not the way it’s supposed to be, but it’s how it is. Windows and Mac get you a standard, decent GUI for most things. Linux is much more customizable but you often need a lot of work to get basic things working. That’s not ideal, but in practice, that’s the tradeoff.

                                                                                                                                                                            Example: I recently installed MX Linux on my desktop, which has an HDMI monitor and a soundcard. The volume slider doesn’t do anything and the brightness of my monitor is not adjustable via a graphical tool (although it can be done with a bash script).

                                                                                                                                                                            1. 6

                                                                                                                                                                              Windows and Mac get you a standard, decent GUI for most things. Linux is much more customizable but you often need a lot of work to get basic things working.

                                                                                                                                                                              I recently installed MX Linux on my desktop

                                                                                                                                                                              If you use a more mainstream distribution, you will have fewer issues. If you use the distribution chosen by your hardware manufacturer, you will have basically zero issues (e.g. Pop on System76 machines, Manjaro on Manjaro-branded laptops). This is the #1 misconception regarding free desktops in my experience and I think it’s quite important not to perpetuate it.

                                                                                                                                                                              It’s basically true that “more customized” = “more weirdness”, but a lot of desktop Linux stuff is far, far to the left on that scale.

                                                                                                                                                                              1. 4

                                                                                                                                                                                If you use a more mainstream distribution, you will have fewer issues.

                                                                                                                                                                                I don’t like this argument. If he had said he was using Ubuntu there would be a whole bunch of linux users claiming he should be using a “real” distro.

                                                                                                                                                                                If you use the distribution chosen by your hardware manufacturer, you will have basically zero issues (e.g. Pop on System76 machines, Manjaro on Manjaro-branded laptops).

                                                                                                                                                                                So what you’re saying is that linux works ok if used on machines specifically made for it?

                                                                                                                                                                                1. 2

                                                                                                                                                                                  I don’t like this argument. If he had said he was using Ubuntu there would be a whole bunch of linux users claiming he should be using a “real” distro.

                                                                                                                                                                                  I agree that that is reprehensible behaviour. The fact that some other people do reprehensible things like that doesn’t affect the validity of my argument.

                                                                                                                                                                                  So what you’re saying is that linux works ok if used on machines specifically made for it?

                                                                                                                                                                                  Much like all other popular operating systems, yes. Free desktops (including the BSDs!) are the only OSes which really have the unenviable task of running on hardware that is actively hostile to them, with the exception of Windows on Apple hardware, which last I checked was doing much worse than, e.g., Linux on Lenovo hardware, and requires either an expensive vendor support package or lots of tinkering.

                                                                                                                                                                                  1. 3

                                                                                                                                                                                    Free desktops (including the BSDs!) are the only OSes which really have the unenviable task of running on hardware that is actively hostile to them

                                                                                                                                                                                    To some extend, this is also true for Windows. People expect to run Windows on every computer, hardware vendors produce drivers of terrible quality, Microsoft has to deal with the fall-out. I guess this is the reason Windows ships a lot of Microsoft-provided drivers by default.

                                                                                                                                                                                    The other side of the coin is that Intel and AMD actively develop drivers for Linux and contribute to the X.org and Wayland ecosystems, and we still have all the problems that we have. I am using GNOME, because so far it has dealt best with Wayland, HiDPI screens, and connecting additional screens. But man, the desktop experience is broken, many applications are invisibly in the background (Spotify, Skype, Dropbox) since GNOME has decided that tray icons should be killed with fire [1]. GNOME becomes extremely laggy after a few days without a restart (e.g. there is a noticeable latency when I am typing this). None of the browsers support accelerated video playback out of the box (it’s supported by the drivers/libraries, but I guess having two APIs for video accelerations does not help). Etc. etc.

                                                                                                                                                                                    For me the biggest problem is that we (as the FLOSS Unix community) haven’t made much progress in the last 10-15 years. Of course, there has been a lot of awesome work in the form Wayland, Vulkan, HiDPI support, etc. But the delta between, say, Linux in 2005 and Windows/macOS has not really become smaller than the delta between Linux now and Windows/macOS. The Linux desktop is still a thousand paper cuts, that some of use can live with because there are other attractions.

                                                                                                                                                                                    [1] Sure, there is an extension, but it often does not render the menus correctly and introduced noticeably more gnome-shell crashes.

                                                                                                                                                                                    1. 1

                                                                                                                                                                                      I am using GNOME, because so far it has dealt best with Wayland, HiDPI screens, and connecting additional screens. But man, the desktop experience is broken, many applications are invisibly in the background (Spotify, Skype, Dropbox) since GNOME has decided that tray icons should be killed with fire [1].

                                                                                                                                                                                      Yeah, I agree that this is a terrible decision, on par with MS’s decision to totally break the Start Menu user experience (which is what eventually pushed me completely away from Windows). In fact I’m considering going to KDE for this reason.

                                                                                                                                                                                      But, in a lot of ways, that’s the point, for me. I have that choice. On Windows, I don’t have a choice but to use the new Explorer and Start Menu experience which I really dislike.

                                                                                                                                                                                      For me the biggest problem is that we (as the FLOSS Unix community) haven’t made much progress in the last 10-15 years. Of course, there has been a lot of awesome work in the form Wayland, Vulkan, HiDPI support, etc. But the delta between, say, Linux in 2005 and Windows/macOS has not really become smaller than the delta between Linux now and Windows/macOS. The Linux desktop is still a thousand paper cuts, that some of use can live with because there are other attractions.

                                                                                                                                                                                      This does not comport with my experience; I started using free desktops around 2012 and, for me, even in just those 8 short years the difference is night and day. 99% of the time, my stuff “just works”.

                                                                                                                                                                              2. 5

                                                                                                                                                                                That used to be fun when I was younger, those issues were challenges that I loved to solve and I learned a lot while solving them. But now, after some years, those issues start looking more like obstacles than challenges.

                                                                                                                                                                              1. 1

                                                                                                                                                                                Samsung Galaxy S9

                                                                                                                                                                                1. 49

                                                                                                                                                                                  Kind of annoying that you have to read thru a third of the article to get to the important part:

                                                                                                                                                                                  Is Flow open source?

                                                                                                                                                                                  No. […]

                                                                                                                                                                                  1. 19

                                                                                                                                                                                    It is this part of the answer that I find more interesting: “There’s no current plan for that as we don’t have a large corporation backing our development. “

                                                                                                                                                                                    It just makes me sad. Open source was supposed to destroy the corporations, not empower them! It was to bring freedom to the development world, not leave it at the mercy of big money operators.

                                                                                                                                                                                    Nothing new, no big comment. Just lamenting :( (though the khtml legacy may be interesting - and it is LGPL… perhaps we have that to thank for the openness we do still have at least)

                                                                                                                                                                                    BTW I also hate the name “Flow”. Gah I can’t wait for this era of names to come to an end.

                                                                                                                                                                                    1. 14

                                                                                                                                                                                      Open source was supposed to destroy the corporations, not empower them!

                                                                                                                                                                                      Was it? I always thought that free software was about empowering the users — raising then up, not dragging anyone down.

                                                                                                                                                                                      1. 9

                                                                                                                                                                                        Open source has always been about empowering the corporations from the beginning, and free software has always been about preventing corporations from exploiting users, which under the current capitalist system amounts to destroying or crippling them.

                                                                                                                                                                                        1. 1

                                                                                                                                                                                          yeah i was being kinda loose to fit the star wars meme.

                                                                                                                                                                                          But open source is basically corporations taking over the free software idea and twisting it for their own benefit. So I should have said “free software” of course but eh the article said “open source”.

                                                                                                                                                                                        2. 10

                                                                                                                                                                                          This is a weird attitude. I’m all for open source and have been working on open source full time for several years.

                                                                                                                                                                                          But just because someone starts an important/interesting project doesn’t mean anyone should demand it be open source.

                                                                                                                                                                                          The obvious response is: Start your own open source browser project, and recruit or pay the 100+ developers it will take over decades! If it were easy or cheap, we’d see a lot more of these types of projects.

                                                                                                                                                                                          1. 5

                                                                                                                                                                                            I don’t demand it, I just would prefer not to run some person’s code nobody can read.

                                                                                                                                                                                          2. 8
                                                                                                                                                                                            1. 4

                                                                                                                                                                                              It is this part of the answer that I find more interesting: “There’s no current plan for that as we don’t have a large corporation backing our development. “

                                                                                                                                                                                              Well, imagine they release it today: people will report issues, create PRs, ask for features, etc.

                                                                                                                                                                                              Responding to that in a vaguely timely fashion takes up a lot of time. If you’re a small company, you may not want to spend the time/money.

                                                                                                                                                                                              1. 15

                                                                                                                                                                                                You don’t have to have an issue tracker, or forums, or accept contributions, or even have source control.

                                                                                                                                                                                                It’s open source if you dump a tarball once per release.

                                                                                                                                                                                                1. 7

                                                                                                                                                                                                  I’ve worked on open source without a public bugtracker. We were flamed for that. “Not really open source” etc.

                                                                                                                                                                                                2. 5

                                                                                                                                                                                                  More than that, they want to sell it.

                                                                                                                                                                                                  1. 2

                                                                                                                                                                                                    I would like Flow to be open source, but I don’t care enough to do anything about it. If I really wanted to make it happen, here’s how I’d go about it:

                                                                                                                                                                                                    1. Find enough developers who will commit to maintaining it properly
                                                                                                                                                                                                    2. Approach Ekioh and ask them to make a deal
                                                                                                                                                                                                      • They would benefit from additional contributors without paying maintenance costs
                                                                                                                                                                                                      • They will probably want some cash too
                                                                                                                                                                                                    3. Crowdfund to raise the cash

                                                                                                                                                                                                    That’s pretty simplistic, I realize. But my point is just that license problems are business problems, and can sometimes be solved.

                                                                                                                                                                                                  2. 4

                                                                                                                                                                                                    I think it’s honestly a misdirection. There have been plenty of good open source projects with small businesses behind them. It’s like saying “Oh I can’t do the dishes tonight because I don’t have large corporation backing”.

                                                                                                                                                                                                    1. 12

                                                                                                                                                                                                      I’ve worked at one of those (one of the first to do it) and when I read that sentence it, I just nodded. “Yeah, can understand that.” What they mean is probably that they need income, every month, and they’re worried that by opening the source their existing business model is at risk and they don’t have an obvious replacement.

                                                                                                                                                                                                      The worst case is roughly: zero outside contributions, a wide user base that pays nothing and expects much, the user base does not contain prospective customers, and too many of the existing customers decide to stop paying and just use the free offering. With skill and luck it’s possible to devise a new business model and sales funnel that uses the width of the user base, but doing that takes time, and without a corporation backing it, how does one keep the lights on meanwhile?

                                                                                                                                                                                                      1. 4

                                                                                                                                                                                                        What they’re really saying is they don’t have the skill or finesse to pull it off. That’s fine, however plenty of small businesses have made great profits while open sourcing their products. You don’t “need” corporate backing, and I’d argue if anything it’s an obstacle rather than a benefit.

                                                                                                                                                                                                        1. 10

                                                                                                                                                                                                          The skill and finesse to pull it off is considerable, IMO it can be regarded as infinite unless you have two more things:

                                                                                                                                                                                                          • skill and finesse
                                                                                                                                                                                                          • luck
                                                                                                                                                                                                          • funds to last you through a period without income.

                                                                                                                                                                                                          Skill alone isn’t enough.

                                                                                                                                                                                                          A “large corporation” in this context is simply one that’s large enough to have one or more sources of income unaffected by the product being developed, and whose other income is large enough to carry a team through the product development phase.

                                                                                                                                                                                                          (I’ve worked at three small opensource companies and spoken to my counterparts at others.)

                                                                                                                                                                                                          1. 1

                                                                                                                                                                                                            Not saying your concern is entirely invalid, I think those things DO matter. I just also think the reality is probably somewhere between “It can’t be done” and “It’s trivial to do”. The idea that you can’t run an OSS business without backing by a major corporation is probably untrue. The idea that you can run an OSS business without capital, luck, or skill is probably also untrue. I personally found it upsetting that he was attempting to put it all on a lack of corporate backing instead of just saying it was a strategic decision to keep an edge on competition or something. I often find when people deflect blame on to things they can’t control they are often trying to sidestep the extent they do have responsibility or control over the situation.

                                                                                                                                                                                                          2. 5

                                                                                                                                                                                                            What fields were they operating in? Are they still prominent or even around? Were they ever prominent?

                                                                                                                                                                                                            Where did they get money? Corporate customers, side gigs or a big inheritance? Did they detour from their core paying business to do open source?

                                                                                                                                                                                                            How long did it take for them to become sustainable? Did they?

                                                                                                                                                                                                            What’s the proportion of “plenty” in comparison to the competition that didn’t make it? To the corporate-backed competition? To the competition that’s still around with the same premises?

                                                                                                                                                                                                            Not to come off as too much of a duck here, but all these questions are very important when saying someones have generally made money. Surely the response might warrant more of a study than a reply, but seeing how under-staffed and -paid open source is, I’m a bit triggered by negating legit concerns with “others done it”.

                                                                                                                                                                                                            1. 2

                                                                                                                                                                                                              I’m a bit triggered by negating legit courses of action with “it can’t be done”, so… I doubt we’ll have a tremendously productive discussion. I think your questions around it are fair and reasonable but I think our stances and positions are too far apart to find the center in the comment thread. I’m not really interested in debating this out however I do appreciate that you took the time to come up with good challenges to my point.

                                                                                                                                                                                                      2. 1

                                                                                                                                                                                                        I’m curious about the name. What would have been your choice?

                                                                                                                                                                                                        1. 2

                                                                                                                                                                                                          Seeing as the company is named Ekioh, perhaps “Ekioh Browser Engine”, EkEng or EBE for short, or maybe a four letter word that isn’t already used by multiple software projects

                                                                                                                                                                                                          1. 2

                                                                                                                                                                                                            I probably would go Ekioh Browser - descriptive yet unique by including the existing company name. There’s just a trend right now to use fairly short, generic names. I imagine the marketers are like “we want to evoke a feeling” but I just want some decent idea of what it is and how it is distinct.

                                                                                                                                                                                                        2. 17

                                                                                                                                                                                                          Does the fact that the browser is not open-source mean that it is not bringing diversity to the market? I’d argue that browser diversity was in a healthier state when Opera had a proprietary engine than it is now that Opera uses Chromium and Blink.

                                                                                                                                                                                                          Don’t get me wrong, I’d much rather see this be open-source, but I don’t think the fact it’s closed source means it’s irrelevant.

                                                                                                                                                                                                          1. 40

                                                                                                                                                                                                            one thing to keep in mind is that privately controlled web engines can disappear without leaving a base for a community to develop, as with presto.

                                                                                                                                                                                                            1. 9

                                                                                                                                                                                                              That’s a fair argument.

                                                                                                                                                                                                              1. 3

                                                                                                                                                                                                                Open source software can disappear, too, when the entire development team goes away.

                                                                                                                                                                                                                I’m not aware of any open source that was

                                                                                                                                                                                                                • developed by a smallish company
                                                                                                                                                                                                                • opened
                                                                                                                                                                                                                • received substantial contributions from outside

                                                                                                                                                                                                                AFAICT, if something comes from a company and isn’t an obvious non-product like e.g. lepton, then outsiders regard it as that company’s product, and don’t spend their time developing that company’s product for free. A community does not develop.

                                                                                                                                                                                                                I’d be thrilled to learn otherwise. Particularly how small companies might get others to develop their product for them.

                                                                                                                                                                                                                1. 2

                                                                                                                                                                                                                  IIRC even the Mozilla codebase languished for quite a while, long enough for the company to go under before it got really picked up by a community. It was a last-ditch desperate effort, but still…

                                                                                                                                                                                                                  1. 2

                                                                                                                                                                                                                    Doesn’t Netscape/Mozilla/Firefox fit your criteria? Plan 9 also comes to mind.

                                                                                                                                                                                                                    1. 2

                                                                                                                                                                                                                      Wasn’t Plan 9 a Bell labs thing? That is to say, unless I misunderstand what you mean by “Plan 9” it was produced by one of the largest, most famous monopolies in US history. Or pretty much the opposite of a smallish company.

                                                                                                                                                                                                                      I would not call Netscape or AOL (depending on who you want to attribute the open source release to) smallish either… if memory serves they were worth $10 Billion or so at their peak. But that pales in comparison to Bell.

                                                                                                                                                                                                                      1. 2

                                                                                                                                                                                                                        Right. (The $10B is irrelevant IMO, the relevant number is about $2B according to Wikipedia.)

                                                                                                                                                                                                                        So from the point of view of the Flow people who might be considering going an open source route, there’s a distinct shortage of examples to learn from. A $2B company whose CEO regards as an “amalgamation of products and services” is hardly relevant.

                                                                                                                                                                                                                        Mozilla was founded with a ten-digit endowment from AOL. Fine for the users, but it makes Mozilla irrelevant as a case to learn from for teams without such fortune.

                                                                                                                                                                                                                        1. 1

                                                                                                                                                                                                                          (I was assuming that the poster I replied to was sincerely arguing that Netscape or Plan 9 would count as something from a small-ish company. If my sarcasm detector was miscalibrated, mea culpa.)

                                                                                                                                                                                                                          This is perhaps the only case in the world where I’d call a difference of $8B “splitting hairs” :)… I’m no more prepared to argue that a $2B company is small than I am to argue that a $10B company is.

                                                                                                                                                                                                                          1. 1

                                                                                                                                                                                                                            No, your rant detector was miscalibrated.

                                                                                                                                                                                                                            Some of these pseudo-arguments annoy me so very much. I wish opensource advocates would use real arguments, not shams that look good at first glance, but make open source look bad in the eyes of developers/teams that are considering going open source. 39 upvotes for something that silently implies that open source can’t/won’t disappear means 39 people who aren’t thinking as carefully as I wish opensource people would. It gets to me and I start posting rants instead of staying properly on-topic. Sorry about that.

                                                                                                                                                                                                                            1. 1

                                                                                                                                                                                                                              sorry; i missed that you asked about “smallish” companies and i misunderstood the thrust of your argument. i guess you were arguing that it would be a risk for flow to open source their browser? i don’t disagree, but that’s different from the question of how much we should care about or support this effort, as people who care about browser diversity.

                                                                                                                                                                                                                              are you trying to argue that free software can disappear without leaving a base for a community to develop? what line of careful thinking would lead you to that conclusion?

                                                                                                                                                                                                                              1. 2

                                                                                                                                                                                                                                The careful thinking is based on two things.

                                                                                                                                                                                                                                First, an observation that the number of outside committers to a conpany’s product is extremely small. People don’t choose to use their own time to work on someone’s product — they find something else to work on. Because of that, the development team for any opensource product is overwhelmingly in-company.

                                                                                                                                                                                                                                Second, source access is necessary but not sufficient for good software development. Much of what makes development practical is in the team. It’s drastically easier to develop software (both fixing bugs and developing new features) if you can speak to the people who’ve worked on it so far, ask questions, get answers.

                                                                                                                                                                                                                                Both of those are rules of thumb, not laws of physics. If you however assume both to be absolutely true, then there’s no difference between a single-product closed-source company doing an opensource dump when it’s acquihired and an opensource company with a single opensource product. If you (more realistically) assume both things to be true with exceptions, then the difference is as large as the exceptions permit.

                                                                                                                                                                                                                                You may compare threee scenarios for product/team/company closure, whether it’s an acquihire, bankruptcy, pivot or even things like the whole team going on a teambuilding exercise on a boat, and the boat sinking:

                                                                                                                                                                                                                                • Open source company closes (any reason): New team may form from volunteers, continuity is lost.

                                                                                                                                                                                                                                • Closed source company closes, dumps source on github: New team may form from volunteers, continuity is lost.

                                                                                                                                                                                                                                • Closed source company closes, does not dump source on github: End of story.

                                                                                                                                                                                                                                Ie. open source has advantages and some of them are IMO significant, but safety or continuity in the event of the team going away isn’t one of them. “Safety” and “continuity” are big words. A new team may spontaneously form, but that’s far from automatic, so there’s no safety, and and if it does form it hardly provides continuity.

                                                                                                                                                                                                                                1. 1

                                                                                                                                                                                                                                  that all makes sense, and does not contradict the fact that open source products provide a base for community development, even if the base is just a source code dump. there may be a continuity barrier, but it can be overcome.

                                                                                                                                                                                                                                  for a browser engine, it makes a difference whether it is released like gecko, allowing forks and community development, or released like presto, where a pivot by a private company ends the possibility of further development.

                                                                                                                                                                                                                                  hopefully you see now that my argument was real and not a sham, and your wish for open source advocates to think carefully is fulfilled.

                                                                                                                                                                                                                                  1. 1

                                                                                                                                                                                                                                    Well, it provides a base in almost exactly the same way as, say, Mitro’s code dump did when it was acquired. Mitro could have opened the source earlier (it actually did so on the day as part of its acquihiring process), and I don’t see any reason why an earlier open source process would have provided more of a base.

                                                                                                                                                                                                                                    1. 1

                                                                                                                                                                                                                                      sure, but before a company does a code dump there is no assurance that they will if the company pivots or goes bust.

                                                                                                                                                                                                                                      1. 2

                                                                                                                                                                                                                                        True. However, do you think that’s a major aspect of uncertainty? I think the users you have in mind aren’t paying customers, right? Someone who isn’t a paying customer (who has no contractual relationship with the maintainers) can hope for continued development, support, years of unpaid service, but only hope, no more. There’s no assurance of bugfixes, of new features, of a port to the next OS version, of compliance with next years’s laws or the ability to read next year’s Microsoft Word files, or that the next version will be open source.

                                                                                                                                                                                                                                        It’s just one more item on the list of hopes.

                                                                                                                                                                                                                                        You’ve probably heard stories about companies who implement major new features and then leave them out of the open source tree? I heard about someone who did that with Catalina support recently. It was a tool often used by system integrators, can’t remember the name, but it’s said to be the only open alternative in its niche. For these system integrators, open source was basically a free trial. Once they had invested in that tool, deployed it widely, their customers upgraded to Catalina and they needed to react in a hurry.

                                                                                                                                                                                                                                        1. 1

                                                                                                                                                                                                                                          True. However, do you think that’s a major aspect of uncertainty? I think the users you have in mind aren’t paying customers, right? Someone who isn’t a paying customer (who has no contractual relationship with the maintainers) can hope for continued development, support, years of unpaid service, but only hope, no more. There’s no assurance of bugfixes, of new features, of a port to the next OS version, of compliance with next years’s laws or the ability to read next year’s Microsoft Word files, or that the next version will be open source.

                                                                                                                                                                                                                                          the same applies to proprietary projects so i’m not sure what you’re getting at.

                                                                                                                                                                                                                                          are you saying even corporate-led open source projects don’t provide a guarantee that the project will continue to be open source? that’s fine but again doesn’t contradict anything i’ve said. it’s still better than proprietary from the perspective of browser diversity because the latest open source release would still provide a base for community development.

                                                                                                                                                                                                                        2. 1

                                                                                                                                                                                                                          i must have missed the word “smallish,” whoops

                                                                                                                                                                                                                  2. 2

                                                                                                                                                                                                                    Even Internet Explorer, shitty as it was, using its own engine made the web more diverse and forced developers to at least keep some semblance of portability. With the arrival of Edge, they also went the Blink/Webkit path.

                                                                                                                                                                                                                    There are basically only two (or three, if you count Blink and Webkit as distinct) rendering engines left which matter. That’s truly sad.

                                                                                                                                                                                                                    So yes, seeing a new browser emerge is actually something that I find hopeful.

                                                                                                                                                                                                                    1. 2

                                                                                                                                                                                                                      With the arrival of Edge, they also went the Blink/Webkit path.

                                                                                                                                                                                                                      They did not do that with the arrival of Edge. They started Edge on its own engine and only just recently released a blink-based version.

                                                                                                                                                                                                                      IE may have initially encouraged some portability, but its net effect was quite the opposite. There were a lot of IE-only products by the time we saw version 6 or so.

                                                                                                                                                                                                                      1. 2

                                                                                                                                                                                                                        IE may have initially encouraged some portability, but its net effect was quite the opposite. There were a lot of IE-only products by the time we saw version 6 or so.

                                                                                                                                                                                                                        That was when IE had “won” the browser wars and had added nonstandard features which other browsers didn’t support. Once they’d killed off Netscape people didn’t have any incentive to run other browsers, and those extra features got used by developers, entrenching it further because of these IE-only products you mention.

                                                                                                                                                                                                                  3. 6

                                                                                                                                                                                                                    This is the only thing I was looking for too. Not sure how Flow is supposed to solve any of the problems posed by a lack of browser diversity if it isn’t open source.

                                                                                                                                                                                                                    1. 11

                                                                                                                                                                                                                      Any alternative implementation of web technologies that isn’t WebKit gaining a non-trivial market share is a positive for those of us concerned about browser diversity, regardless of whether that implementation is open-source or not.

                                                                                                                                                                                                                      1. 1

                                                                                                                                                                                                                        Android might be a point, but without Windows it will not get a non-trivial market share.

                                                                                                                                                                                                                    2. 3

                                                                                                                                                                                                                      Thank you, thats one of the first items I check

                                                                                                                                                                                                                      1. 4

                                                                                                                                                                                                                        Can you come up with a better way to sustain its development than “people paying for it”? Unfortunately, free software isn’t free to develop.

                                                                                                                                                                                                                        1. 1

                                                                                                                                                                                                                          I’m not complaining that they’re charging for it; I just wish the article was up-front about the licensing at the outset so I would know not to waste my time on it.

                                                                                                                                                                                                                      1. 70

                                                                                                                                                                                                                        Windows 10 has ads in the start menu, ads masquerading as security alerts, ads masquerading as software updates, uninstallable bloatware, a bizarre distinction between Metro and everything else (exemplified by the bifurcation of Settings and the Control Panel)….

                                                                                                                                                                                                                        So, I’m all for you doing you, but I can’t bring myself to run it.

                                                                                                                                                                                                                        1. 31

                                                                                                                                                                                                                          The amount of Windows apologia in this thread is astonishing.

                                                                                                                                                                                                                          Usage patterns, convenience or “brains”, I don’t care. Windows is a non-free operating system, and as such inherently user-unfriendly. The developments of the last few years are just an example of what you get when you’re OS is a service, you’re permitted to use.

                                                                                                                                                                                                                          1. 22

                                                                                                                                                                                                                            inherently user-unfriendly

                                                                                                                                                                                                                            One of the main “Windows apologists” in this thread (@feoh) has stated that they have to run Windows to get a usable computing environment considering their eyesight. So in this case Windows is more “friendly” than a FLOSS alternative.

                                                                                                                                                                                                                            Most Linux user interfaces I’ve seen just ape GUI conventions (many based on research) from closed systems (Windows and Mac).

                                                                                                                                                                                                                            1. 5

                                                                                                                                                                                                                              One of the main “Windows apologists” in this thread (@feoh) has stated that they have to run Windows to get a usable computing environment considering their eyesight. So in this case Windows is more “friendly” than a FLOSS alternative.

                                                                                                                                                                                                                              As someone with terrible vision that’s only getting worse (including complete blindness in one eye), this is the kind of argument I can absolutely understand. Windows is, from what I understand, the most accessible of all the major operating systems.

                                                                                                                                                                                                                              But defending ads in the Start Menu, well….them’s fightin’ words. :)

                                                                                                                                                                                                                              1. 11

                                                                                                                                                                                                                                My communications skills are clearly lacking because I cannot comprehend a set of perceived statements from me that are farther from the truth.

                                                                                                                                                                                                                                As a matter of fact, I also run desktop Linux and as of Ubuntu 16/17 they’ve added key chorded full screen zoom which is an accessibility feature I need to make a computing environment usable.

                                                                                                                                                                                                                                What I actually said is that at the time I bought my laptop, I need a 17” screen and there were no AMD chipset laptops in that size available that I could see. Operating system didn’t even come into that aspect of the discussion.

                                                                                                                                                                                                                                And I’m not a Windows apologist. Honestly I think this typifies the kind of all or nothing thinking that hamstrings progress in the wider computing community. Either you’re with us or you’re against us. Some of us are willing to adopt a more nuanced view.

                                                                                                                                                                                                                                Windows is a tool. It serves some people’s needs admirably, others not so much. That is the alpha and omega of this situation, and all the meaningless bluster and back and forth is utterly pointless.

                                                                                                                                                                                                                            2. 12

                                                                                                                                                                                                                              The amount of Windows apologia in this thread is astonishing.

                                                                                                                                                                                                                              Not really. The lobste.rs community is designed with a lot of goals in mind, but if the About page is anything to go by, it was never explicitly designed to be a site for the promotion of Free Software. And, as they say in the TDD tribe, if you don’t explicitly test for it, it doesn’t happen.

                                                                                                                                                                                                                              (for context’s sake, I have a Windows VM and a few machines that I explicitly run it on, but I recently switched my main laptop back to Linux because I just couldn’t get used to how SLOW the filesystem operations were; I still have a Windows 10 VM that I occasionally boot up to test Windows software on and make sure it’s properly up-to-date)

                                                                                                                                                                                                                              1. 13

                                                                                                                                                                                                                                The lobste.rs community is designed with a lot of goals in mind, but if the About page is anything to go by, it was never explicitly designed to be a site for the promotion of Free Software.

                                                                                                                                                                                                                                If it were I would never have joined. I value a diversity of opinions.

                                                                                                                                                                                                                                1. 14

                                                                                                                                                                                                                                  I can’t speak to the original intent since I wasn’t there, but it is certainly my personal opinion that it’s important to have a variety of perspectives on this topic. I would bring that opinion to my moderation if it ever became relevant.

                                                                                                                                                                                                                                2. 4

                                                                                                                                                                                                                                  Of course, I know there are different opinions and I know that there are windows users, all I am saying is that after being a member for over two years and visiting the page for much longer, I was surprised to see how many people use windows, let’s say “willingly” (as opposed to the usual “I have to because of Software X/Job Y/Requirement Z/…”), as I rarely encountered this opinion until now. It’s kind of like if suddenly a lot of corporate COBOL enthusiasts would pop up.

                                                                                                                                                                                                                                  1. 9

                                                                                                                                                                                                                                    I was surprised to see how many people use windows, let’s say “willingly”

                                                                                                                                                                                                                                    Why is that surprising? It provides drivers for most hardware. You can run Microsoft Office (which a lot of people have to, to deal with paperwork at their day job), arguably the user interface is more usable/stable than GNOME/KDE, and you can run Linux programs via WSL [1].

                                                                                                                                                                                                                                    There are a lot of technical people who just optimize their environment for whatever they work on and want boring/predictable/mainstream/least-friction for the rest.

                                                                                                                                                                                                                                    I don’t see why people would have to apologize or defend themselves for using Windows, writing articles about Windows, or discussing Windows on lobste.rs.

                                                                                                                                                                                                                                    Disclaimer: I haven’t used Windows since Windows 3.1, outside for installing Windows every 2-3 years in a VM to observer what the state of that ecosystem is.

                                                                                                                                                                                                                                    [1] I work for a university, a lot of paperwork, collaboration on research project proposals, etc. requires Microsoft Office. Or to give a practical anecdote: when one of my students had problems using the university’s VPN, they literally said “oh, you try to use the VPN with Linux, you probably shouldn’t do that”.

                                                                                                                                                                                                                                    1. 8

                                                                                                                                                                                                                                      Why is that surprising? It provides drivers for most hardware. You can run Microsoft Office (which a lot of people have to, to deal with paperwork at their day job), arguably the user interface is more usable/stable than GNOME/KDE, and you can run Linux programs via WSL [1].

                                                                                                                                                                                                                                      I think this is a window into a very common personality attribute for technologists. We tend to hold our opinions so strongly that they come to be seen as concrete facts. I’ve fallen into this pattern innumerable times myself.

                                                                                                                                                                                                                                      1. 2

                                                                                                                                                                                                                                        Or to give a practical anecdote: when one of my students had problems using the university’s VPN, they literally said “oh, you try to use the VPN with Linux, you probably shouldn’t do that”.

                                                                                                                                                                                                                                        You used to be able to VPN into my university from Linux. Then they added 2FA and broke everything.

                                                                                                                                                                                                                                        1. 1

                                                                                                                                                                                                                                          You used to be able to VPN into my university from Linux. Then they added 2FA and broke everything.

                                                                                                                                                                                                                                          :(

                                                                                                                                                                                                                                          Our university actually supports three different VPNs. The easiest solution from Linux is the AnyConnect VPN, which works with openconnect. However, the VPN server returns incorrect incorrect routes, which breaks things by default with openconnect. I worked around this by using a custom openconnect script that sets the routes correctly.

                                                                                                                                                                                                                                          I have been using this without issues since I have started working remotely > 1 year ago. But now they are going to remove the AnyConnect support on April 1. Guess I have to figure out one of the two other VPN options, last time I tried, they didn’t work out of the box.

                                                                                                                                                                                                                                          Of course, using OpenVPN or Wireguard would be to easy ;).

                                                                                                                                                                                                                                      2. 8

                                                                                                                                                                                                                                        If you’re so surprised that people have this opinion, then it’s probably worth looking into why people have this opinion. Like for me, I’ve made it clear: I love Windows because it has AutoHotKey. I can easily tweak the computer to work exactly how I want. Below, I asked “how do I write a keyboard shortcut for ∃ in Linux?” the two answers I got were 1) use emacs, 2) install a library that doesn’t work on Wayland. Whereas with AutoHotKey I just write

                                                                                                                                                                                                                                        >^e:: Send, ∃
                                                                                                                                                                                                                                        

                                                                                                                                                                                                                                        Now right ctrl + e gives me ∃. This works anywhere and doesn’t require me to change the fundamentals of my OS.

                                                                                                                                                                                                                                        1. 2

                                                                                                                                                                                                                                          I love Windows because it has AutoHotKey.

                                                                                                                                                                                                                                          I don’t quite see what about AutoHotKey is intrinsically limited to windows. I have until yesterday never heard of it, but I don’t see why this couldn’t be ported to other operating systems. That aside, it’s not an OS feature, but in our world would rather be a counted as a window manager feature, and as such it’s not surprising that there is an X tool and a Wayland tool.

                                                                                                                                                                                                                                          Below, I asked “how do I write a keyboard shortcut for ∃ in Linux?”

                                                                                                                                                                                                                                          I gave the first answer, since you’re basically just doing a paler version of Emacs for the windows UI. But more importantly, you’re example really looks like a gimmick, or at least something very specific to a particular workflow. I could just as well ask you

                                                                                                                                                                                                                                          • how do you run shell scripts using at(1)
                                                                                                                                                                                                                                          • how do you pin a window to stay above others
                                                                                                                                                                                                                                          • how do you create dynamic workspaces
                                                                                                                                                                                                                                          • how do I install my own tool bar
                                                                                                                                                                                                                                          • how do I add a debian repository
                                                                                                                                                                                                                                          • how do I manage all updates centrally*
                                                                                                                                                                                                                                          • etc.

                                                                                                                                                                                                                                          I don’t think that most of these things are intrinsically possible or impossible because of the operating system – certainly don’t require the fundamentals of an operating system to change. Most of these questions work in favour of my argument, because the software has already been written for or by the system/users. But this is mostly a contingent fact. Whereas the principal values of the two systems, one being open to inspection and change the other being hidden from the public and it’s users, seems like a much more decisive factor if you ask me.


                                                                                                                                                                                                                                          Necessary rant: * without having each tool permanently prompting me to go download some updater from some wierd website I have to trust and run permanently, hoping it doesn’t install a toolbar I will not be able to get rid of, and conflicting with my permanently running anti virus program that wastes 80% of my CPU.

                                                                                                                                                                                                                                          1. 9

                                                                                                                                                                                                                                            I don’t quite see what about AutoHotKey is intrinsically limited to windows. I have until yesterday never heard of it, but I don’t see why this couldn’t be ported to other operating systems. That aside, it’s not an OS feature, but in our world would rather be a counted as a window manager feature, and as such it’s not surprising that there is an X tool and a Wayland tool.

                                                                                                                                                                                                                                            The difference is it hasn’t been. If you look for an equivalent on linux you find a mess of abandoned projects that only partially work. For Mac, there’s hammerspoon, which is significantly more complex.

                                                                                                                                                                                                                                            I’m also unsurprised you haven’t heard of AHK. You said earlier you’re astonished that people are defending Windows, which means you probably don’t know very much about how people actually use Windows.

                                                                                                                                                                                                                                            I gave the first answer, since you’re basically just doing a paler version of Emacs for the windows UI.

                                                                                                                                                                                                                                            The difference is that I now have to use Emacs, when AHK works for all windows. AHK acts as an overlay on top of everything else, so I can use it to hack in the behavior I want to any app.

                                                                                                                                                                                                                                            And I can still keep using Vim.

                                                                                                                                                                                                                                            But more importantly, you’re example really looks like a gimmick, or at least something very specific to a particular workflow.

                                                                                                                                                                                                                                            That’s because I gave one example of how I use AHK, where the answer to that by itself requires me to understand Linux and window managers pretty well. It’s specific to a particular workflow, but that’s the point: I can immediately customize the OS to my particular workflow without a deep understanding of how the OS works. I can give you a bunch other things I do with AHK:

                                                                                                                                                                                                                                            • Start and stop recording videos from my presentation clicker.
                                                                                                                                                                                                                                            • Make GUI for saving notes from clipboards into multiple seconds without it disrupting my current workspace view or losing my attention.
                                                                                                                                                                                                                                            • Switch between specific windows without alt-tabbing
                                                                                                                                                                                                                                            • Copy a url and title as a markdown link for easy transfer to another window
                                                                                                                                                                                                                                            • Firefox doesn’t have a keyboard shortcut for “start a screenshot”. Add one.
                                                                                                                                                                                                                                            • Add a bunch of unavailable shortcuts to the TLA+ IDE
                                                                                                                                                                                                                                            • Fave or unfave a song in spotify without having to switch to the spotify app
                                                                                                                                                                                                                                            • Clone a file (foo.md to foo.md.1) without having to stop editing the file, or remember how many copies I made
                                                                                                                                                                                                                                            • Toggle youtube playback from 1x and 1.25x tempo
                                                                                                                                                                                                                                            • Quickly drop hashtags into a twitter thread while trying to livetweet a conference, without messing up my clipboard

                                                                                                                                                                                                                                            I set up hotkeys for all of these. I’m sure I could do the same in Mac or Linux, but it wouldn’t be easy. I’d have to get a much deeper understanding of these systems than I already had, as opposed to using AutoHotKey, where the most complex of those features took me an hour. Are they gimmicks? Maybe! But they’re gimmicks that make my life much, much better.

                                                                                                                                                                                                                                            Sure, Windows might be “hidden from the public and it’s users”, but AHK made it easy to get work done. Reading XDG specifications did not.

                                                                                                                                                                                                                                            EDIT: Also, just to be clear about my background, I’ve used Linux as my only OS for several years, and yes I tried to do some of these things in Linux, too.

                                                                                                                                                                                                                                            1. 1

                                                                                                                                                                                                                                              The difference is it hasn’t been. If you look for an equivalent on linux you find a mess of abandoned projects that only partially work. For Mac, there’s hammerspoon, which is significantly more complex.

                                                                                                                                                                                                                                              Again, this is a particular problem, not something you can use to sustain your general claim. The fact that it hasn’t been until now means nothing to me, since this could just as well change tomorrow, but from your argument up to now, I don’t think that would instantly make you switch.

                                                                                                                                                                                                                                              Also, the fact that these projects aren’t being maintain, is somewhat of a sign to me that there isn’t a big need for them either? Or is it mere luck that AHK is being properly maintained on Windows?

                                                                                                                                                                                                                                              I’m also unsurprised you haven’t heard of AHK. You said earlier you’re astonished that people are defending Windows, which means you probably don’t know very much about how people actually use Windows.

                                                                                                                                                                                                                                              I know plenty of people who use windows, and I always hear the same issues, the same problems. When I watch them I mostly see them struggle, having issues or obvious inefficiencies. If they were not held hostage by propitiatory software developed exclusively for Windows, I am absolutely certain they would have a better user experience on other platforms.

                                                                                                                                                                                                                                              The difference is that I now have to use Emacs, when AHK works for all windows.

                                                                                                                                                                                                                                              Well that’s your problem: You leave Emacs ;^)

                                                                                                                                                                                                                                              (It’s kind of off-topic, but my point was that Emacs-like environments should allow users to configure keybidnings to whatever function one wishes, all of them inspectable by the user, and mostly redefinable during the run-time. This is the essence of a user-programmable system I argue is superior and neither hides nor distorts the users relation to the device)

                                                                                                                                                                                                                                              It’s specific to a particular workflow, but that’s the point: I can immediately customize the OS to my particular workflow without a deep understanding of how the OS works. […]

                                                                                                                                                                                                                                              Again, this is an entirely contingent argument for Windows, as you don’t explain why Linux cannot have this. I guess it’s cool, but I don’t see what makes it technically unique/exclusive.

                                                                                                                                                                                                                                              1. 5

                                                                                                                                                                                                                                                Also, the fact that these projects aren’t being maintain, is somewhat of a sign to me that there isn’t a big need for them either? Or is it mere luck that AHK is being properly maintained on Windows?

                                                                                                                                                                                                                                                From what I understand from my research the challenge is making something that works for everyone. Like the Wayland/X11 split by itself makes things tough. Sure, it’s technically feasible, but it’s going to be so much effort that people give up.

                                                                                                                                                                                                                                                Again, this is an entirely contingent argument for Windows, as you don’t explain why Linux cannot have this.

                                                                                                                                                                                                                                                Linux could have this. Windows already has this. I’m not going to switch back to Linux because it could eventually have a tool that I already use every day.

                                                                                                                                                                                                                                                1. 1

                                                                                                                                                                                                                                                  I responded to the first point in a sibling response to @feoh, but just to reiterate it here: AHK is a DE/WM feature, not a OS feature. A cross-DE implementation of a AHK-like would be like requiring a cross-Version implementation of AHK on windows. If the format is standardized, there’s no reason why each DE/WM couldn’t have something like this for itself, if it’s users want it.

                                                                                                                                                                                                                                                  Regarding the second point, I’m not asking anyone to switch because of a potential ability (in our case I don’t have to care), I only want to make the point that this isn’t a real argument for Windows as such.

                                                                                                                                                                                                                                                  1. 4

                                                                                                                                                                                                                                                    If the format is standardized, there’s no reason why each DE/WM couldn’t have something like this for itself, if it’s users want it.

                                                                                                                                                                                                                                                    The point is it doesn’t exist, and (if how much you dismiss the value is any indication) probably won’t exist. At best there will be “you get this subset of features with DE/WM A, this subset with DE/WM B”, etc. Which doesn’t help me.

                                                                                                                                                                                                                                                    “Windows has this feature that could exist for some Linux distro but doesn’t yet” is, in fact, a good argument for me continuing to use Windows. To make the argument problem a bit more clear:

                                                                                                                                                                                                                                                    “I like London better than Los Angeles.”

                                                                                                                                                                                                                                                    “Why? There’s nothing intrinsically better than London, and Los Angeles has better weather.”

                                                                                                                                                                                                                                                    “The public transit in London is better.”

                                                                                                                                                                                                                                                    “But Los Angeles could build better public transit, so your argument is invalid.”

                                                                                                                                                                                                                                              1. 1

                                                                                                                                                                                                                                                Thanks for the pointer. I’d heard hints about this on podcasts and other reading but concrete citations are always super helpful.

                                                                                                                                                                                                                                                From where I sit being able to say “Windows Defender is all you need, and it’s free and comes bundled with Windows 10” is a substantial quality of life boost from the bad old days when you had to trepidatiously choose and pay for some incredibly heavyweight antivirus package that would bog your system and throw up all kinds of annoying dialogs in the name of protecting you :)

                                                                                                                                                                                                                                                It’s just another example of aspects of “living” in Windows that used to be horrible and just aren’t anymore.

                                                                                                                                                                                                                                                That doesn’t mean Windows is superior or that everyone should run Windows as opposed to Linux or anything else, it’s just a data point which you can use to pick the tool set that works best for you.

                                                                                                                                                                                                                                              2. 4

                                                                                                                                                                                                                                                I don’t quite see what about AutoHotKey is intrinsically limited to windows. I have until yesterday never heard of it, but I don’t see why this couldn’t be ported to other operating systems. That aside, it’s not an OS feature, but in our world would rather be a counted as a window manager feature, and as such it’s not surprising that there is an X tool and a Wayland tool.

                                                                                                                                                                                                                                                Respectfully, you’re rules lawyering his personal preference. Think about whether that actually makes sense.

                                                                                                                                                                                                                                                1. 3

                                                                                                                                                                                                                                                  I actually don’t understand what you’re trying to say in response to that paragraph. I would appreciate if you could reword it.

                                                                                                                                                                                                                                                  1. 3

                                                                                                                                                                                                                                                    OK thanks. I won’t re-edit the original so anyone who cares to see the context can. Basically, the OP was saying “I love Windows because AutoHotKey gives me the flexibility I need to be able to configure all the important aspects of my system’s human interface.”

                                                                                                                                                                                                                                                    The reason Windows different from, say Linux is exactly as the OP said, Windows represents a single point of configurability for any given thing. There is ONE Windows desktop and ONE Windows API.

                                                                                                                                                                                                                                                    On Linux there are innumerable desktop environments, window managers, and even low level graphics toolkits or whatever X and Wayland actually are :)

                                                                                                                                                                                                                                                    It’s not that it’s impossible in LInux, but the diversity inherent in the platform makes it difficult and very inconvenient.

                                                                                                                                                                                                                                                    For them, and their preferences, that ease and convenience of the interface and implementation available to them today with zero work is what they in particular love about Windows.

                                                                                                                                                                                                                                                    By saying “There’s nothing special about Windows. You could do this all in Linux” it reads to me like you’re invalidating his preference with the existence of a theoretical possibility.

                                                                                                                                                                                                                                                    1. 0

                                                                                                                                                                                                                                                      I think the issue here is that you’re comparing Windows to all the various ways Linux can be used, which are basically all different systems. Just because by virtue of being a Kernel it can be used to run an OS, that in turn has multiple desktop environments, doesn’t mean that when you discuss something like AHK, a GUI extension, you get to argue via the kernel that this is a general issue of Linux. It might be seen as a deficiency of each DE, on it’s own, but this has no essential implication on the superiority of Windows in itself.

                                                                                                                                                                                                                                                      By saying “There’s nothing special about Windows. You could do this all in Linux” it reads to me like you’re invalidating his preference with the existence of a theoretical possibility.

                                                                                                                                                                                                                                                      The only think I am “invalidating” (a weird phrase) is the argument that the specific, contingent feature of AHK is a universal, essential argument for Windows/against “Linux”. You might call this theoretical, I call it clean.

                                                                                                                                                                                                                                                      1. 5

                                                                                                                                                                                                                                                        Your reply typifies a kind of closed mindedness I see as very unfortunate.

                                                                                                                                                                                                                                                        NOBODY is saying that Windows is superior and LInux is inferior! The OP simply said “These are reasons I find Windows meets my needs best.”

                                                                                                                                                                                                                                                        This is a community of crazy bright people, why can’t we seem to wrap our heads around the idea that not everything is a fight to the death, only one of us comes out alive, good versus evil argument?

                                                                                                                                                                                                                                                        The world is painted in shades of gray, and tool choices are the grayest !

                                                                                                                                                                                                                                                        1. 1

                                                                                                                                                                                                                                                          I would like to emphasise that I am not arguing as a linux fanboy. I have in the past made multiple critiques of Unix and Unix-like systems that makes it harder for me to defend the position you are pushing me into.

                                                                                                                                                                                                                                                          I will reiterate my point once more: Convenience and gimmicks are not worth trading in software freedom and user control in for. (“Necessity”, as in “I need windows because software X because of job”, is another debate).

                                                                                                                                                                                                                                                        2. 2

                                                                                                                                                                                                                                                          The only think I am “invalidating” (a weird phrase) is the argument that the specific, contingent feature of AHK is a universal, essential argument for Windows/against “Linux”. You might call this theoretical, I call it clean.

                                                                                                                                                                                                                                                          Re-reading his statements, I don’t see anything anywhere about it being a ‘universal, esssential’ argument for Windows and against LInux. The OP was stating a preference based on how easily they could customize *their” system in ways that tailored to their exact needs.

                                                                                                                                                                                                                                                  2. 0

                                                                                                                                                                                                                                                    I gave the first answer, since you’re basically just doing a paler version of Emacs for the windows UI.

                                                                                                                                                                                                                                                    I missed this in all the chop yesterday. This is a prime example of how you are perhaps unintentionally shoehorning someone else’s tool choice preferences into your rather constrained version of reality.

                                                                                                                                                                                                                                                    In my opinion there is exactly zero correlation between customizing a Windows system with AutoHotkey (Or an OSX system with Alfred, for example) and emacs.

                                                                                                                                                                                                                                                    In one case, we’re adding layers of nuanced refinement into a very rich and diverse existing ecosystem (AutoHotKey/Alfred) and in the other (emacs) we’re supplanting the entire operating system and its accompanying ecosystem and replacing ith with another paradigm entirely (which is incredibly powerful in its own right.)

                                                                                                                                                                                                                                                    1. 1

                                                                                                                                                                                                                                                      In one case, we’re adding layers of nuanced refinement into a very rich and diverse existing ecosystem (AutoHotKey/Alfred) and in the other (emacs) we’re supplanting the entire operating system and its accompanying ecosystem and replacing ith with another paradigm entirely (which is incredibly powerful in its own right.)

                                                                                                                                                                                                                                                      Correct my if I am wrong, but doesn’t AHK provide the ability to programmatically extend your system-interaction? If yes, then the results seem to go in the same direction as Emacs does, if not then the entire discussion was pointless.

                                                                                                                                                                                                                                                  3. 1

                                                                                                                                                                                                                                                    how do I write a keyboard shortcut for ∃ in Linux?

                                                                                                                                                                                                                                                    Maybe I’m just completely missing the point … but … what’s exactly the problem with “you add it to the keymap” that you encountered?

                                                                                                                                                                                                                                                  4. 6

                                                                                                                                                                                                                                                    Open your mind. Different people have different needs.

                                                                                                                                                                                                                                                    Also, just because I say that Windows is fitting my needs in a particular context doesn’t mean that I’m a Windows ‘apologist’ (Honestly I find that whole idea rather insulting. I’m an open source advocate and have been since before FLOSS was a thing.)

                                                                                                                                                                                                                                                    1. 4

                                                                                                                                                                                                                                                      I consider Windows harmful, not only to it’s users but to the user’s friends, colleagues and their work environments. It promotes a usage-paradigm and human-computer relation that I do not think should exist. I am dogmatic about this, and I know some people don’t like it, but until convinced otherwise, I will do everything I can to fight this problem, and at best grudgingly tolerate it.

                                                                                                                                                                                                                                                      1. 3

                                                                                                                                                                                                                                                        Respectfully this is exactly the kind of dogmatism that in my opinion slows the forward progress of our community and our field.

                                                                                                                                                                                                                                                        There are very few opinions in life one should be dogmatic about in my view. On the order of “Every human will die.” and maybe a handful of others.

                                                                                                                                                                                                                                                        1. 2

                                                                                                                                                                                                                                                          Well if we’re going to discuss dogmatism and it’s necessity, i think we’ve gone off-topic. Either way, I don’t think there’s much of a point in it.

                                                                                                                                                                                                                                                          1. 2

                                                                                                                                                                                                                                                            I don’t think it does. Linux and the ecosystem necessary to use it effectively wouldn’t have existed without the dogmatism of people who weren’t prepared to compromise with closed source software.

                                                                                                                                                                                                                                                            1. 3

                                                                                                                                                                                                                                                              Oh I couldn’t disagree more. Linux is rife with pragmatic decisions!

                                                                                                                                                                                                                                                              There is a vast difference between dogmatism and fervent dedication to a cause.

                                                                                                                                                                                                                                                    2. 5

                                                                                                                                                                                                                                                      I’m not sure what’s your point here. The OP argues that software centric person (such as visitor of this website) should clearly identify the faults of a closed operating system when this thread indicates otherwise.

                                                                                                                                                                                                                                                      It has nothing to do with the “purpose of lobste.rs”.

                                                                                                                                                                                                                                                    3. 7

                                                                                                                                                                                                                                                      OS is a service, you’re permitted to use.

                                                                                                                                                                                                                                                      Especially when they do stuff like prevent local account creation. I’m firmly convinced this is a step towards putting all users on a monthly Windows subscription.

                                                                                                                                                                                                                                                      The amount of Windows apologia in this thread is astonishing.

                                                                                                                                                                                                                                                      I use Windows for work, because I’m required to use Windows. I don’t hate it, but when I have a choice, I choose Linux (or a Mac). Windows just has a lot of enterprise business-like stuff tacked on and in my way, and bizarre and overcomplicated APIs written for it. It feels like the C++ of operating systems–folks starting bringing things into it without a clear vision and now it feels incoherent and overcomplicated with a lot of implicit behavior.

                                                                                                                                                                                                                                                      1. 4

                                                                                                                                                                                                                                                        See my comments elsewhere in this thread. I personally feel that the era of the commercial desktop computing operating system as we know it is slowly drawing to a close. Both Microsoft and Apple are transitioning towards models that map more cleanly to the tablet space where the computer is a black box appliance that allows for very little user configurability, but on the other hand provides very little surface area for people who WANT an appliance to confidently use the device without fear of going someplace they don’t understand how to get back from.

                                                                                                                                                                                                                                                        This is why, despite my personal choice to use Windows 10 as my “get work done” environment, I am staunchly committed to the advancement of LInux on the desktop, because once the commercial OSen become utterly hostile to tinkerers like us, it and other FLOSS environments like it will literally be the only show in town.

                                                                                                                                                                                                                                                      2. 5

                                                                                                                                                                                                                                                        It is however an incredibly accessible operating system, compared to whatever hodge-podge linux atrocity you’d prefer to torture someone with. Besides maybe Elementary OS, there is essentially no comparison in the usability of open source alternatives, which are designated “alternatives” correctly, because nobody that’s really honest with themselves would ever name them as a primary choice for a normal person’s graphical system.

                                                                                                                                                                                                                                                        1. 2

                                                                                                                                                                                                                                                          Windows issues aide, I’ve never understood the Elementary craze. I’ve tried it ( probably an early version) and half the things were unfinished, the other half wrong for me. Yet people adore it and compare it with the macos. I’ll have to try again, I guess.

                                                                                                                                                                                                                                                          1. 4

                                                                                                                                                                                                                                                            It’s probably just not the OS for you, and I’d really only compare the UX language to Windows because at the end of the day it’s still a Linux hodge-podge nightmare

                                                                                                                                                                                                                                                            1. 4

                                                                                                                                                                                                                                                              Yep, I’m a veteran user, past most of the distro hopping affinities and stuff. I still change things up now and then, but my primary interestis to have a stable environment. Don’t wanna fiddle with details as much.

                                                                                                                                                                                                                                                            2. 3

                                                                                                                                                                                                                                                              Funny thing - this is one of the points where I actually remember when starting with Linux.

                                                                                                                                                                                                                                                              If it wasn’t in the start menu, it didn’t exist. This was at a time when internet access wasn’t readily available and pre-Google. elementary does remind me of the first KDE/Gnome desktops of RedHat/SuSE 5/6 - everything kinda worked and it came with a good amount of stuff preinstalled that a person completely new to the system could just do stuff.

                                                                                                                                                                                                                                                              Looking at it from my current point of view (has it been 21 years of using Linux? damn) I think - compared to Windows - it has kept a bit of simplicity and is less in-your-face flashy and weird. But maybe it’s just me getting really familiar with computers at the time of Windows 95, where everything looked kinda spartan. I didn’t use it long enough to notice things being broken, though, just a few hours at a time.

                                                                                                                                                                                                                                                        2. 5

                                                                                                                                                                                                                                                          I installed Win 10 on my machine over a year ago and have not done anything special to it. It does not have any ads and there are no bloatware I have noticed, Metro is practically speaking non-existent for my user experience, and let’s not kid ourselves and say any Linux distro actually has a serviceable settings/control panel.

                                                                                                                                                                                                                                                          I’m all for using Linux and I use it practically every day, but from a usability standpoint, Linux doesn’t hold a candle to Windows. I wish it did, but you have to be delusional if you believe any Linux distros provide a comparable desktop experience.

                                                                                                                                                                                                                                                          2020 is still not the year of the Linux desktop.

                                                                                                                                                                                                                                                          1. 1

                                                                                                                                                                                                                                                            I agree, Desktops are a losing game anyway, butt Linux holds the mobile market. But all trolling aside, Windows is the unusable system for me, slow, clunky and gets in the way.

                                                                                                                                                                                                                                                          2. 14

                                                                                                                                                                                                                                                            Windows 10 has ads in the start menu, ass masquerading as security alerts, ads masquerading as software updates

                                                                                                                                                                                                                                                            All of which are trivially disable-able in Settings. This took me 10 minutes.

                                                                                                                                                                                                                                                            uninstallable bloatware

                                                                                                                                                                                                                                                            I’m going to pick on you for a moment here in the hopes that you have broad shoulders and can take it in the name of raising the level of discussion here. What do you mean by this? I’ve begun treating any use at all of the word “bloat” as tantamount to pointless trolling.

                                                                                                                                                                                                                                                            Does it use too much memory? Is it inefficient in terms of CPU usage? Does it take up too much storage?

                                                                                                                                                                                                                                                            Let’s at least all consider being a bit more specific in our complaints that we might be able to learn something from them.

                                                                                                                                                                                                                                                            a bizarre distinction between Metro and everything else (exemplified by the bifurcation of Settings and the Control Panel)….

                                                                                                                                                                                                                                                            Windows has always suffered from the lengths it goes to in the name of retaining compatibility. How much do you feel this actually impacts end users? (Honest question.)

                                                                                                                                                                                                                                                            1. 39

                                                                                                                                                                                                                                                              All of which are trivially disable-able in Settings. This took me 10 minutes.

                                                                                                                                                                                                                                                              Be that as it may, I shouldn’t have to disable ads in my operating system. I definitely don’t appreciate getting a “ding!” every so often (which sounds like a real notification) to remind me to sign up for OneDrive…

                                                                                                                                                                                                                                                              I’m going to pick on you for a moment here in the hopes that you have broad shoulders and can take it in the name of raising the level of discussion here. What do you mean by this? I’ve begun treating any use at all of the word “bloat” as tantamount to pointless trolling.

                                                                                                                                                                                                                                                              Does it use too much memory? Is it inefficient in terms of CPU usage? Does it take up too much storage?

                                                                                                                                                                                                                                                              Things like Xbox Games (or whatever it’s called), Paint, etc. They don’t take up too much space, or too much CPU…they just exist. They take up too much attention for something that I’m never going to use…and I should be able to install or uninstall any software I want on my computer, without resorting to unapproved hacks.

                                                                                                                                                                                                                                                              Windows has always suffered from the lengths it goes to in the name of retaining compatibility. How much do you feel this actually impacts end users? (Honest question.)

                                                                                                                                                                                                                                                              There’s a difference between backwards compatibility and “I want to do this, but the setting isn’t in Settings, it’s in Control Panel, and I don’t know when to use one or the other.” At least last time I used Windows 10 (within the last year or so), they would sometimes direct you from one to the other, but not always. So it definitely impacted me at least once.

                                                                                                                                                                                                                                                              1. 6

                                                                                                                                                                                                                                                                Just like I think an OS should ship with a text-editor that won’t be what most programmers use, I think it should ship with an image app with roughly the complexity of Paint. On both my work Macs, I found myself needing to make a trivial graphic, and not knowing what to use. GIMP was vastly over complicated for me, other apps were too paid for irregular use (and I didn’t know if I’d understand them).

                                                                                                                                                                                                                                                                1. 2

                                                                                                                                                                                                                                                                  Things like Xbox Games (or whatever it’s called), Paint, etc. They don’t take up too much space, or too much CPU…they just exist. They take up too much attention for something that I’m never going to use…and I should be able to install or uninstall any software I want on my computer, without resorting to unapproved hacks.

                                                                                                                                                                                                                                                                  I don’t mean to invalidate your perceptions here but.. Remove them from the start menu? At that point they’re invisible to you other than bits on the disk.

                                                                                                                                                                                                                                                                  There’s a difference between backwards compatibility and “I want to do this, but the setting isn’t in Settings, it’s in Control Panel, and I don’t know when to use one or the other.” At least last time I used Windows 10 (within the last year or so), they would sometimes direct you from one to the other, but not always. So it definitely impacted me at least once.

                                                                                                                                                                                                                                                                  That’s interesting. Whenever I want to change something, I type an approximation of that thing into the start menu and get the setting I need. I don’t try to guess where it is, I let the mechanism the OS provides guide me. YMMV of course.

                                                                                                                                                                                                                                                                  1. 11

                                                                                                                                                                                                                                                                    I don’t mean to invalidate your perceptions here but.. Remove them from the start menu? At that point they’re invisible to you other than bits on the disk.

                                                                                                                                                                                                                                                                    They tended to return after an update for me.

                                                                                                                                                                                                                                                                    In hope that this topic will amount to something more interesting than a Windows/Linux flame war, I would like to refer anyone who have not read this piece yet to do so now: Practical Ethics: Why It’s OK to Block Ads

                                                                                                                                                                                                                                                                    It’s important to note that the essential question here is not whether we as users are being manipulated by design. That is precisely what design is. The question is whether or not the design is on our side.

                                                                                                                                                                                                                                                                    I tend to prefer user agents that I can reasonably believe will not betray me.

                                                                                                                                                                                                                                                                    1. 10

                                                                                                                                                                                                                                                                      I don’t mean to invalidate your perceptions here but.. Remove them from the start menu? At that point they’re invisible to you other than bits on the disk.

                                                                                                                                                                                                                                                                      Bits on my disk. If I want them off of there, I should be able to do so trivially…especially when it’s code that I don’t know if it’s phoning home, monitoring my browsing, contains an RCE vuln, or doing whatever. Even if it’s just sitting there, if I want it gone, well…it’s my computer.

                                                                                                                                                                                                                                                                      1. 7

                                                                                                                                                                                                                                                                        Bits on the disk matter. Windows takes forever to update. Part of that surely is it updating the crapware it comes with.

                                                                                                                                                                                                                                                                        I’m going to pick on you for a moment here in the hopes that you have broad shoulders and can take it in the name of raising the level of discussion here. What do you mean by this? I’ve begun treating any use at all of the word “bloat” as tantamount to pointless trolling.

                                                                                                                                                                                                                                                                        Windows search is the worst search interface I think I’ve ever used. It almost never gives me what I want to search for, but web searches for it instead…

                                                                                                                                                                                                                                                                        1. 4

                                                                                                                                                                                                                                                                          That’s interesting, I haven’t noticed since Windows moved the update process to only happen when I login/logout or restart.

                                                                                                                                                                                                                                                                          It’s a different world from my wife’s old Windows 7 laptop which could sit for HOURS updating if you’d not turned it on in a bit.

                                                                                                                                                                                                                                                                    2. 22

                                                                                                                                                                                                                                                                      I shouldn’t have to disable it. It shouldn’t exist in the first place. It shouldn’t even be able to be enabled.

                                                                                                                                                                                                                                                                      1. 7

                                                                                                                                                                                                                                                                        I’m sure plenty of engineers at MS would love for you to tell this to the executives and shareholders.

                                                                                                                                                                                                                                                                        1. 9

                                                                                                                                                                                                                                                                          That’s exactly the problem, isn’t it?

                                                                                                                                                                                                                                                                          This tension between what the business wants and what the users want is precisely what leaves a nasty taste in my mouth (and many other people too, judging from the comments). Even if I wasn’t already completely brain-washed into the UNIX way of working (and preferring the command line in general, since I got started with Commodore BASIC and DOS), I’d still happily use a less shiny, less polished UI just to get rid of all that bullshit.

                                                                                                                                                                                                                                                                          The computer exists purely to serve me, not some corporate agenda. And with all the global spying that’s going on I feel even less inclined to use an OS that has unknown other goals aside from being the most efficient platform to run applications (because that’s the only thing an OS should do).

                                                                                                                                                                                                                                                                          1. 2

                                                                                                                                                                                                                                                                            The computer exists purely to serve me, not some corporate agenda

                                                                                                                                                                                                                                                                            The free software movement exists because of affordable hardware created by corporate activity.

                                                                                                                                                                                                                                                                            Edit I should expand -

                                                                                                                                                                                                                                                                            • Linux was created because Linus T + friends had access to cheap x86 hardware. This was because of the IBM PC era dominated by MSFT/Intel
                                                                                                                                                                                                                                                                            • Before Linux, most free software was created in universities, many of who relied on corporate largesse/donations/taxes to function and buy the hardware to develop on.
                                                                                                                                                                                                                                                                            1. 4

                                                                                                                                                                                                                                                                              Pure hardware companies arguably have much less opportunity to make the computer do things that are opposed to the user’s desires. In a sense, we got very lucky that the IBM PC was designed as an open system and got so incredibly popular. Otherwise we’d be stuck in a situation like the Apple or game console ecosystems, where the software companies control the entire stack down to the hardware and running alternative software isn’t really supported (or even possible).

                                                                                                                                                                                                                                                                            2. 1

                                                                                                                                                                                                                                                                              How did you acquire your computer?

                                                                                                                                                                                                                                                                        2. 21

                                                                                                                                                                                                                                                                          All of which are trivially disable-able in Settings. This took me 10 minutes.

                                                                                                                                                                                                                                                                          I’m not a heavy Windows user. But I have tried to disable the advertised apps in the start menu, and I have not found any lasting success. Every time I think I’ve effectively removed them, a few days/weeks later, Candy Crush Saga or its ilk reappears in my start menu.

                                                                                                                                                                                                                                                                          I don’t doubt your statement that there’s a way to disable them long-term or even permanently. And I’d not be surprised if you’re correct that such disablement is easily executed.

                                                                                                                                                                                                                                                                          But that process is certainly not trivially discoverable, for me, anyway. And judging from the number of start menus I see those tiles in, I don’t think it is for most people.

                                                                                                                                                                                                                                                                          1. 8

                                                                                                                                                                                                                                                                            Hate to be that person, but my start menu has only had the tiles I’ve put on it for over a year now, and I haven’t once had those things “return”.

                                                                                                                                                                                                                                                                            1. 3

                                                                                                                                                                                                                                                                              OK. My Win 10 install dates from before they brought back the start menu. As soon as they did, it had tiles for candy crush saga and a few other similar things on it. I right-clicked those tiles and removed them. They went away. Then they came back after an update or two. I removed them again. Since then, more games have come back despite that Win 10 Pro install never having been used to sign into the store, let alone play a game.

                                                                                                                                                                                                                                                                              I’ve tried every trick google shows to stop that from happening. Games keep coming back. Different games each time, I think, but games being advertised from the store all the same.

                                                                                                                                                                                                                                                                              Maybe the problem is that I’m using Win10 Pro and I need a different SKU to be able to tell it “this is an install for compiling software. keep all games away.”

                                                                                                                                                                                                                                                                              1. 3

                                                                                                                                                                                                                                                                                Strange, I’m only on W10 Home. Maybe in your attempts to make these things go away you’ve accidentally flipped a registry variable that says please make me suffer with more game promotions 😅

                                                                                                                                                                                                                                                                                1. 1

                                                                                                                                                                                                                                                                                  I have the vague impression that a clean installation might help. i.e. some setting that used to be more persistent in early versions of W10 got locked in for me and wouldn’t if I started fresh. But getting my scripted builds of OpenSSL and Boost back to where they should be is just enough of a headache that I’d rather give the games a dirty look and then move on (for now).

                                                                                                                                                                                                                                                                                  I do really want to get my head around what people consider good practices for a (mostly non-interactive) Windows build box these days. I find it hard to believe Win 10 Pro with Visual Studio is the current state of the art, but figuring out what is just hasn’t bubbled up to the top of my to-do list yet.

                                                                                                                                                                                                                                                                                  1. 4

                                                                                                                                                                                                                                                                                    At a previous $job we had to deal with these things since a lot of our infra (including things that honestly shouldn’t have been, such as in the embedded space) was windows, but for the sake of lending advice I was sadly never put to task working on the powershell script used to initialize windows images. I can tell you just that, though; if it’s professional Windows management there’s always powershell involved.

                                                                                                                                                                                                                                                                            2. 1

                                                                                                                                                                                                                                                                              Thank you that’s a very good point. I’ll admit I Googled and found an article which signposted them all :)

                                                                                                                                                                                                                                                                              1. 1

                                                                                                                                                                                                                                                                                I did that too. If the first one you found has continued to keep them out of that menu through a few “feature updates” you found a better one than I did.

                                                                                                                                                                                                                                                                            3. 9

                                                                                                                                                                                                                                                                              All of which are trivially disable-able in Settings. This took me 10 minutes.

                                                                                                                                                                                                                                                                              That’s nice they can be disabled now, but

                                                                                                                                                                                                                                                                              1. they might not be in the future

                                                                                                                                                                                                                                                                              2. do you really want to trust a company that implements this as opt-in by default

                                                                                                                                                                                                                                                                              3. since it’s proprietary, you don’t really know if they are honoring your settings completely (especially around ‘telemetry’)

                                                                                                                                                                                                                                                                              1. 1

                                                                                                                                                                                                                                                                                As I’ve said ad infinitum in this thread - I am making the pragmatic choice to use Windows today, but I’m convinced that the era of the commercial desktop operating system is coming to a close, so I’m committed to ensuring that desktop Linux improves over time, because ultimately I think that and other FLOSS environments like it will be the ONLY choice for tinkerers like us.

                                                                                                                                                                                                                                                                                I run both. I use Windows 10 and Ubuntu 19.10 and love them both in different ways for different tasks.

                                                                                                                                                                                                                                                                                I love the fact that people are building so many amazing creative wonderful things in the Linux space, but I can’t reliably use that as my bedrock ‘production’ environment because, depending on which package I install and what it does, I might easily render my Linux partition unbootable.

                                                                                                                                                                                                                                                                                So I treat my Linux install like a mad scientist’s lab that might explode at any moment but might also product the next wonder of the world, and my Windows install as the rock solid place where my cushy hyper configured environment lives along with my productivity tools, IDE, etc.

                                                                                                                                                                                                                                                                                That works very well for me right now.

                                                                                                                                                                                                                                                                              2. 8

                                                                                                                                                                                                                                                                                The problem is that starting with Windows 8, Microsoft tried to shoehorn their entire userbase into a mobile operating system. Thats fine if your device is a phone.

                                                                                                                                                                                                                                                                                But some users device is a desktop computer, and a mobile operating system isnt, never was, and never will be appropriate for that use case.

                                                                                                                                                                                                                                                                                Until that is understood, and two different flavors of Operating System are allowed to exist and flourish, Windows wont be as good as it once was.

                                                                                                                                                                                                                                                                                Windows is my primary Operating System. But until this Metro stuff is over and dead I am afraid that Windows 7 might be my last Windows OS.

                                                                                                                                                                                                                                                                                1. 6

                                                                                                                                                                                                                                                                                  Have you tried a modern windows 10 os? If you remove the tiles from the start menu, you get a classic start experience exactly like what you are used to. Beyond that touch oriented features have been integrated in such a way that they don’t ever get in your way. I don’t think the argument that Windows 10 is a “touch oriented os” holds any water anymore.

                                                                                                                                                                                                                                                                                  1. 3

                                                                                                                                                                                                                                                                                    ok and what about Cortana?

                                                                                                                                                                                                                                                                                    1. 4

                                                                                                                                                                                                                                                                                      What about it? It takes two clicks to hide the search bar and I’ve never seen Cortana since.

                                                                                                                                                                                                                                                                                        1. 2

                                                                                                                                                                                                                                                                                          That’s only if you want to rip it out of the system completely, not sure why you’d even do that other than on principle. You can just not open it.

                                                                                                                                                                                                                                                                                      1. 1

                                                                                                                                                                                                                                                                                        Again. Try a modern version of win 10. The Cortana crap can be easily hidden and you get a start menu just like the good old days.

                                                                                                                                                                                                                                                                                    2. 4

                                                                                                                                                                                                                                                                                      How does this materially impact you? I’m interested in things you need to do that it scuppers, or blocks completely.

                                                                                                                                                                                                                                                                                      1. 13

                                                                                                                                                                                                                                                                                        I know you didn’t mean it this way, but it sounds like victim blaming. “Microsoft changed how they do things you are paying money for, but are you sure you’re inconvenienced enough to complain?”

                                                                                                                                                                                                                                                                                        1. 3

                                                                                                                                                                                                                                                                                          I’m sorry it came off that way, especially with the use of “materially.” The original post threw around a number of fairly abstract reasons for not liking it and I was looking for more concrete examples of how this causes a breakdown. There is also an argument to made that the terminology used isn’t accurate for Windows 10, but soliciting more detail is probably the best response.

                                                                                                                                                                                                                                                                                        2. 3

                                                                                                                                                                                                                                                                                          An example that bit me (though a couple years ago, so may have changed since I last set up a new machine):

                                                                                                                                                                                                                                                                                          The Onenote UWP app from the windows store is preinstalled and difficult to remove. However it isn’t completely compatible with the win32 app included with office – if you’re sharing notebooks with office users and setting permissions w/ AD you can’t use the windows store version. You can install the office version, and it sort of takes over, but not quite 100%. So you end up with some onenote links working correctly in your win32 app, but others sometimes opening the store app instead. And when that happens it then tries to take over as the default onenote app again, screwing everything up in the process, and you need to clean up a bunch of prefs that get changed out from under you.

                                                                                                                                                                                                                                                                                          I finally found some combination of settings in both apps, the system default apps settings, and a manual registry hack that seems to have permanently fixed it. But, until I found that, using Onenote was a daily struggle due to the preinstalled nonsense that I didn’t want to use.

                                                                                                                                                                                                                                                                                          1. 1

                                                                                                                                                                                                                                                                                            Its not just what I listed. Its other problems, like making people resort to registry hack to remove unwanted features:

                                                                                                                                                                                                                                                                                            https://www.howtogeek.com/265027/how-to-disable-cortana-in-windows-10

                                                                                                                                                                                                                                                                                            or blocking local account creation (LOL?):

                                                                                                                                                                                                                                                                                            https://www.howtogeek.com/442609/confirmed-windows-10-setup-now-prevents-local-account-creation

                                                                                                                                                                                                                                                                                            its these comically bad, user hostile decisions that keep me from upgrading.

                                                                                                                                                                                                                                                                                          2. 3

                                                                                                                                                                                                                                                                                            A lot of people have said that this bifurcation has been all but healed in Windows 10. Clearly remnants remain, but they certainly haven’t gotten in my way so your mileage clearly varies.

                                                                                                                                                                                                                                                                                          3. 8

                                                                                                                                                                                                                                                                                            All of which are trivially disable-able in Settings. This took me 10 minutes.

                                                                                                                                                                                                                                                                                            This is not an excuse for user-hostile behaviour.

                                                                                                                                                                                                                                                                                            1. 1

                                                                                                                                                                                                                                                                                              All of which are trivially disable-able in Settings. This took me 10 minutes.

                                                                                                                                                                                                                                                                                              …. and the next time they come back it takes 20 minutes. And after that it involves kernel pacthes. And then firmware hacks.

                                                                                                                                                                                                                                                                                              At least for me, this is a matter of self-respect, not a matter of time. But I guess some people strongly prefer being pushovers to drawing a line in the sand and accepting whatever slight inconvenience comes with it.

                                                                                                                                                                                                                                                                                            2. 3

                                                                                                                                                                                                                                                                                              For anyone looking for a power user’s alternative to control panel I recommend creating an empty folder, naming it LobsterMode.{ED7BA470-8E54-465E-825C-99712043E01C}, and then clicking it to see what happens.

                                                                                                                                                                                                                                                                                            1. 7

                                                                                                                                                                                                                                                                                              I think this will be my first year of using exclusively Windows after like 15 years. All started when I got a small Debian netbook from my father. Used Windows pretty much exclusively for gaming after that. Now I run it both on my laptop and on my PC. Well I do all my work through Msys2, I have bash and basic Linux utilities and a package manager which is basically all I ever needed.

                                                                                                                                                                                                                                                                                              I got burnt out from fixing things. I got burned out from being tempted to break them. Took me a while to realize I actively don’t want to know how to fix anything pacman related, or WM related, or anything like that.

                                                                                                                                                                                                                                                                                              Linux is a bad fit for me because I’m a perfectionist. Even when I’d fix something I had this unshakeable feeling that I’ve ‘muddied’ my system, that it still might tacitly be in an invalid state. Yet I never put in enough energy to become truly proficient with stuff, only fragments.

                                                                                                                                                                                                                                                                                              Here’s a snarky twitter thread in this vein: https://twitter.com/garybernhardt/status/1078389370741186560

                                                                                                                                                                                                                                                                                              1. 7

                                                                                                                                                                                                                                                                                                Actually I feel the other way round about Linux vs other systems. I can only achieve simple and fully reproducible setups using Linux.

                                                                                                                                                                                                                                                                                                The key is cherrypicking appropriate hardware and simple standard components. In my case, I find all-Intel machines plus a simple userland (StumpWM, Emacs, Firefox and XTerm) are incredibly nice to use. For this I employ both NixOS and Archlinux.

                                                                                                                                                                                                                                                                                                1. 7

                                                                                                                                                                                                                                                                                                  Yup. Brains are different. For you, the shortcomings that are unclimbable mountains for some are barely noticeable.

                                                                                                                                                                                                                                                                                                  I do think that with things like WSL and Powershell, Windows is beginning to approach the same level of customizability, but its interfaces for accomplishing what you want are probably not to your liking.

                                                                                                                                                                                                                                                                                                  That’s the whole point, it’s about finding the interface that feels good to you while appreciating that it isn’t the same way for everyone.

                                                                                                                                                                                                                                                                                                  1. 3

                                                                                                                                                                                                                                                                                                    Thanks, I am interested in learning what makes Windows superior to Linux for your usecase aside from hardware compatibility.

                                                                                                                                                                                                                                                                                                    In my case, I love Linux due to minimal distros (few moving parts) and declarative configurations plus rollbacks (Nix and dotfiles).

                                                                                                                                                                                                                                                                                                    1. 2

                                                                                                                                                                                                                                                                                                      I had switched from Linux to macOS in 2007, because it was so much more polished (it still is) and had so much better applications (still does). But NixOS is what brought me back to the Linux on the desktop fold. Being able to define your machines and development environments declaratively is an enormous win. I can check out a project repository on a new machine and I have exactly the same CUDA, PyTorch, etc. versions.

                                                                                                                                                                                                                                                                                                      (Yes I know that Nix works on Darwin and I use it on my MacBook, but NixOS is more encompassing + Linux is better supported by Nix.)

                                                                                                                                                                                                                                                                                                  2. 1

                                                                                                                                                                                                                                                                                                    I hate simplicity and the best way to achieve reproducibility is to not ever have to reproduce anything:)

                                                                                                                                                                                                                                                                                                  3. 5

                                                                                                                                                                                                                                                                                                    Msys2 is a good solution, WSL is excellent in my experience.

                                                                                                                                                                                                                                                                                                    And it’s only getting better, there’s a HUGE amount of effort being invested in making it a first class development environment from Ubuntu and Microsoft. I’m psyched to see what evolves in that space.

                                                                                                                                                                                                                                                                                                    And I totally agree, I have both installed on my laptop and very much enjoy having Linux around to play with the amazing toys the mad scientists come up with and do crazy experiments on, but when I Need to Get Work Done (and this is gonna make the diehard *NIX folks bristle, sorry folks :) I boot into Windows and stop worrying about it.

                                                                                                                                                                                                                                                                                                    1. 1

                                                                                                                                                                                                                                                                                                      WSL1 has extremely poor IO performance, to the point where it is almost unusable in certain situations. I’ve since switched to using an ‘always-on’ Linux VM using hyper-v that I just SSH into. Much better performance and support for all Linux programs that way. I’m looking forward to WSL2 though, which is just actual Linux running in a VM.

                                                                                                                                                                                                                                                                                                      1. 1

                                                                                                                                                                                                                                                                                                        Yes I’m very much looking forward to WSL2 as well. I now wish I’d bought the Pro version so I could run the preview, but unfortunately their marketing doesn’t mention anything about Pro having expanded Hyper-V container hosting capabilities.

                                                                                                                                                                                                                                                                                                    2. 4

                                                                                                                                                                                                                                                                                                      I got burnt out from fixing things. I got burned out from being tempted to break them. Took me a while to realize I actively don’t want to know how to fix anything pacman related, or WM related, or anything like that.

                                                                                                                                                                                                                                                                                                      Don’t break things then? Linux systems don’t randomly break like Windows systems do. They just work, reliably, the same way, until you change them. People that complain about their Linux systems breaking inevitably are doing stuff like installing dozens of AUR packages. Installing loads of crappy third party software is going to have negative effects on any operating system.

                                                                                                                                                                                                                                                                                                      Here’s a snarky twitter thread in this vein: https://twitter.com/garybernhardt/status/1078389370741186560

                                                                                                                                                                                                                                                                                                      This is the problem with Twitter. We don’t see any of the replies to his tweets, we just see him unfairly and inaccurately paraphrasing what people say and arguing against that. And it’s impossible to argue against his claims anyway.

                                                                                                                                                                                                                                                                                                      His original tweet is about the Linux desktop, and as soon as people point out that the Linux experience on desktop is completely fine today, he pivots to talking about laptops, which aren’t desktops. Someone points out that other platforms also don’t work reliably (no shit! none of them work reliably) and says “Buy a new Mac. Open the lid. The trackpad works. The sound works. The WiFi works. Emoji works. 3D acceleration works. Close the lid. It sleeps. Open the lid again. It wakes from sleep.” Like mate, you can get Linux laptops where all those things work too…

                                                                                                                                                                                                                                                                                                      Every time anyone responds to his point, he shifts the goalposts.

                                                                                                                                                                                                                                                                                                      1. 6

                                                                                                                                                                                                                                                                                                        Linux systems don’t randomly break like Windows systems do.

                                                                                                                                                                                                                                                                                                        In my experience this is very incorrect. I’ve been using Windows 10 for the last couple years with no real issues. Prior to that I was using Ubuntu and had random things break almost once a week. You could say it was my fault for using third party package sources to install current versions of software that was unavailable in the official sources despite having been released for six months, but things like that simply don’t happen on Windows in my experience.

                                                                                                                                                                                                                                                                                                        1. 1

                                                                                                                                                                                                                                                                                                          In my experience Windows 10 breaks constantly in weird ways and Linux is very reliable. And that’s certainly not my fault!

                                                                                                                                                                                                                                                                                                          Random things literally cannot break ‘once a week’ on Linux unless you’re changing things once a week. You complain about needing to use third party packages then also complain about stability. Like, the whole point of the official repositories not being the most recent version of packages is stability!

                                                                                                                                                                                                                                                                                                        2. 3

                                                                                                                                                                                                                                                                                                          Like mate, you can get Linux laptops where all those things work too…

                                                                                                                                                                                                                                                                                                          I think that’s the thing; he’s comparing Apples to oranges^Wrandom hardware and throwing Linux on it. I am constantly disappointed by stuff not working in Debian on some Thinkpads (my current work machine has a weird issue with the display driver on multi monitor and my home laptop’s microphone doesn’t seem to work at all), but then those weren’t actually designed to run Linux. Try running MacOS on a random janky piece of shit PC hardware “designed for Windows” and see how well you fare. Then complain on Twitter and watch the number of people claiming their Hackintosh works just fine, thankyouverymuch.

                                                                                                                                                                                                                                                                                                          By the way, what “designed for Linux” laptops can you recommend? I’m slowly starting to think about replacing my x230 and I don’t intend on buying another Lenovo. Ever.

                                                                                                                                                                                                                                                                                                          1. 2

                                                                                                                                                                                                                                                                                                            Like mate, you can get Linux laptops where all those things work too…

                                                                                                                                                                                                                                                                                                            I bought a HP laptop this year and stripped off Windows and put on OpenSUSE. It’s a niche distro, and neraly everything just worked (except codecs, but just add Packman). I haven’t had to configure much since set up either. I know people have gotten themselves into trouble with pacman, and I’ve gotten myself in a world of hurt in both apt and yum before, but zypper seems to do the right thing most of the time. I spent many college nights tinkering to get things to work, but things are 1000x better today.

                                                                                                                                                                                                                                                                                                            1. 2

                                                                                                                                                                                                                                                                                                              Don’t break things then?

                                                                                                                                                                                                                                                                                                              They break by themselves. Constantly. Even if accomplishing basic things didn’t require a level of involvement from the user much higher than that in Windows, even Ubuntu tended to break just from basic updating.

                                                                                                                                                                                                                                                                                                              Linux systems don’t randomly break like Windows systems do.

                                                                                                                                                                                                                                                                                                              I genuinely can’t recall Windows ever breaking, except once when I had a hardware issue that was causing BSODs.

                                                                                                                                                                                                                                                                                                              People that complain about their Linux systems breaking inevitably are doing stuff like installing dozens of AUR packages.

                                                                                                                                                                                                                                                                                                              Oh man you use Arch and actually have no trouble stating that it doesn’t break literally randomly?? This is a meme even in hardcore Linux enthusiast communities because of how often that happens.

                                                                                                                                                                                                                                                                                                              1. 4

                                                                                                                                                                                                                                                                                                                They break by themselves. Constantly.

                                                                                                                                                                                                                                                                                                                They literally do not. This is not up for debate. Software does not spontaneously break. You change things and it breaks. Its developers change things and it breaks. But it does not spontaneously break.

                                                                                                                                                                                                                                                                                                                Even if accomplishing basic things didn’t require a level of involvement from the user much higher than that in Windows

                                                                                                                                                                                                                                                                                                                Like what? Beyond installing it in the first place. That computers almost all still come with Windows is a perfect example of the failure of anti-monopoly laws, not a point against Linux.

                                                                                                                                                                                                                                                                                                                I genuinely can’t recall Windows ever breaking, except once when I had a hardware issue that was causing BSODs.

                                                                                                                                                                                                                                                                                                                Windows is notoriously unreliable. I can’t understand how someone could even type the words ‘I genuinely can’t recall Windows ever breaking’. It’s an operating system that’s so unreliable that people have to regularly reinstall it to avoid it becoming slowed down by its own decay!

                                                                                                                                                                                                                                                                                                                Oh man you use Arch and actually have no trouble stating that it doesn’t break literally randomly?? This is a meme even in hardcore Linux enthusiast communities because of how often that happens.

                                                                                                                                                                                                                                                                                                                It’s a meme specifically because of the ease with which you can install third party packages. If you don’t do that then it doesn’t break basically ever unless you completely ignore the announcements every year or so that you need do so something beyond updating all your packages for some reason.

                                                                                                                                                                                                                                                                                                                If Arch did break more than other distros then that would just confirm that the issue is the software breaking and not the operating system, because the only difference between Arch and other distros is that it’s rolling release and doesn’t patch its packages.

                                                                                                                                                                                                                                                                                                                1. 4

                                                                                                                                                                                                                                                                                                                  They literally do not. This is not up for debate. Software does not spontaneously break. You change things and it breaks. Its developers change things and it breaks. But it does not spontaneously break.

                                                                                                                                                                                                                                                                                                                  Yeah, it can, assuming it’s stateful and you actually use it. I’ve had stock installs of Debian run out of disk space because of too many log files.

                                                                                                                                                                                                                                                                                                            2. 2

                                                                                                                                                                                                                                                                                                              I’m sometimes tempted to go Windows only but I always have to dual boot to Windows on a number of machines and the consistent micro lags (30 - 150 ms) on brand new top-of-the-line hardware drives me crazy :-/

                                                                                                                                                                                                                                                                                                            1. 1

                                                                                                                                                                                                                                                                                                              https://markfischerjr.com/ - Static website using Jekyll and a custom theme. I manage it using forestry.io and netlify because maintaining a stable ruby environment on my personal machines was becoming a huge hassle. If I ever switch technologies, I’ll switch to something with standalone binaries.

                                                                                                                                                                                                                                                                                                              1. 3

                                                                                                                                                                                                                                                                                                                I’d be interested in reading a summary of what issues you had, and how you think the best way is to avoid them.

                                                                                                                                                                                                                                                                                                                1. 4

                                                                                                                                                                                                                                                                                                                  The biggest obstacle to old clients in my experience is HTTPS, with most of the web, with Google’s pushing, now being https-only, and thus inaccessible to older browsers. Ironically, google.com and the search remains accessible to most browsers.

                                                                                                                                                                                                                                                                                                                  The second is probably new JavaScript syntax like === and try/catch, which cause parsing errors. JavaScript is generally designed in a way which makes it easy to do feature checks, so I can wrap everything in if(window.localStorage), but I can’t do that with ===. New syntax causes errors in older browsers, and I’ve had to rewrite certain things.

                                                                                                                                                                                                                                                                                                                  I am using one third-party library, OpenPGP.js, which is heavy on new syntax and features, and I will have to selectively load it only for new clients, which I have not figured out how to test for yet.

                                                                                                                                                                                                                                                                                                                  Another issue is that Mosaic considers > to be enough to close an HTML comment, not –>, meaning in-HTML scripts cannot include a > character. I noticed this before, and I found a couple of easy techniques in old JS books and by trial and error to work around this, but it meant combing through all of my JS and replacing if (a>b) with if (b>a), etc.

                                                                                                                                                                                                                                                                                                                  1. 1

                                                                                                                                                                                                                                                                                                                    The biggest obstacle to old clients in my experience is HTTPS, with most of the web, with Google’s pushing, now being https-only, and thus inaccessible to older browsers. Ironically, google.com and the search remains accessible to most browsers.

                                                                                                                                                                                                                                                                                                                    Why should that be an issue? You’d think that this would only be a problem, if you force-redirected HTTP traffic to HTTPS, but I don’t know why one should do that in your case.

                                                                                                                                                                                                                                                                                                                    1. 1

                                                                                                                                                                                                                                                                                                                      It’s not an issue on my sites, but it’s an issue with almost every other website across the web at this point.

                                                                                                                                                                                                                                                                                                                      One of the last holdouts was aol.com, until a year or two ago.

                                                                                                                                                                                                                                                                                                                      If I didn’t have my own HTTP site, I’m not sure how I would log in to captive WiFi portals…

                                                                                                                                                                                                                                                                                                                      1. 1

                                                                                                                                                                                                                                                                                                                        For other people’s reference, the site http://neverssl.com/ exists for exactly this purpose.

                                                                                                                                                                                                                                                                                                                        1. 1

                                                                                                                                                                                                                                                                                                                          Ironically, this page doesn’t display without javascript

                                                                                                                                                                                                                                                                                                                          1. 1

                                                                                                                                                                                                                                                                                                                            Which page? http://neverssl.com/ doesn’t use any javascript for rendering, the only js used is for the twitter button.

                                                                                                                                                                                                                                                                                                                1. 1

                                                                                                                                                                                                                                                                                                                  IMO the best syntax highlighting is the syntax highlighting that works for you.