1. 5

    It’d be interesting to create an ad-blocking, anti-tracking search engine whose search results only return pages that don’t contain “bad stuff”. It could allow users to pick a set of filter lists, similar to uBlock’s filter lists, and if a page is triggered by one then it’s removed from the person’s search results.

    I think one problem with the “user-hostile web”, though, is that the entities creating the content people want the most, and the platforms hosting them, are 100% okay with it being user-hostile.

    1. 2

      I started working on one like it. I plan to not index anything matching e.g. the Easy List. Also I think about penalizing JavaScript use. I did too little research on this regard to be sure what exactly to do. At first maybe I will not index all sites with JavaScript. Maybe there could be allowed limit of JavaScript in single digit kilobytes or percentage.

      I hope that it will result in small enough operation to make it viable. It may be possible to make the index available to download. Using torrent and some smart mechanism for updates. Then with local application only crawling would be done by me.

      1. 0

        At first maybe I will not index all sites with JavaScript. Maybe there could be allowed limit of JavaScript in single digit kilobytes or percentage.

        Note that JavaScript is required for a good user experience these days. It may not have anything to do with tracking you.

        1. 2

          I am not a user for whom good experience of viewing text or images ever requires JavaScript. From the statements here, I would assume neither is @hawski.

          I do agree with you that some things like voting or commenting can benefit from scripts, and it may be a better position to ignore these parts (as long as they are first-party) than to penalize them.

    1. 4

      Key quote:

      And this is what we often fail to realize: without its users—without you— Facebook would be nothing. But without Facebook, you would only be inconvenienced. Facebook needs you more than you need it.

      1. 1

        It’s /not/ fine to imply that they have hidden (and bad) motives

        What if someone actually does?

        or declare them [..] deliberately obtuse (i.e. 2). This has no place in our public conversations.

        Someone might well be deliberately obtuse too. So whenever one of these is actually the case, then you’re saying truth has no place in that conversation.

        1. 2

          I’d be curious to here if things like cython, or the great C API Python has were tried where speed mattered? It seems to me that the natural evolution is to replace the bottlenecks first, and if that fails, replace everything.

          But, I might be old school in my thinking…

          1. 4

            Disclaimer: CTO of Stream here. We experimented writing Cython code to remove bottlenecks, it worked for some (eg. make UUID generation and parsing faster) and think that’s indeed good advice to try that before moving to a different language. We still decided to drop Python and use Go for some parts of our infrastructure mainly for these three reasons:

            1- Writing Cython is challenging, in our case several parts of our code bases needed to be rewritten 2- In some cases using our fast C code required patching lot of code (eg. Python Cassandra Driver) 3- Python+Cython was still much slower compared to Go

            1. 2

              1- Writing Cython is challenging, in our case several parts of our code bases needed to be rewritten

              More challenging that spinning up an entire engineering team on Go, and rewriting everything?

              2- In some cases using our fast C code required patching lot of code (eg. Python Cassandra Driver)

              Yeah, this seems like it’s probably a hassle to manage. On the other hand, maybe once it’s done, it’s done? Not sure how often the libraries you rely on are updated.

              3- Python+Cython was still much slower compared to Go

              Fair!

              Thanks for the clarifications and additional insight on this! It’s obviously a lot better to get the story from the horses mouth than to make half baked assumptions about what you may or may not have done.

              1. 3

                More challenging that spinning up an entire engineering team on Go, and rewriting everything?

                I can’t speak for the Stream team, but we cross-train to Go from python pretty quickly. People are productive on an existing codebase within a week or two. It’s not a big language. There are some idioms and some tooling/conventions (packaging etc) but it’s pretty quick.

                The biggest part (as with most languages) is being aware of stuff in the std library. But 80/20 helps you there, reading an existing codebase exposes you to the 20% of the stdlib which is useful 80% of the time.

                Edit: we use both python and Go - but it’s useful (and fun) for people to be able to learn stuff and move between projects.

                1. 2

                  I agree with your first point. Rewriting all the hot code in Cython was going to take much less time than rewrite to Go (btw we still use Python for many things). But what were we going to have as final result?

                  1- A codebase much harder to maintain and change because is written in a dialect of Python most are not familiar with
                  2- A few more extra forks to maintain
                  3- Something faster but not as fast as we wanted

                  EDIT: markdown fix

              2. 3

                Literally the second thing in the post.

                1. 2

                  Pretty sure it’s not at all addressed. The performance of serialization and ranking in (I am assuming) pure Python is discussed as bottlenecks. I’m suggesting that those things might have been better optimized independently, with Cython, or the C API, than to draw the conclusion immediately to leave Python and adopt Go.

                  I’m not at all suggesting that adopting Go was a bad idea—I’m merely asking if consideration was taken to address the actual bottlenecks, independently, first.

                  Did they try to do the 10ms serialization stuff in C? They spent a bunch of time “optimizing Cassandra, redis, etc” — I assume the author means they optimized their usage patterns, and indexes, and such based on query patterns, not “rewrite bottlenecked portions of the database drivers in C, or Rust.”

                  If I was supposed to take something else from that, I’m sorry that I misinterpreted the ambiguity, and it offended you so much.

                  1. 10

                    Did they try to do the 10ms serialization stuff in C?

                    Python [de]serialization IS in C. There are modules for JSON and whatever other common format you want written in C, but the C code still has to create Python objects for Python to use. Pretty much no one uses pure Python JSON libraries, because they’re so ludicrously slow. Parsing any substantial amount of data would be much much much slower than 10ms. I’m not even sure where you’d find one, you’d have to go out of your way to do so, considering even the standard library json module is written in C.

                    I assume the author means they optimized their usage patterns, and indexes, and such based on query patterns, not “rewrite bottlenecked portions of the database drivers in C, or Rust.”

                    All of those drivers are already written in C, the Cassandra one is written in Cython as you suggest.

                    When I read this section I read “we have already optimized everything that we can except what is latent to the language itself.” Like Python objects being… Python objects. Are they supposed to deserialize data into something else in Python? If you can’t deserialize to Python objects then why would you use Python?

                    it offended you so much.

                    I wasn’t offended. My comment means exactly what it says, your concerns are quite literally addressed in the second section of their post, with the extremely appropriate heading “Language Performance Matters.” Though now it sounds like you don’t know that all of these things like serialization and drivers have already been optimized in C or Cython, particularly because you said “performance of serialization and ranking in (I am assuming) pure Python”.

                    It’s true, they didn’t address those things, I expect because they assumed the reader would already know that serialization formats aren’t handled in pure Python. If you didn’t know that, well now you do. Otherwise, I don’t understand your comments.

                    1. 3

                      Python [de]serialization IS in C. There are modules for JSON and whatever other common format you want written in C, but the C code still has to create Python objects for Python to use. Pretty much no one uses pure Python JSON libraries, because they’re so ludicrously slow. Parsing any substantial amount of data would be much much much slower than 10ms. I’m not even sure where you’d find one, you’d have to go out of your way to do so, considering even the standard library json module is written in C.

                      I don’t see JSON mentioned at all in the post as a bottleneck… unless it’s related to the 10ms Cassandra deserialization times…. And, granted, it’s totally possible given the space they are in. They likely get their feed items as JSON. It’s unlikely they actually need to keep it as JSON. Msgpack, or CBOR, or something would (maybe/likely) be faster to deal with than JSON. But, I digress. No idea if they tried.

                      All of those drivers are already written in C, the Cassandra one is written in Cython as you suggest.

                      Ah! Ok. I did not know this, thanks for the new context. It seems, however, that these optimizations could be turned off. Not likely in this case, I’m sure.

                      Like Python objects being… Python objects. Are they supposed to deserialize data into something else in Python? If you can’t deserialize to Python objects then why would you use Python?

                      Not a fan of your condescending tone. I, honestly, have no idea what’s going on in their application. I have no idea if they are making use of classes, or storing everything in tuples, or lists, or namedtuples, or some dicts, or some other concoction that exists in Python that I don’t know about (Pandas Data Frames?).

                      The bottleneck in the Cassandra deserialization could be due to the use of the Object Mapper. Did they try without it? Were they invoking some other objects whose init method happened to… I don’t know, accidentally hit disk to load a timezone file that wasn’t always cached?

                      You’re making a lot of assumptions, and I’m trying not to.

                      It’s true, they didn’t address those things, I expect because they assumed the reader would already know that serialization formats aren’t handled in pure Python. If you didn’t know that, well now you do.

                      Never assume the reader is as smart as you.

                      Let’s discuss more about the ranking / aggregation.

                      They build a twitter / facebook style feed as a service. The ranking seems to be an ordering thing (not shocking) and the aggregation a grouping thing (as opposed to syndication).

                      They spent 3 days + 2 weeks to optimize the ranking Python code. That’s not really a lot of time. They even dropped down into the AST module, which means they compiled into Python bytecode. The user can basically create whatever function they want based on a set of predefined primitives. Impressive ideas there, and probably the best you can get given the pure Python circumstances. What if it was written as a C (or Rust) extension? Could they have gotten 20x speed up in a few days? Did they try it? No idea. How long do they cache the ranking bytecode for? What’s the cost of their compilation? Does the Go version just walk a parse tree? Or does it do something even more fancy than the AST -> Bytecode compiler? No idea.

                      The aggregation related stuff is likely similar–based on some specification that the user provides (a Jinja2 style template), they do some analysis of the template and figure out how to do the aggregation based on the fields. Woah! Also an impressive thing. They even support conditionals. So, they might be using Jinja2 for the actual parsing and rebuilding. From my Python days, I know Jinja2’s parser doesn’t have to be that optimized – you “compile” a template once. The generation part is the part that needs to be fast, and I’m guessing they don’t suffer from slow text generation, but rather the actual filtering of objects, and finding and traversing the things that it all relies on. Is that something that they do every time? Do they cache the result of their compiler (would like to believe so!)? What are the real costs of it all? What differences exist in the Go code?

                      Don’t have much in the way of ideas here, but presumably the same thing would hold. They could spend some time optimizing just that part by dropping down into C, or Rust. That’s the likely bottleneck, not iterating over a bunch of objects.

                      So maybe they’ve tried all these things, and it ultimately wasn’t worth the maintenance costs, and the frustration, and things. It doesn’t appear to be the case based on the mention of the AST module that the ranking stuff was ever a C, or Rust thing. It’s likely that they really really tried hard and just kept coming up short. And, that’s fine. It wasn’t my call to make, or my happiness to deal with.

                      So, yes. Performance matters. And language performance matters… sometimes. And, developer productivity and working as a team together matter, so doing “clever” things is probably not desirable. There’s nothing surprising about their decisions, or reasoning… I’m just infinitely more interested in the stuff they didn’t say. And, I’m really curious about the trend we’re seeing where people suddenly care about efficiency and optimizing resources. The era of “scripting languages” as work horses (that started in the late 90s), is apparently dying, but I don’t know who wrote the blog post “Scripting languages considered harmful (and slow).” (BTW, I welcome this trend, but posit that scripting languages are probably good enough for most things, too)

                      1. 4

                        I don’t see JSON mentioned at all in the post as a bottleneck

                        It’s a typical serialization format. I also said “and whatever other common format” because it doesn’t really make a difference. All those formats you listed perform approximately as well as JSON.

                        Ah! Ok. I did not know this, thanks for the new context.

                        Glad to have taught you something!

                        You’re making a lot of assumptions, and I’m trying not to.

                        I think I just have a better intuition for performance than you. Which is fine, I’m a performance engineer, I’m supposed to.

                        Never assume the reader is as smart as you.

                        Let’s discuss more about the ranking / aggregation.

                        Indeed. But is that the right thing to look at? I think it’s safe to assume that they cache all their compiled rankings and aggregations, so lets ignore that bit.

                        How fast do you think ranking is vs deserialization / serialization?

                        I have a benchmark I pulled out of my ass. It takes a 5.5 MB JSON file (phat.json) that contains 100,000 objects, and performs these operations:

                        with open('phat.json') as f: raw_data = f.read()
                        data = json.loads(raw_data)
                        data.sort(key=lambda o: o['d'])
                        
                        total = 0
                        for obj in data:
                            total += obj['d']
                        
                        raw_data = json.dumps(data)
                        with open('phat-out.json', 'w') as f: f.write(raw_data)
                        

                        Omitted are timers between each of the 6 operations, read, parse, sort, sum, generate, write. The items are ordered randomly with respect to d (the sort key) so the sort should run in a full n log n time. How long do you think each one will take, as a fraction of total run time?

                        Actually guess, because I think you’ll be surprised.

                        read: 1%

                        parse: 21%

                        sort: 26%

                        sum: 15%

                        generate: 34%

                        write: 3%

                        A full 55% of the execution time is fucking with JSON. And this is with ujson, a Python JSON library that sacrifices features to get the most raw speed possible. So most of that time is straight up allocating and serializing Python objects. Generating JSON from Python objects is actually slower than sorting them. WTF right?

                        So maybe they’ve tried all these things, and it ultimately wasn’t worth the maintenance costs, and the frustration, and things. It doesn’t appear to be the case based on the mention of the AST module that the ranking stuff was ever a C, or Rust thing.

                        If they made the ranking stuff in C or Rust, they’d still be working on Python objects, and would still be dominated by that deserialization time. At that point they’d be deserializing database results in raw C/Rust to native structures, processing native structures, and serializing native structures to return as results. Where’s the Python? At that point it’s less a question of Go vs Python, as Go vs C/Rust with legacy Python glue.

                        So, yes. Performance matters. And language performance matters… sometimes.

                        A lot of the time, especially when you’re working with data. Scripting languages just aren’t meant for that. In 2017 processing large amounts of data isn’t about CPU speed, it’s about RAM speed. If your data fits in 1/4 the RAM, you will process it 4 times faster, hard stop. Because CPU speed is going up way faster than RAM speed. RAM is the new disk.

                        And, I’m really curious about the trend we’re seeing where people suddenly care about efficiency and optimizing resources.

                        More people have more users. You wouldn’t expect a newspaper to give a crap about performance, but the New York Times gets over 700 million page views a month. That’s a million views an hour, around 270 per second. The conventional wisdom for a Python / Ruby app server is 1 core per 5-10 requests / second, and for modern apps each page view represents more than one request.

                        But lets assume they’re totally willing to eat that hosting bill. Why would they care then? Well, wasting 10ms serializing a page is a pretty good reason to care. Study after study has shown UI responsiveness and latency directly correlates to user interaction. And user interaction directly correlates to money.

                        Open up the network dev tools and load nytimes.com. They’re also loading all sorts of 3rd party analytics tools and telemetry. Those 3rd parties definitely care about performance if nytimes is just one of their customers.

                        The era of “scripting languages” as work horses (that started in the late 90s), is apparently dying, but I don’t know who wrote the blog post “Scripting languages considered harmful (and slow).”

                        A couple years back everyone ever was blogging about why they switched to Go, how it lowered their operational costs, reduced latency, improved stability by not saturating resources, and so on and so forth.

                        Scripting languages were the workhorse of the web when you needed a PC to browse. Now, 30% of living humans carry a wireless browser in their pocket.

                        (BTW, I welcome this trend, but posit that scripting languages are probably good enough for most things, too)

                        Totally they are good enough for small things, and most things are small things. But if you’re even touching a distributed database like Cassandra, it’s pretty silly to use a scripting language as your main workhorse.

                        1. 3

                          Actually guess, because I think you’ll be surprised. read: 1% parse: 21% sort: 26% sum: 15% generate: 34% write: 3%

                          For shits and giggles, I did a little load/dump benchmark in Python and in Go. It’s here. You may be surprised that using the builtin json on Python 2.7.10 is 25% faster than Go 1.9! This is also on a much larger file than you presented – I’ve showed how I generated it. It’s not incredibly complicated, mind you.

                          In terms of setup, this is a 2015 Macbook Air, with, of course, an SSD. I’ve tried (this took 10 minutes total of my time, so YMMV) to control for disk cache by running it a couple of times before hand, and I’ve done this about 10 times now and minus a few hundreths hear and there and such, Python always comes out ahead on deserialization over Go. Go consistently comes out ahead in serialization, but most of your argument seems to stem from deserialization as it’s loading and creating objects from Cassandra, etc.

                          It’s certainly possible that there’s speed to be gained in the Go version, but the performance was worse when I declared i as map[string]map[string]string so… ¯_(ツ)_/¯

                          Also, just noticed that I’m timing the file open in both cases in Python, too. So, a bit sloppy, but whatever.

                          1. 2

                            Try deserializing into structs in Go. There is no need to create all those hash tables. Using structs is how the vast majority of Go programs are written. It’s not an apples to apples comparison, but that’s exactly the point.

                            1. 3

                              Try deserializing into structs in Go.

                              Sure. I do this all the time. It works quite well if you know ahead of time the structure of the data you’re deserializing. This seems to be only half true for there use case. They have activities that have a fixed set of fields, but then allow an arbitrary set of custom fields as well. A natural constraint for a company that provides, essentially, a data store for it’s customers with custom query capabilities…

                              I don’t know why I’m spending my time on this – I guess it’s fun to prove someone who self proclaims as “intuitive” in performance engineering wrong with simple benchmarks, when you should know that the first rule in performance engineering is “don’t trust your gut, benchmark!” but you’re off base again. In fact, in my new example I’ve shown that JSON tagged structs are slower targets for deserialization than Python dicts, and Go maps.

                              You can claim it’s not real world, of course – 500 fields, 2000 entries in a list {"foos": [{...}, {...}]}. Go maps are greater than 2x faster to deserialize. Serializing structs, however, is 2x faster than serializing a map!

                              Python still beats Go though, even with “all those hash tables.”

                              1. 4

                                I considered adding that to the article. While Go is generally fast, at least 2 of the builtin libraries are sluggish. JSON parsing and Regex so far. I didn’t try other JSON libraries just yet (we use protocol buffers for most things), I don’t think JSON needs to be slow, it’s just the builtin library that isn’t great.

                                1. 2

                                  When I need fast JSON parsing in Go, I’ve turned to easyjson to do code generation for specific types.

                                  1. 1

                                    I’m surprised to hear that regexp in Go is slow! I thought it was based on re2-–though, maybe that’s more correct, and won’t blow you up with malicious input rather than insanely fast.

                                    1. 4

                                      The piece of the engine that it’s missing is a DFA. In my experience maintaining Rust’s regex library (also based on RE2 and has its DFA), the difference between the DFA and the Pike VM (a simulation of the NFA using a virtual machine) is about an order of magnitude. Progress on that seems to be tracked here.

                                      Note that Go’s regexp engine has various other engines from RE2 (like the bitstate backtracker and the one-pass NFA matcher), but they only work in specific circumstances.

                                      1. 1

                                        Go uses the same syntax as re2 but doesn’t have a full port of the engine. It uses the same basic strategy that prevents exponential back tracking, which is inherently slower in the happy path without extensive optimization.

                                    2. 4

                                      In Python, you’re doing about as best as you can do. In Go though, it’s relatively easy to use a library like easyjson to increase JSON deserialization/serialization dramatically. (I have no dog in this fight, but I think this piece of information is incredibly valuable for evaluating this particular trade off.)

                                      1. 1

                                        They have activities that have a fixed set of fields, but then allow an arbitrary set of custom fields as well.

                                        True, good point.

                                        I guess it’s fun to prove someone who self proclaims as “intuitive” in performance engineering wrong with simple benchmarks

                                        Before being an asshole, try being right. It’s not an essential pre-requisite, but it helps.

                                        In fact, in my new example I’ve shown that JSON tagged structs are slower targets for deserialization than Python dicts, and Go maps.

                                        You have already concluded with such certainty that Python is faster than Go! With such certainty, and a proven skill—nay perhaps a calling—in running simple benchmarks, you must really know your stuff. But my gut says something is up.

                                        Ah, intentionally or not, you’ve chosen the worst case for struct deserialization, a large number of fields that only have string values. An allocation per value, same as a map, and the large number of field keys will slow down the reflector.

                                        Performing a similar test on my JSON I used before, which has a smaller number of keys and mixed value types (string, int, etc), I see that Go encoding/json is ~1.5x faster than Python json. I also see that decoding to structs and maps is about the same. Interesting, my intuition tells me Go’s encoding/json package must not be particularly fast. It’s also ~1.75x slower than the hyper-optimized ujson Python package. Something’s definitely up.

                                        It’s ironic that you were so condescending about investigating higher performance alternatives, when you completely failed to do so. After spending 2 seconds on Google indiscriminately opening the first couple of GitHub links, I found jsonparser and ffjson. I’ll go with jsonparser since we want something that handles arbitrary data, as you pointed out. This library goes where ujson can’t, it’s a zero allocation parser. Just by using it to parse my data into a slice of structs it’s ~1.6x faster than ujson, ~5x faster than Python builtin json, ~2.8x faster than Go builtin encoding/json. For this data shape of course, obviously it will differ depending on the data.

                                        you should know that the first rule in performance engineering is “don’t trust your gut, benchmark!”

                                        No, I know the first rule of performance engineering is “don’t trust your gut when you don’t actually understand what you’re looking at.” The second bit is typically left out because the intended audience tends not to realize they are the intended audience. It’s really not that difficult to have an intuition about performance, you just have to actually know what you’re looking at, and what different types of operations tend to cost. The rule you parroted mostly exists because of a dozen or so counter-intuitive costs in computing. Though obviously measurement is still essential. Just not necessary for basic conclusions like “an optimal Go JSON parser will be faster than an optimal Python JSON parser.”

                                        1. 2

                                          Before being an asshole, try being right. It’s not an essential pre-requisite, but it helps.

                                          Pot, meet kettle.

                                          The very first thing you responded with assumed I was stupid and couldn’t read. You continued to be condescending suggesting that I have no intuition about performance, etc, etc. Basically, you’ve been a jerk this entire time. But, I forgive you. And, I’m sorry for the way I’ve acted in response.

                                          You have already concluded with such certainty that Python is faster than Go!

                                          No. I haven’t concluded anything. I’ve merely suggested that Python can be fast enough (in some situations) and running to Go isn’t always necessary.

                                          The original author, and the CTO of the company in question were very kind and directly answered what I was asking. You, however, decided that I must be an idiot and showed off your muscles.

                                          I bet in meat space we could be friends, and have a lot to talk about. Should that day come, I’ll buy you a drink.

                                          1. 3

                                            I would appreciate it if both @apg and @peter would leave this thread without further replies, at least until I have coded more moderation actions than “delete comment” and “ban user”.

                                            1. 1

                                              I’m interested in what such actions might be, because I agree that the majority of this thread is a waste of time. Much of the responsibility lies on me, as this is the second fight I’ve picked over performance in two weeks. In both cases, my initial throw down received nontrivial positive reception (1, 2), but again in both cases there was little value in continuing after that.

                                              I’ll endeavor to use less colorful metaphors, and trim discussions like this one rather than continue to engage in a waste of screen space that might otherwise be filled with insightful comments.

                                              1. 3

                                                Thanks for taking a minute to consider a pattern and how it can be improved.

                                                I was writing as I was a minute away from going to bed so I didn’t want to write something long or do something rash. This discussion had some great technical debate but was also sliding towards personal attacks and general unpleasantness.

                                                Basically I’m looking for the smallest possible early intervention with the best chance to nudge a thread away from escalating toxicity. And most often that’s just going to be a moderator leaving a comment reminding people to be kind. I’m pondering what features would be appropriate and will probably post a meta thread before I actually implement anything besides a mod dashboard that finds hotspots like a chronological list of comments getting more than 3 downvotes, etc. Human judgment is the most valuable thing, tools just exist to target it efficiently.

                                              2. -1

                                                Why would this thread need any kind of moderation anyway?

                                                1. 4

                                                  Cause we are being dicks to each other and that’s not what this community is about.

                              2. 2

                                It’s worth pointing out that “getting rid of the bottleneck” when your entire system is in Python isn’t obviously possible. For example, Python’s csv library is written in C, and while its core parser is quite fast, did you know that reading a CSV file in Python is still dog slow? A big part of it is because every record needs to get thrown into Python objects, which has overhead. So OK, maybe you write your CSV loop in something other than Python and go through all the hoopla of designing C bindings for that, but at a certain point, this could easily become a microcosm of your entire system. There’s a lot of work involved in having to push things down into lower level languages, and if you need to do it a lot, you might be better off just switching.

                                With that said, I don’t disagree with your overall point! Just want to say that your advice can be quite hard to follow in practice.

                                (I just read the comments down thread and see the others are basically saying the same thing I am: you pay dearly for having to put everything into Python objects. The irony of my comment in this specific example is that Go’s CSV library is not known for its speed… But my CSV example was just that, an example.)

                                1. 1

                                  It’s worth pointing out that “getting rid of the bottleneck” when your entire system is in Python isn’t obviously possible.

                                  Of course! The whole reason this thread got out of hand is because it’s hard to understand exactly how Python can’t work here. We don’t know how much of the workload is I/O bound, and what part is compute. We don’t know what SLAs they target, and how far from them they are. We don’t know if the problems they face are only at peak times, or if this is constant.

                                  I don’t mean to call out this post specifically, but this is exactly the type of post that leads to cargo culting in tech. Often, they are well intentioned posts (like this one), but they lack enough information to take it as anything more than anecdote, but instead some will ultimately treat it as justification to take a completely unrelated workload and say “Go is faster and we need to move to Go,” when Ruby, or PHP, or whatever else would continue serving them just fine and continue to provide them some of the advantages they adopted the language for in the first place.

                          1. 4

                            I don’t understand Apple’s obsession with pushing for thin machines when it raises issues like this. Why the need to shave off more millimeters with every new laptop when the keyboard is not that nice to work with anymore?

                            1. 3

                              I don’t understand Apple’s obsession with pushing for thin machines when it raises issues like this.

                              They most likely didn’t anticipate this issue, and overall, a really thin and light computer is great.

                            1. 0

                              A majority of catalan people wants to hold a referendum for independence, with a significant share of the population supporting independence.

                              Richest region in Spain wants to stop paying taxes to the central government? Hold my mate, I’m first going to get Lombardy’s independence, then separate the individual provinces inside it after which I’ll convince people to go back to city-states. Smallest taxes ever!

                              1. 13

                                Basque people leaving in Euskadi pay taxes directly to their autonomous government and not to the central government. On the other hand, it is pretty shallow to think that Catalunya’s fight for independence is a fight for paying less taxes.

                                1. 2

                                  Basque people leaving in Euskadi pay taxes directly to their autonomous government and not to the central government.

                                  From https://en.wikipedia.org/wiki/Autonomous_communities_of_Spain#Degree_of_financial_autonomy :

                                  the central government is still charge of levying and collecting most taxes, which it then redistributes to the autonomous communities with the aim of producing “fiscal equalization”. This applies to all communities, with the exception of the Basque Country and Navarre.

                                  So the biggest of the richest regions wants to also keep it all to itself, just like those two small ones. The poor? Let them eat cake!

                                  it is pretty shallow to think that Catalunya’s fight for independence is a fight for paying less taxes

                                  They already have everything else: https://en.wikipedia.org/wiki/Generalitat_de_Catalunya#Autonomous_system_of_government

                                  1. 5

                                    In the three provincial councils of Euskadi (Bizkaia, Gipuzkoa, Araba) and in Navarra (Nafarroa) you pay taxes to the local governement and the local government discusses with the central government how much money has to go the central government. This is a right that Spain gave to a part of the Basques with the constitution of 1978. For the nationalist basque right and conservative party this was a victory. For the left and nationalist basques this was only a carrot that Spain gave to them while using the stick against them at the same time. In Catalunya, and the rest of Spain, you pay your taxes to the central government and then the central government decides how much money returns to Catalunya.

                                    Anyways, the problem for Catalans and Basques with Spain is not only a money or tax problem. I would say that is the least of the problems. Paises Catalans, Euskal Herria (Basque Country) and many other kingdoms that existed in the Iberian Peninsula where invaded by what is now the Kingdom of Spanish (it is the official name of Spain). What is happening now is not different from what has been happening for centuries:

                                    You say that they have already everything else. I don’t think so but I think that is a decision that the Catalans and Basque have to do. What I can assure you is that if a “problem” has existed for centuries, then probably it is not only a tax problem.

                                    1. 1

                                      that is a decision that the Catalans and Basque have to do

                                      Yeah, let’s let the rich decide whether they want to pay taxes. What can possibly go wrong?

                                    2. 3

                                      The poor? Let them eat cake!

                                      Right, because justice from Paul’s perspective is that Peter gets robbed and his money handed to Paul.

                                      Justice from Peter’s perspective might involve not getting robbed.

                                      1. 1

                                        Justice from Peter’s perspective might involve not getting robbed.

                                        But only after he managed to get an unusually big share of those limited resources, right?

                                  2. 3

                                    I can’t tell what you’re trying to say, but you do understand that no one wants to pay taxes, right? Not even you. Nnnnnope, not even if you claim otherwise in a misguided attempt at virtue-signalling.

                                    We all pay taxes purely because we’re forced to.

                                    So would it be so wrong of Catalonians to want to have less of their income confiscated and sprinkled all over Spain? What prevents other regions from being just as wealthy as Catalonia?

                                    1. 1

                                      you do understand that no one wants to pay taxes, right?

                                      Yes, of course. Do you understand why taxes are necessary even if we don’t want to pay them?

                                      So would it be so wrong of Catalonians to want to have less of their income confiscated and sprinkled all over Spain?

                                      Of course it would. The rich wanting to get richer is why the poor go hungry while we throw away food surpluses and while we plan to reduced the cultivated areas in order to keep the grain prices high: http://www.producer.com/2017/05/world-needs-to-slash-crop-acres-to-cut-grain-surplus/

                                      It’s either voluntary solidarity and very modest wealth redistribution or 1789 all over again. Pick your poison.

                                      What prevents other regions from being just as wealthy as Catalonia?

                                      Fewer natural resources, past inequalities, less attention from the people in power, fewer investments by the central government, etc.

                                      1. 2

                                        Do you understand why taxes are necessary even if we don’t want to pay them?

                                        The Spanish government arranges bullfights using tax money. Well spent?

                                        Also some might wonder if there could be better cures for poverty than sponsoring it, but that’s a certain downvote or a few.

                                        1. [Comment from banned user removed]

                                    2. 2

                                      Some people prefer the idea of city-states, and a smaller state does not necessarily mean smaller taxes, they have less sources of money so it would ensue that they would take more from those sources.

                                      1. 2

                                        Some people prefer the idea of city-states, and a smaller state does not necessarily mean smaller taxes, they have less sources of money so it would ensue that they would take more from those sources.

                                        What you don’t know is that taxes from richer regions are used to finance poorer regions in a redistribution system controlled by the central government.

                                        The plan for autonomous/independent rich regions is to stop contributing to a central government that gives them back in investments less than they contributed in taxes. Once they no longer need to pay for those terrible poor people, they can cut their own taxes as they like.

                                        It’s economical inequality at the regional level - the rich get richer, the poor get poorer and we wax poetic about cryptographic solutions for illegal referendums…

                                        1. 2

                                          We practice redistribution in Canada, so I do know about it. I’m not convinced that independence movements are all about the rich wanting to stop redistribution of ressources, it could simply be about wanting to have more localised redistribution, why send money to another part of the country when you still have areas in your city that struggle with poverty?

                                          It could also be about renegotiating that redistribution. for instance, I’ve always felt that the quebec independence movement was always about having more agency on how the provinces ressources are used.

                                          1. 0

                                            it could simply be about wanting to have more localised redistribution

                                            AKA: let my left hand pay taxes to my right hand.

                                            why send money to another part of the country when you still have areas in your city that struggle with poverty?

                                            Why get rid of that poverty when it’s the only excuse for keeping more money locally? https://en.wikipedia.org/wiki/Perverse_incentive

                                            1. 4

                                              As funny as many of the examples in that link were, I’m not sure it applies itself to this situation.

                                              This argument is pointless if you refuse to aknowledge any other intention than short term financial gain on their part.

                                    1. 11

                                      I thought it is pretty obvious that we’re trying to suppress wages. However, that’s where my agreement ends. What we need is dramatically higher taxes for income and inheritance above a certain threshold. I’m thinking like 90% tax (progressive) on individual income exceeding 100x 2000x minimum wage per hour (a nice $3M at $15 an hour) and twice that for inheritance (also progressive). We will need broad agreement to make sure no one has “attractive” tax regime. We then fund basic income with this money and do something which we’ve needed to do for a long time: cut costs.

                                      We need to cut costs in education. We need to cut costs in healthcare. We need to cut costs in real estate. Cutting costs is very important for this plan to succeed. No more nimbyism. We make sure nobody starves or dies from simple diseases but no more tax credits or deductions for anything. There well be some pain but it will be worth it.

                                      1. 1

                                        Well, I agree with increasing efficiency.

                                        1. -5

                                          Wow.. I know I shouldn’t bother but you’re just too much..

                                          You’re basically suggesting that governments everywhere rob “overly wealthy” people super fucking hard, and prevent them from being able to escape that robbery anywhere, and.. somehow you expect them to keep working hard so that the ass-raping can continue indefinitely so that you can sit at home and.. pursue your lifelong dream of finger-painting abstract art, for the betterment of mankind?

                                          Look at your country’s budget numbers and do some basic math on what it would cost to give everyone “free money forever”.

                                          Then think about things from a productive person’s perspective. If 100% of the fruits of your labour are forcefully taken away, you’re an outright fucking slave. If 50% are taken away, you’re like a 50% slave.

                                          You are not the arbiter of how much money is “enough” for anyone else. You can decide how much money is enough for you, personally, but other people are their own, separate, living, breathing individuals.

                                          Wake the fuck up from your socialist stupor.

                                          1. 9

                                            Could we please not use terms like “ass-raping” so lightly? This is a forum for adults and professionals, and at the very least I’d hope we can all be respectful to each other.

                                            1. -5

                                              Oh gosh golly gee, someone has a potty mouth!

                                            2. 5

                                              Then think about things from a productive person’s perspective. If 100% of the fruits of your labour are forcefully taken away, you’re an outright fucking slave. If 50% are taken away, you’re like a 50% slave.

                                              You probably need to define what you mean by a productive person. And it’s not “forcefully taken away”, “robbery”, “ass-raping”. You declare your taxes and pay them. Most levels of remuneration rise/fall based on effective tax rates. The rules are well understood. Don’t want to pay so much, tough luck.

                                              You are not the arbiter of how much money is “enough” for anyone else. You can decide how much money is enough for you, personally, but other people are their own, separate, living, breathing individuals.

                                              What about consensus and rules that are aimed at leveling the playing field in terms of opportunity? If you went out for pizza with 3 friends and 1 of them took 9 slices because he decided that was enough for him, would the rest of you be cool with that?

                                              1. -3

                                                And it’s not “forcefully taken away”, “robbery”, “ass-raping”.

                                                Sure it is.

                                                You declare your taxes and pay them.

                                                You seem to be overlooking the “.. or else!” part, which is what makes it robbery, and to be more precise: extortion.

                                              2. 5

                                                The super wealthy aren’t generally that way because they ‘work hard’ or ‘are productive’, they are generally that way because of theft* or inherited wealth. So yes, we should tax their income, their wealth itself, inheritances, and so forth, and make sure that there is nowhere they can escape it. Also, taxation isn’t even vaguely similar to slavery.

                                                *: Theft here meaning everything from colonial plunder to corrupt self dealing to rentiership to exploiting workers, and so forth.

                                                1. 1

                                                  what you mean by ‘super wealthy’ or ‘generally’? You should be more specific with some references.

                                                  The only millionaire I know personally, worked hard, but also efficiently, and was very intelligent in the way he did business. He doesn’t work 1000 times harder than others, but he never exploited anyone or stole anything to my knowledge. More importantly, there was nothing stopping another person from doing what he was doing.

                                                  1. 2

                                                    I think 100x minimum wage is generous enough. I’m sorry but I didn’t mean it to sound like taxation as a punishment. I apologize for my poor choice of words. Yes, taxes are involuntary for the individual but it isn’t about taking from Peter to give to Paul.

                                                    I oppose the current plan for “free college” in New York. I think no government program should have a ceiling for income.

                                                    I think we need better propaganda around taxation. We should try to make people feel proud for paying taxes. This is why I want to reduce government spending (the administrative overhead). I don’t think it will be easy or straightforward but I believe it is possible.

                                                    1. -2

                                                      For your sake, I hope you’re trolling.

                                                2. 4

                                                  The business takes a percent of my surplus labor that is likely much higher than 50% because they have money, higher taxes would help remedy that. You’ve focused on the government taking your money and have blindly ignored the individual taking your money.

                                                  1. 4

                                                    somehow you expect them to keep working hard so that the ass-raping can continue indefinitely so that you can sit at home and.

                                                    Many poor people are working very hard as well. Working 3 or 4 jobs and not making it out of poverty. The idea that people are rich because of hard work doesn’t seem to have much evidence behind it and there is some evidence that many rich people are there because of luck. That isn’t to say they don’t work hard but rather that taxing them doesn’t mean their hard work is being taxed but rather their luck.

                                                    1. -1

                                                      People don’t seem to realize that tax is letting someone else spend your money in terribly inefficient ways, or they will lock you up. Also, the threshold for ‘wealthy’ is always higher than the person suggesting it earns.

                                                  1. -5

                                                    Great! I guess this means we’ll soon have “enough” women in tech then.

                                                    But where are all the one-eyed midgets?! I’ve been in tech for a long time, but haven’t seen even one! We may have won a battle, but the war for moar diversity rages on.

                                                    1. 1

                                                      Please be more constructive in your comments on these kinds of topics. Being this facetious doesn’t help anybody.

                                                      1. -2

                                                        Being this facetious doesn’t help anybody.

                                                        I actually had a point, as you’re far too rational not to understand. You weren’t actually upset by what I said either.

                                                        Our Western societies are swirling down the drain in large part because people have been divide & conquered into bickering over fake controversies like this. It won’t stop until people stop taking nonsense seriously.

                                                        1. 2

                                                          Our Western societies are swirling down the drain in large part because people have been divide & conquered into bickering over fake controversies like this.

                                                          And yet, here you are to bicker over it. Again.

                                                          1. -1

                                                            Have you been raising the level of discourse here by trolling more people?

                                                            1. 1

                                                              Fair call - I apologise for my uncivil and uncalled for remark, and retract it.

                                                    1. 5

                                                      I still use vim because it doesn’t spam dropdowns and auto completions at me, bouncing around like a puppy on crack, while still letting me enter text efficiently.

                                                      Performance is nice, but it’s a bonus over the editor just letting me type.

                                                      1. 2

                                                        I still use vim because it doesn’t spam dropdowns and auto completions at me, bouncing around like a puppy on crack, while still letting me enter text efficiently.

                                                        What if the auto completions are useful, and make you more productive than without them?

                                                        What if the completions would also reduce the need for bouncing around your code like a puppy on crack, looking for the name of a variable or function you’re supposed to use?

                                                        1. 5

                                                          What if the auto completions are useful, and make you more productive than without them?

                                                          If you feel that way, you can use them. Please don’t tell me what I find distracting.

                                                          Dropdowns and bounciness are available in vim too, if you like things to work that way. YouCompleteMe is an example of it. But I can’t stand using it. Maybe one day I’ll hook it into the quickfix window, where the suggestions and documentation stay nice and static.

                                                          1. 0

                                                            Please don’t tell me what I find distracting.

                                                            I didn’t.

                                                            I suggested that auto-completions might make you more productive than without them, which would actually probably be the case.

                                                            Whenever people vehemently defend their choices of sticking with Vim or Emacs despite the fact that JetBrains has been producing IDEs for a long time, I suspect it’s because they have trouble entertaining the notion that their choices might be “wrong”.

                                                            I mean, you’re not harming anyone else by using Vim, but you’re probably accumulating a vast mound of opportunity costs that could be avoided by adopting an IDE.

                                                            You might even be aware of it subconsciously, considering the “hostile” way you characterized auto-completions.

                                                            Granted, you may genuinely be a special snowflake that finds them unbearably distracting, but it’s just not very likely, and sounds like a rationalization for acting against your self-interest by continuing to accumulate those opportunity costs.

                                                            1. 6

                                                              Whenever people vehemently defend their choices of sticking with Vim or Emacs despite the fact that JetBrains has been producing IDEs for a long time, I suspect it’s because they have trouble entertaining the notion that their choices might be “wrong”.

                                                              I spent the last 6 months in a jetbrains ide. It sucked. I’ve tried setting up the ide-like popups and completions in vim. It sucked. The hostility is from experience. But thanks for the smug condescension.

                                                              1. -1

                                                                But thanks for the smug condescension.

                                                                You’re welcome :)

                                                              2. 2

                                                                I’m sure this can vary by field (I’m a CS academic, not a full-time programmer), but I’ve personally never found any of this tooling choice to make a meaningful difference to long-term productivity one way or another, as long as you pick something vaguely sorta working. That depends far more on other features, like coming up with good ideas on paper first, keeping motivated, even getting a good night’s sleep. So I choose programming environments mostly by whether I subjectively enjoy working in them. Given that I spend a decent portion of my life working in them, I think it’s reasonable for this to be a primary concern—life is too short to be primarily worried about “productivity”, anyway.

                                                                At least when I have a choice of course. When I program iOS apps I use XCode, even though I don’t think it’s either a very good text editor or very good IDE, because doing anything else is an uphill fight against Apple.

                                                                1. 0

                                                                  I’ve personally never found any of this tooling choice to make a meaningful difference to long-term productivity one way or another, as long as you pick something vaguely sorta working

                                                                  Even if the differences in productivity between various tools are small, they compound over time. That’s certainly meaningful.

                                                                  If you save 10 minutes per day, that adds up to around 60 hours per year. That’s a significant chunk of the working hours in a month, for example.

                                                          2. 1

                                                            Why not try an auto completion plugin with popup delay option? You won’t get distracted unless you stop the cursor at the midle of a word.

                                                          1. -5

                                                            Have you been using sock-puppets to upvote your Pony submissions?

                                                            1. 4

                                                              No.

                                                            1. 7

                                                              If you want free SMTP and IMAP access, as well as unlimited storage and your own domain, take a look at Yandex Mail for Domain. https://domain.yandex.com/

                                                              They even have API (e.g., for moving your domains between another provider). In addition to mail, you also get XMPP, too; and they have a bunch of apps in all the app stores.

                                                              They’re obviously a yuge and profitable company — https://yandex.com/company/ — so, if you deploy this, it won’t be gone the next day (plus, using your own domain means you could switch in a jiffy). They also have free email support, unlike Google.

                                                              1. 3

                                                                Doesn’t Russia have even worse privacy protection than the US? Yandex is based on Moscow, and I can only imagine that any email the government feels like looking at, they probably can.

                                                                1. 4

                                                                  US certainly has strong free speech rights, but privacy?!

                                                                  Besides, are you Russian? Do you even have any Russian connexions? If not, then for you the service may as well be as offshore as it gets.

                                                                  1. 2

                                                                    Yandex is based on Moscow, and I can only imagine that any email the government feels like looking at, they probably can.

                                                                    The same applies in every first-world country, at least. Putin is much less likely to give a fuck about you or what you’re doing than your local rulers.

                                                                1. 9

                                                                  If you want some modicum of security go with Tutanota, Protonmail, or StartMail. Or self-host.

                                                                  Pretty much everything else out there is total crap in terms of security, but be forewarned: even these hosting companies will not provide you with perfect email security. They just do a much better job than the competition.

                                                                  1. 9

                                                                    It’s best to treat email as insecure entirely. That’s what has been done for transport protocols since secure messaging was invented. Wrap the messages in something like GPG sending them over untrusted transports. Attempts to get away from that just resulted in more clever attacks with best providers now, privacy-focused or not, in countries doing mass surveillance of their backbones with teams of hackers firing exploits at popular combos of OS’s, browsers, and apps. Most privacy-focused providers use tech within the subset that the attackers focus on. Doesn’t inspire confidence. Best to assume anything even connecting to the Internet might get owned.

                                                                    So, that leads us back to the old days of using high-assurance guards or best FOSS equivalent you can build. Untrusted server hardened as possible connects to email service to bring the emails in. They run through a guard that is an embedded computer with literally just enough code to pull files in, maybe integrity check them, and send them to your computer on inside of network. Optionally IOMMU, non-DMA links, or hardware you had source to (FPGA-based solutions do this). Guard only pulls things in when you tell it to via plugging in the actual cords and authenticating with something attached to it (i.e. trusted path). Such a design is called a Mail Guard. They were mandatory for bridging classified and non-classified links in DOD for a long time.

                                                                    Although it can be just FSM’s on a micro-controller, here’s an example of a high-assurance, mail guard from the past to show some basic considerations:

                                                                    https://cryptosmith.files.wordpress.com/2014/10/mailguard.pdf

                                                                    Whereas this SAGE paper shows what a full-fledged guard would do in government or enterprise setting. This kind of complexity is dangerous, though, where you’d want to make the implementation as safe as possible. The TCB itself is small, though.

                                                                    https://webcache.googleusercontent.com/search?q=cache:oOyYDOu3rfEJ:citeseerx.ist.psu.edu/viewdoc/download%3Fdoi%3D10.1.1.133.4225%26rep%3Drep1%26type%3Dpdf+&cd=1&hl=en&ct=clnk&gl=us

                                                                    1. 7

                                                                      It’s best to treat email as insecure entirely.

                                                                      This determination isn’t up to an individual, though. Email is considered a secure fallback for resetting authentication on nearly all websites.

                                                                      1. 3

                                                                        True. However, it is up to the individual which provider they choose and how they connect to them. A lot of the lay people reading Krebs on Security follow his advice of using Puppy Linux LiveCD’s to do their banking and/or email. They try to check for the HTTPS, use good passwords, and so on. Some used security-focused solutions like Hushmail with ProtonMail being popular recently.

                                                                        So, one can still treat email as insecure with extra protection even when forced to use it. Even lay persons are doing that. The technical folks should be able to do even better.

                                                                      2. 2

                                                                        It’s best to treat email as insecure entirely.

                                                                        Yep.

                                                                        1. 1

                                                                          in countries doing mass surveillance of their backbones with teams of hackers firing exploits at popular combos of OS’s, browsers, and apps

                                                                          Exploits? To what end?

                                                                          1. 1

                                                                            They can read your emails, forge emails from you, get your contact list, any personal info provider has, and (as pushcx noted) possibly use the account to change or acquire passwords to other services.

                                                                      1. 6

                                                                        This inspired me to dig up a Swiss e-mail service provider I remembered seeing on Hacker News.

                                                                        Here it is: https://www.migadu.com/en/index.html

                                                                        I’m not a customer (nor affiliate), but it seems like it could be a good service.

                                                                        1. 2

                                                                          I set up Migadu for one of my customer and it was worth it.

                                                                        1. 10

                                                                          I really want to like Firefox, but it feels increasingly clear that Mozilla doesn’t seem to consider anyone who wants to adapt any of the choices Mozilla made for him/her to be part of their target audience anymore.

                                                                          I don’t really know what their target audience actually is to which they are trying to pull off a Gnome-like pivot, but given the fall in market-share it’s baffling that retaining existing users doesn’t seem to play a more important role.

                                                                          Having tried the nightlies of Firefox 57, Mozilla has basically reset my browser usage to a vanilla install. All my extensions will stop working (marked as “legacy” – and I only have three: mouse gestures, an ad-blocker and tree-style tabs) and my theme causes tabs to crash on load (which I only use because the default theme keeps gradually eating more and more screen space).

                                                                          While I’m positive that a solution can be found for mouse gestures and ad-blocking, it seems that tree-style tabs (or any kind of UI customization) is thoroughly dead. Even if they addressed the dozen of bugs that were filed to get tabs working again, it’s quite clear that the required level of visual integration to avoid making it look like a second-class citizen will not be supported anymore with WebExtensions.

                                                                          The whole switch to WebExtensions feels like going from a positive, user-empowering stance of helping and encouraging users and extension developers to adapt their browsing experience to their liking, to a model where the possibilities of customization and extension is severely limited to protect the users from potential harm that seems to lurk behind every extension.

                                                                          1. 21

                                                                            It’s not just about protecting users from harm, it’s also about:

                                                                            1. Performance. By restricting extensions to APIs we can ensure they will run silky smooth.
                                                                            2. Compatibility. Old style extensions broke anytime the random internal thing they depended on changed, so developers would constantly have to be updating their addons. Web extensions are one last major breaking change for addon developers, and then they never have to worry about compatibility again.
                                                                            3. Portability. Web extensions can be shared across browsers, so developers don’t need to write multiple versions of their addons anymore just to support Firefox+Chrome. Given a choice between supporting only one of Firefox or Chrome, 95% of developers were already choosing Chrome (I made that number up, but probably). This equalizes the gap.
                                                                            4. Security. Like you mentioned, it will be very hard to write malware when that malware is restricted to known APIs.

                                                                            There are a lot of really good reasons to make this switch. And while it will be frustrating to a lot of loyal users and developers, I think it will be the right decision in the long term. I’m feeling the pain too, a bunch of my extensions no longer work either. But I’m confident I’ll either find replacements in due time, or adapt my workflow to live without them.

                                                                            Btw, u-block origin already has a web extension posted to their AMO dev channel.

                                                                            1. 19

                                                                              Since I don’t see many people sharing this sentiment, I just want to chime in as a long-time Firefox user and say that I’ve been really pleased with the work in Firefox over the past several years. Performance has improved massively, and it seems like every time I open the developer tools, I find some cool new thing I didn’t know about before. I’ve also gotten a lot of mileage out of several of the experiments in TestPilot. All in all, I’m quite pleased.

                                                                              Keep up the great work!

                                                                              1. 3

                                                                                Thanks! Much appreciated :)

                                                                                1. 2

                                                                                  As another random data point, I don’t remember ever even having a real problem with Firefox.

                                                                                  But now the new version worries me because there might not be a good mouse gesture plugin available.. soooo if you wouldn’t terribly mind implementing mouse gestures the way Opera v12 had them, that would be nice :)

                                                                                  1. 2

                                                                                    As another random data point, I don’t remember ever even having a real problem with Firefox.

                                                                                    But now the new version worries me

                                                                                    Likewise, Firefox has always been great for me, but only because I use an extension which allows me to rebind the keys. This extension doesn’t exist for Chrome because Chrome hard-codes ctrl-n to “open a new window” for security theater reasons. (I can’t remember the last time I opened a new browser window on purpose, but it wasn’t in the past decade.) If Firefox starts copying Chrome in that regard I’ll be forced to choose between staying on the old version forever or spending half my day closing those seventeen windows that just opened because I was trying to scroll down.

                                                                                    1. 1

                                                                                      I found this: https://addons.mozilla.org/en-US/firefox/addon/foxy-gestures/

                                                                                      Not sure if it solves your use case or not though.

                                                                                      1. 2

                                                                                        Just tried it, doesn’t really work. (In the sense of “fails to save any changes and crashes reproducibly”.)

                                                                                2. 2

                                                                                  Thanks for the note on uBlock. The dev channel thing was quite hidden, but I found it.

                                                                                  Well, all I can say is that I think it is sad to see that Firefox is switching from the software repository approach popular on Linux distributions to the walled garden approach of app stores (like on Windows/Mac).

                                                                                  I can understand why it is more convenient for developers this way, but I don’t try to be a developer of every technology I use. (Ok, I’m still sitting on this reproducible Firefox crasher and I installed the debug symbols to figure out where it comes from … but sometimes I just want to be a user.)

                                                                                  Currently my only hope is that the official roll-out of WebExtension gets delayed just enough for another Firefox ESR release based on the current code. This would give me another few years out of Firefox, but in the long term I really don’t see a future for me on Firefox. That’s kind of sad because I have been an user since it was called Netscape Navigator.

                                                                                  It’s kind of clear that vertical tabs will never be a first-class citizen with WebExtensions (even under the assumption that all of the dozen current bug reports get sorted out).

                                                                                  Firefox’ stance reminds me of the saying “if the government is unhappy with its citizens, it should swap out its citizens” and the CADT that happened with Gnome. (XFCE user ever since.)

                                                                                  1. 1

                                                                                    Well, all I can say is that I think it is sad to see that Firefox is switching from the software repository approach popular on Linux distributions to the walled garden approach of app stores (like on Windows/Mac).

                                                                                    Would you mind clarifying? The distribution model for WebExtensions is the same as for non-WebExtensions. Or are you referring to the use of sandboxing?

                                                                                    1. 1

                                                                                      Having to beg Firefox developers to allow me to make the changes I want to my browser feels counter to everything Mozilla stood for in the past.

                                                                                      1. 1

                                                                                        I see. On the other end, every API exposed to extensions becomes something that Mozilla has to commit to maintaining into the future, imposing architectural constraints. This was most painfully evident in the long process of the e10s (multiprocess) roll-out.

                                                                                3. 5

                                                                                  There is a tree style tabs in “Firefox Testpilot”, that’s not going to break because of the API changes

                                                                                  1. 2

                                                                                    Are you talking about Tab Center? That’s sadly not a tree style tabs extension, merely a vertical tabs extension. But yes, the point remains that you can write functional alternative tab bars with the new API.

                                                                                    1. 3

                                                                                      From what I have seen, the UI from tab center will not be supported with official WebExtensions.

                                                                                      For instance, the obnoxious sidebar header will be mandatory: https://github.com/Croydon/vertical-tabs-reloaded/issues/13#issuecomment-294589274 That’s a killer for me, right there.

                                                                                      This is what I currently have: http://imgur.com/a/OemGy

                                                                                      This is what I’d like to have: http://imgur.com/a/cWEsE

                                                                                      This is probably the best I will get with WebExtensions: https://addons.cdn.mozilla.net/user-media/previews/full/185/185415.png

                                                                                      Thanks, but no, thanks.

                                                                                    2. 1

                                                                                      The test pilot has ended, and I can’t find a way to install the add-on now. Which is a shame, because they had one feature that would have actually improved my experience: Tabs taking the whole area on the left side, instead of being under the location bar. https://testpilot.firefox.com/static/images/experiments/tab-center/details/tab-center-1.ceef2f45.jpg

                                                                                      I’d love to have a tab extension doing that.

                                                                                    3. 4

                                                                                      holy hell, another tree-style-tabs-er - people don’t understand us. - I moved to vivaldi cos chrome had no capability to do vertical tabs (and always felt strangely icky on chrome). Vivaldi has vertical tabs but not tree style :(, is all chrome under the hood but with plenty of customizability and most of the “i wish i hads” from firefox. It started out buggy when i was using it but has generally gotten better. not OSS is the only thing that mildly annoys me.

                                                                                      I personally jumped away from firefox when i eventually got sick of it regularly slowing down after a few hours of use (to the point of barely scrolling while rendering another tab i had just middle clicked on)

                                                                                      that said, none of the news coming out of the ff camp is making me think “wow i should totally give it another shot”. Your comment only reinforces that - I hate not having control over other people’s stupid decisions on my system.

                                                                                      1. 6

                                                                                        There are dozens of us using tree-style-tabs.

                                                                                      2. 3

                                                                                        https://addons.mozilla.org/en-US/firefox/addon/tree-tabs/ is the Tree Style Tabs replacement. It’s not as good, but it’s improving.

                                                                                        I switched to https://addons.mozilla.org/en-US/firefox/addon/tab-center-redux/ and it’s pretty great.

                                                                                        1. 2

                                                                                          I tried them all. They are quite restricted in what they can do, and the mandatory tab header makes it pretty clear that stuff like this will always be a second-class citizen under WebExtensions.

                                                                                          Think about it: Why doesn’t the “official” tab bar get one of these headers, too? Because it is completely jarring and obnoxious. Firefox devs know it sucks, so they don’t follow these rules, but everyone else has.

                                                                                          1. 4

                                                                                            and the mandatory tab header makes it

                                                                                            It’s not “mandatory”. There are bugs open for a webextension API for removing it, and Firefox devs seem to be open to adding one. This API doesn’t exist now, but you’re painting it as if it will never exist.

                                                                                            This stuff is still new, and will improve over time as new APIs get added. Like I said, “it’s not as good, but it’s improving”.

                                                                                            Please assume good faith.

                                                                                            1. 3

                                                                                              It seems like from Mozilla’s perspective the sidebar header is not a bug, but desired behavior: https://github.com/Croydon/vertical-tabs-reloaded/issues/13#issuecomment-294589274

                                                                                              I’d love to see the tickets though, because I couldn’t find anything in the official bug tracker (but maybe I used the wrong search terms).

                                                                                              And that’s not the only issue: it seems like the place is fixed to be beneath the location bar, either at the left or right side, falling way short of Tab Center.

                                                                                      1. 2

                                                                                        Is it only for me that I get an SSL error due to a seemingly self signed certificate? - or is this on purpose?

                                                                                        1. 4

                                                                                          It’s not only you. It is on purpose.

                                                                                          You’ll have to trust tedu a little if you want to read his blog. ;-)

                                                                                          1. 2

                                                                                            I don’t know if my browser got the right cert, but the information presented on the page I got certainly seems to be correct (i.e. matches commits I’ve seen on source-changes@).

                                                                                            1. 3

                                                                                              Of course there’s no reason to assume you’re getting the same information as anyone else.

                                                                                              1. 1

                                                                                                True :)

                                                                                            2. 1

                                                                                              It’s on purpose.

                                                                                              Unfortunately lobste.rs deliberately doesn’t let users hide all posts from particular domain. Any chance of a broken-ssl tag, or a policy to disallow links with dodgy certificates like this?

                                                                                              1. 6

                                                                                                It’s not a broken or dodgy cert. The difference is the trust model that @tedu is using. He is asking users to put trust in him vs a CA (https://www.tedunangst.com/flak/post/moving-to-https - I know you can’t see it without the cert). The important part is this:

                                                                                                Yesterday, reading this page in plaintext was perfectly fine, but today, add some AES to the mix, and it’s a terrible menace, unfit for even casual viewing.

                                                                                                The difference now is that your browser paints a terrifying UI vs rendering stuff with a cert it doesn’t know about.

                                                                                                The model he is using is similar to SSH’s “Trust on first use” but with a few extra steps to cope with the UI that operates via the “Trust anything from these guys, they are totally OK, right? RIGHT?” model.

                                                                                                Anyway, here is the cert, a sha256 sum and its sha256 fingerprint of it if you feel like importing it into your browser:

                                                                                                -----BEGIN CERTIFICATE-----
                                                                                                MIID2TCCAsGgAwIBAgIJAJIn/VMsBJrpMA0GCSqGSIb3DQEBCwUAMHMxCzAJBgNV
                                                                                                BAYTAlVTMQswCQYDVQQIDAJQQTEXMBUGA1UECgwOdGVkdW5hbmdzdC5jb20xGjAY
                                                                                                BgNVBAMMEWNhLnRlZHVuYW5nc3QuY29tMSIwIAYJKoZIhvcNAQkBFhN0ZWR1QHRl
                                                                                                ZHVuYW5nc3QuY29tMB4XDTE3MDcxMzIzNTMwNloXDTIxMDQwODIzNTMwNlowczEL
                                                                                                MAkGA1UEBhMCVVMxCzAJBgNVBAgMAlBBMRcwFQYDVQQKDA50ZWR1bmFuZ3N0LmNv
                                                                                                bTEaMBgGA1UEAwwRY2EudGVkdW5hbmdzdC5jb20xIjAgBgkqhkiG9w0BCQEWE3Rl
                                                                                                ZHVAdGVkdW5hbmdzdC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
                                                                                                AQC3uH7heRPPoxNFbhmHBbXzMqEClGxtEPaqVi6/owmviK5Yk7AvQ4ro5F740znk
                                                                                                fwno8tj5RPjDUpIBJkpBKBdTg23pHZOHAmioK11g0V6E8GIebKHvQi/iI/NCIRtq
                                                                                                +hfMCrwsfdX5lOE9HJyaiamdXrDUR1PNA4G7EEUamnVQqOT9+Y7Bbh2qaxvJ6bjw
                                                                                                43ytgzbDYUAFrsAiAzydPqX+FSQBTrB+pea2MEzNuevZFmBMdGUfvIHTmnp+PmUD
                                                                                                r/flLsDKaMNZL8HK4KydI0eInrTuoI9kd+Zu3L4ZmQVOTt7XV0ezHsROrqOxwpqd
                                                                                                9a1DCVXvOnuHuN7UwgYZIQ/XAgMBAAGjcDBuMAwGA1UdEwQFMAMBAf8wHgYDVR0e
                                                                                                BBcwFaATMBGCDy50ZWR1bmFuZ3N0LmNvbTAdBgNVHQ4EFgQUkrTp53Wxxq82rhLk
                                                                                                ltMCZGIQRQ0wHwYDVR0jBBgwFoAUkrTp53Wxxq82rhLkltMCZGIQRQ0wDQYJKoZI
                                                                                                hvcNAQELBQADggEBAKIOxuH4fMiiZXgL6ABUIzpmDWNQVYN89svUwezAOGbs8WV1
                                                                                                rTzoGBVoKwsXoiCI49nWdKaVMdOfoKUgmq2TrF3mST7+D/py+4XPPiJwcekOlwJ0
                                                                                                LJT41D1urH2YyGRz9vNFLeFmgwvQLExqWbOhPRG0YOoGR5W41JtVOyTsll6Z0qbQ
                                                                                                jkWBj/g5g8slVISfCKP7pH3CVmEUGbbZd5FiUrR+WDP9XOrPDsneX4/XkbLZ+ZNH
                                                                                                Z+RxNGlJ6txIQcSTmtsQqHTLdKRoAWT7YxmvPB9pfZ8bDsRSNjohF0QkxM0Y9qxf
                                                                                                Xf7xlhGJs7KkNn4LteI5vwjf+9U6Wtbm/Vr5MsU=
                                                                                                -----END CERTIFICATE-----
                                                                                                
                                                                                                SHA256 (ca-tedunangst-com.crt) = 049673630a4a8d801a6c17ac727e015fbf951686cdd253d986e9e4d1a8375cba
                                                                                                
                                                                                                SHA-256 Fingerprint	AA DD 6D 06 88 7B 36 60 67 56 00 AB D0 76 FB B4
                                                                                                			3C 60 10 14 5D AB 4D 39 06 F8 24 08 4B 14 D2 BE
                                                                                                

                                                                                                I have also signed this message using my pgp stuffs. I guess this means we have a lobste.rs based web of trust using the Comments protocol?

                                                                                                The real question in all of this shouldn’t be “why is @tedu using broken / dodgy certs”, it should be: Who do you trust more?

                                                                                                Raw post / sig: https://deftly.net/lpost.txt https://deftly.net/lpost.txt.asc

                                                                                                PGP: 0x1F81112D62A9ADCE / 3586 3350 BFEA C101 DB1A 4AF0 1F81 112D 62A9 ADCE

                                                                                                1. 3

                                                                                                  I wouldn’t mind importing the CA, but how well does the name constraint work in Firefox?

                                                                                                          X509v3 extensions:
                                                                                                              X509v3 Basic Constraints: 
                                                                                                                  CA:TRUE
                                                                                                              X509v3 Name Constraints: 
                                                                                                                  Permitted:
                                                                                                                    DNS:.tedunangst.com
                                                                                                  

                                                                                                  This is actually cool if it works!

                                                                                                  1. 4

                                                                                                    Should work in all “modern” browsers. I did some testing to confirm. There’s a lot of stackoverflow answers that it doesn’t work, but most of them are old. They do make it difficult to find out.

                                                                                                    1. 1

                                                                                                      Edge seems to not like it - though I am not 100% sure I imported the cert into the correct store.

                                                                                                      1. 5

                                                                                                        Definitely works with edge. It has to go into the “Trusted Root CA” store, not the “Third-Party Root” store, or any of the other dozen. If you let it pick on its own, I have no idea where it goes. Fun times. You should get yet another warning that you’re about to do something terrible and dangerous. If you don’t see the scary message, you didn’t put it in the scary place. :) You can add it for just your user, not the whole machine.

                                                                                                  2. 2

                                                                                                    It is a dodgy cert, or at least the only reasonable/practical security posture is to treat it as one (if it were a legit cert there would be no reason not to have it cross-signed by a reputable CA). I have no interest in importing some random blogger’s CA into my browser or adopting some manual CA import process in the general case (I’m willing to support efforts at a practical web of trust system - I actually used the monkeysphere addon for a while, but it now seems defunct). I would expect most security-conscious readers to feel the same. As such, I’d like to be able to filter sites like this out of my lobste.rs frontpage.

                                                                                                    1. 4

                                                                                                      It is a dodgy cert, or at least the only reasonable/practical security posture is to treat it as one (if it were a legit cert there would be no reason not to have it cross-signed by a reputable CA).

                                                                                                      Why is tedu’s cert any more dodgy than what you get from all those reputable CA’s that have made sure governments can MITM you at will?

                                                                                                      1. 2

                                                                                                        A CA that had been caught doing that would present the same way as tedu’s CA. Should browsers be stricter than they are? Maybe, but even if I don’t think the bar for inclusion in the browser is as high as it should be, I’m sure as hell not going to trust a CA that hasn’t met it.

                                                                                                        1. 2

                                                                                                          Do you trust ssh fingerprints when you ssh into a machine? Do you use pgp?

                                                                                                          1. 2

                                                                                                            Do you trust ssh fingerprints when you ssh into a machine?

                                                                                                            There are about 2 machines I ever ssh to over the public internet, for which I confirmed the fingerprints manually.

                                                                                                            Do you use pgp?

                                                                                                            I use PGP for email exchanges with a small number of personal friends, who I confirmed fingerprints with in person.

                                                                                                            1. 3

                                                                                                              Isn’t that the same trust model as using tedu’s cert?

                                                                                                              I assume you manually confirmed the fingerprints via ssh-keygen or similar, how ever it was done - you have put some trust in someone (either the CA / people who bundle the CAs for the web-terminal you are using, or that your connection isn’t mitm’d in the first place)

                                                                                                              I will give ya that pgp is a bit different, but only for manually verified fingerprints. I am willing to bet that the vast majority of people using pgp for things like validating mails / releases of packages use the “Trust on first use” model.

                                                                                                              1. 2

                                                                                                                I assume you manually confirmed the fingerprints via ssh-keygen or similar, how ever it was done

                                                                                                                I mean I visited those specific physical machines and confirmed the fingerprints on their consoles.

                                                                                                                you have put some trust in someone (either the CA / people who bundle the CAs for the web-terminal you are using, or that your connection isn’t mitm’d in the first place)

                                                                                                                Sure. I trust the overall bundle-of-CAs, and that’s not ideal. But there’s at least some accountability in that system in a way that there just isn’t for “tedu”. Browser makers and CAs both have a lot more skin in the game than some guy with a website.

                                                                                                                1. 3

                                                                                                                  Sure. I trust the overall bundle-of-CAs, and that’s not ideal. But there’s at least some accountability in that system in a way that there just isn’t for “tedu”.

                                                                                                                  This is where the tedu model shines! You aren’t being asked to trust “tedu” beyond anything that isn’t already under the control of tedu, and, no third parties involved. I feel like a lot of the accountability problems fall by the way side when you are operating on an individual-site-level of trust vs a here-are-the-sites-we-trust model.

                                                                                                                  1. 2

                                                                                                                    No, I’m being asked to trust the public network path from me to… well, who knows where? Verifying that the site I see the second time is the same as the site I saw the first time is the easy part (and something that, in this age of HKPK, browsers are doing even in the CA world). Verifying the first time one visits is important too though.

                                                                                                          2. 2

                                                                                                            A CA that had been caught doing that would present the same way as tedu’s CA.

                                                                                                            I don’t see how anyone could know this with absolute certainty. Can you provide a proof for this claim?

                                                                                                            1. 2

                                                                                                              I’m not sure what your “absolute certainty” point is? What you see when you go to tedunangst.com is a site with a certificate signed by a CA that’s not in your browser’s trusted roots - this is exactly what you get when you go to sites from CAs that were caught helping governments MitM and have therefore been removed from your browser’s trusted roots (currently only WoSign).

                                                                                                              1. 2

                                                                                                                I don’t know any of the people who add CAs to my browser, and I don’t know any of the people operating the CAs.

                                                                                                                How can anyone know that all of the CAs in their browser will never break the rules you describe, such that CAs wll never, knowingly or unknowingly, validate a certificate they have no business validating?

                                                                                                                However, I could actually validate and store tedu’s cert if I wanted to. Which means I could get more secure access to his blog than to my bank’s website.

                                                                                                                1. 1

                                                                                                                  I don’t know any of the people who add CAs to my browser, and I don’t know any of the people operating the CAs.

                                                                                                                  I don’t either, but they are at least public figures that have some accountability that way. If Mozilla or VeriSign shipped a bad certificate, there’s at least a chance that people would notice and make a fuss, and that there would be financial consequences for those organizations (as we’ve already seen with WoSign). If tedu (who I don’t know either) shipped a bad certificate, who would know or care?

                                                                                                                  However, I could actually validate and store tedu’s cert if I wanted to. Which means I could get more secure access to his blog than to my bank’s website.

                                                                                                                  How so? You can validate and store any site’s certificate if you want to, CA signing just gives you an additional level of validation. Indeed if a site is using HPKP then your browser will already be doing a trust-on-first-use style of validation on subsequent visits - just with additional verification on the first use.

                                                                                                                  1. 1

                                                                                                                    Doesn’t HPKP imply that the TLS trust model is admittedly so broken that it needs a workaround at the HTTP layer? What about TLS for, say, email? Will all applications using TLS have to solve this problem which TLS was intended to solve?

                                                                                                                    I have not read about TLS 1.3 yet. Maybe the new edition has fixed this?

                                                                                                                    1. 2

                                                                                                                      The TLS model is fine. HPKP gives the super-paranoid folks a way to get what they want without breaking compatibility with the rest of the system, that’s all.

                                                                                                                      Authentication probably needs application-layer components, because only the application can really define the security model. Drop-in encryption at the transport layer only goes so far. Web browsers align nicely with domain names; ssh aligns nicely with Unix user accounts, but other domains require their own models.

                                                                                                            2. 1

                                                                                                              A CA that had been caught doing that would present the same way as tedu’s CA.

                                                                                                              Caught? By governments?

                                                                                                              They’re all compromised, because governments really really want to compromise them, and no one wants their life fucked up for standing up to them.

                                                                                                              even if I don’t think the bar for inclusion in the browser is as high as it should be, I’m sure as hell not going to trust a CA that hasn’t met it.

                                                                                                              Can you guess one of the requirements for meeting that bar?

                                                                                                              1. 2

                                                                                                                Caught? By governments?

                                                                                                                Caught by browser vendors, or by anyone who published evidence.

                                                                                                                They’re all compromised, because governments really really want to compromise them, and no one wants their life fucked up for standing up to them.

                                                                                                                If governments were systematically issuing bogus certificates we’d’ve caught them by now, given certificate transparency. WoSign was caught and will never be trusted again. Maybe some governments could be keeping a few compromised CAs in the back pocket and using them occasionally for strictly targeted attacks against individuals, but even that’s risky. And principled people do exist, and any ongoing compromise would risk bumping into one sooner or later.

                                                                                                                Can you guess one of the requirements for meeting that bar?

                                                                                                                Oh FFS. Speak clearly or not at all; I have no interest in playing games.

                                                                                                                1. 1

                                                                                                                  Oh FFS. Speak clearly or not at all; I have no interest in playing games.

                                                                                                                  I thought it was clear that making it possible for governments to MITM people was the requirement I was referring to.

                                                                                                                  On a related note, not bothering happy cartel members with actual competition is one of the requirements for a banking or ISP licence.

                                                                                                                  If governments were systematically issuing bogus certificates we’d’ve caught them by now, given certificate transparency.

                                                                                                                  What’s “certificate transparency”?

                                                                                                                  WoSign was caught and will never be trusted again.

                                                                                                                  Looks like WoSign was caught being compromised by some random criminals or something - not governments. If that’s the case, WoSign isn’t relevant to our discussion.

                                                                                                                  Maybe some governments could be keeping a few compromised CAs in the back pocket

                                                                                                                  Maybe? You know there’s always a bunch of psychopaths everywhere, happy to receive bribes/benefits for shafting all of mankind, and if that’s not an option, they can just directly force some people to make it happen.

                                                                                                                  What would you expect? “Oh gosh, we sure would LOVE to see all that traffic, but it’s encrypted so I guess there’s nothing whatsoever we can do about it ever!!”

                                                                                                                  1. 1

                                                                                                                    Looks like WoSign was caught being compromised by some random criminals or something - not governments.

                                                                                                                    I think in practice it makes very little difference. The intentions are the same.

                                                                                                                    1. 0

                                                                                                                      I think in practice it makes very little difference. The intentions are the same.

                                                                                                                      I wonder if you genuinely believe that. But no, the intentions are completely different.

                                                                                                                      The government won’t MITM you to get your money - they just take your money by force every year anyway.

                                                                                                                      Instead, the government wants to MITM you so that they can identify you as a potential threat to their continued rule over everyone, and move to neutralize the threat if necessary.

                                                                                                          3. 4

                                                                                                            I like to think that I am a security conscious user. I met @tedu in person and I trust his self signed certificate more than a third party emitted certificate. Would I trust him signing a cert for gmail? No. I do not however see a problem with him self signing a certificate for his own site.

                                                                                                            On the other hand, there was more than one occurrence of a ‘trusted’ CA signing domains without due diligence and our browsers didn’t warn us about that. The CA model is f—ed and broken.

                                                                                                            1. 3

                                                                                                              certificate authorities are not always trust worthy.

                                                                                                      1. 10

                                                                                                        I fee like, purposely or not, the title of this post is misleading as is, even with the caveat in the text that it’s simply one user’s opinion. That should have been made clear in the title IMO.

                                                                                                        Additionally it’s worth noting that this particular interpretation of downvotes leaves a lot of room for unfriendly, hostile, and ugly behavior provides that it can be plausibly denied as an opinion.

                                                                                                        The idea that opinions cannot be subject to downvotes coupled with the admonitions against “badthink” leave room for things like:

                                                                                                        In my opinion, women are generally inferior programmers than men.

                                                                                                        Black people are genetically pre-disposed to be good slaves (author will present “evidence” to back up their “opinion”.)

                                                                                                        Etc.

                                                                                                        More broadly, the idea that social interactions can only be mediated by some objective set rules in order to be fair is a peculiar oddity of the internet that runs counter to meatspace human behavior and often enables, intentionally or not, abusive and exclusionary behavior.

                                                                                                        1. 5

                                                                                                          That’s the core of it, though–what’s wrong with expressing those opinions?

                                                                                                          If an opinion is actually totally bonkers, ignore it. If an opinion might be based on incorrect facts, a polite discussion–followed, perhaps, by an agreement to disagree–is an adult way to handle it. The mere gut reaction of “this person says that they feel like about and so must be punished” is just tribalism, pure and simple.

                                                                                                          If the opinion is, say, “I think that angersock should be violated with a rake for being such an argumentative shithead”, that’s something that falls under our usual civility guidelines. Something like “I think that angersock is ill-suited to public discourse because of their race” is something that can either be engaged with (and nuked once civility is dropped) or ignored entirely. And even in that latter case, usually the off-topic flag becomes relevant. We have mechanisms in place to deal with this, we just need to use them.

                                                                                                          As an aside, your second example is stated as a fact and not as an opinion (is similar to the borderline example in my original post).

                                                                                                          1. 10

                                                                                                            Because they create a hostile environment. I’m entirely uninterested in reading bonkers racist statements, but I am interested in reading technical content from people who won’t put up bonkers racist statements. You have to decide what audience/participants you want.

                                                                                                            1. 5

                                                                                                              I think that angersock is ill-suited to public discourse because of their race

                                                                                                              I don’t think racist arguments of any kind fall inside the realm of civil discourse. I would downvote as troll.

                                                                                                              1. 9

                                                                                                                Racist comments would be moderated.

                                                                                                                1. 4

                                                                                                                  Given the other comments downthread, I think it would be more accurate to say that overtly racist comments would be moderated, which is not quite the same. I’m not suggesting we ask moderators to make decisions about where the line is for overt / implicit / accidental racism, but additional ways of downvoting would let the community draw those line, which we should expect to be somewhat fuzzy and subjective, but should still exist.

                                                                                                                  Modern racism (and other isms) rarely takes the form of explict denigration and demonization of minorities. It’s typically framed as believed to be true (honestly or not) “facts” or “i’m just saying” opinions, and we have a terrible habit of building rule systems that excuse any behavior that can’t be proven to be malicious (which is extremely difficult), regardless of how negative the actual outcome of that behavior is.

                                                                                                                  In this case, both @grumpyoldman and @tm knew that their position would be considered racist, which means they should also know that going out of their way to express and defend those opinions here would create an environment hostile to PoC. No matter how much they believe their statements to be true, I think it’s reasonable to expect them to know that their personal belief in the truth and meaningfullness of something does not make it objectively so, and that expressing those particular beliefs creates an environment of hostility.

                                                                                                                  This sort of behavior is counter-productive to community building, IMO, and is not exclusive to social topics of race. It’s entirely possible to generate unwelcoming hostiliy by ranting about systemd or non-constructively dismissing technical work as useless. In general, I think it’s reasonable ask people to consider the effect of their behaviors on the community and give the community an easier way to speak to damaging behavior that’s independent of intent.

                                                                                                                  1. -1

                                                                                                                    No matter how much they believe their statements to be true, I think it’s reasonable to expect them to know that their personal belief in the truth and meaningfullness of something does not make it objectively so, and that expressing those particular beliefs creates an environment of hostility.

                                                                                                                    Finding something uncomfortable or “offensive” doesn’t make it false either.

                                                                                                                    For example, we all know that on average, black men have larger penises than white men. In other words, being white kind of sucks in that regard. We’d all much prefer having big penises, just like we’d all prefer being smart.

                                                                                                                    But somehow talking about the differences in penis size is perfectly fine, but anyone who brings up the differences in IQ just absolutely needs to be shouted down for being “racist”. It’s a double standard.

                                                                                                                    Facts are not racist. Everyone on this forum is certainly smart enough to understand that, and we’re all capable of discussing and debating things. So why the irrational, extreme hostility to some ideas then? It makes no sense.

                                                                                                                    Unless.. the larger problem here is that the world is allergic to the truth.

                                                                                                                    Not only that, but just like when something seems “too good to be true”, when someone seems “too irrational to be true”, it’s probably not true!

                                                                                                                    So basically people are just pretending to be outraged by some uncomfortable truths being mentioned.. but not others, like penis size.

                                                                                                                    I have no idea why this is happening, but it is. And it’s incredibly destructive to our societies as a whole. In fact, it’s almost like there’s a concentrated effort to drive Western civilization into the ground.

                                                                                                                    We’re all up shit creek, sans paddle, and a large percentage of us “little folks” is busy drilling holes in the boat as best they can.

                                                                                                                    The mind boggles..

                                                                                                                    1. 1

                                                                                                                      Yes, if expressing a true statement which is supported by objective and evidence and fact and not subjective opinion “creates a hostile environment” then a community that holds that viewpoint is itself toxic to humanity. I hope that isn’t the case here.

                                                                                                                      If certain facts and truths cannot be mentioned and falsehoods are upheld because they aren’t what people want to hear, then that creates an entire layer of falsehood I have have to view everything else through if the community norm is decided to be a standard which supports and encourages deliberate dishonesty.

                                                                                                                      “Offensiveness” is about the worst criteria for moderation or self- censorship imaginable in a world where everyone is offended by anything and everything, reasonably or unreasonably.

                                                                                                                      Heck, I’m highly offended and consider it disgustingly ‘racist’ that minorities and PoC are being effectively ignored and are suffering lost opportunities because instead of seeing our differences as mere differences (or strengths) we choose to shut our eyes or claim they don’t exist. This is absolutely toxic, hostile, and ignorant.

                                                                                                                      In the end we need to decide what sort of culture we support and want sort of world we want to live in. Monocultures can be fragile and diversity can be our strength, and to claim these differences simply aren’t real and don’t exist is ignoring the elephant in the room. The unintended consequence of such hyperbolic political correctness is that it hurts the very people it claims to be supportive of.

                                                                                                                      1. 0

                                                                                                                        I hope that isn’t the case here.

                                                                                                                        That’s the case everywhere.

                                                                                                                        For example, speak certain uncomfortable truths on Hacker News, and you’ll be shadowbanned. It’s happened to me several times.

                                                                                                                        The same will/would probably happen here too. This post might do it! Not that I really care.

                                                                                                                        If certain facts and truths cannot be mentioned and falsehoods are upheld because they aren’t what people want to hear, then that creates an entire layer of falsehood

                                                                                                                        The world we live in is a massive pile of falsehoods. As a random example, we’re told that 2% is a good rate for our income, savings and pensions to be losing their purchasing power, i.e. that 2% inflation is somehow good for us.

                                                                                                                        But in reality, there’s no good rate for a bad thing to be happening. How fast would you like gangrene to spread through your body? How about not at all?

                                                                                                                        We’re also led to believe that being ruled over is in our interest, instead of say, our rulers’.

                                                                                                                        In the end we need to decide what sort of culture we support and want sort of world we want to live in.

                                                                                                                        There’s two sides to “we”: psychopaths and humans. The former run the world and are turning it into shit, and the latter have no clue what’s going on and are abused and exploited by the psychopaths.

                                                                                                                        But hey, there’s a pretty decent chance that you’re a psycho too, so I’ll just stop here. In fact, posting on the Internet is mostly a waste of time, because I’m mostly talking to a psychopath anyway.

                                                                                                                        It’s just a bad habit I picked up before finding out what’s going on.

                                                                                                                2. 2

                                                                                                                  I am hard-pressed to think of a reason that such a line of discussion should ever come up here, unless in maybe cogsci or culture threads. I’d trust our mods to crack down the second it strayed from reasonable science.

                                                                                                                  (On a related note, that’s why submissions that lend themselves to that sort of bile are cancer.)

                                                                                                                  1. -2

                                                                                                                    I don’t think racist arguments of any kind fall inside the realm of civil discourse

                                                                                                                    Even if someone actually made an argument, instead of just running his mouth?

                                                                                                                    On a related note, there are studies that find different races to have different average IQs. But if someone brings that up to support a related claim, lots of people will shout him down as a “racist”.. and that’s bullshit.

                                                                                                                    1. 3

                                                                                                                      Actually that is not bullshit. People who claim race influences IQ are racist and I’m 100% uninterested in their odious opinions.

                                                                                                                      1. 4

                                                                                                                        Sure, but the point being referenced above refers to correlation and not causation.

                                                                                                                        Anyways, in some cases, it’s basically impossible to talk about policy issues without noting biological differences. Like, there are other cases (alcohol flush reaction) where we could talk science and biology and be having a strictly racist but civil conversation.

                                                                                                                        The problem is that people often go off on dumb tangents and assert policy choices that should be made, or that they go and overgeneralize when things are complicated.

                                                                                                                        1. 0

                                                                                                                          Yay, I’ve absolutely prepared and resigned myself to be down-voted to oblivion, but here goes.

                                                                                                                          The claim that race influences IQ isn’t “bullshit” - it’s the accepted scientific consensus and if you’ve chosen to wholly disregard a truth because you don’t want to hear it, then I might be 100% uninterested in your odious opinions as well. I’ve hesitated on commenting in these meta-discussions, and I won’t be down-voting any comment as “Incorrect” because it’s not helpful to do so, but it would be absolutely correct in this case.

                                                                                                                          See https://doi.org/10.3389/fpsyg.2016.00399 for good recent meta-study that appears in a high impact peer-reviewed journal. I could literally provide you with hundreds and hundreds of similar articles, but what would be the point, as you’ve already decided that you are going to ignore both reality, scientific consensus, and the accepted views of most scientists working in this (controversial) field, all because they don’t fit your preconceived ideas of the way things should be?

                                                                                                                          Just my $0.02, but I’m venting that this is even a topic on lobsters at all. It shouldn’t be and if there is any strict moderation necessary, it should be to keep these political posts off this site and away from this community. If lobsters is going to start allowing this sort of discussion - is it “uncharitable” or to start marking Incorrect statements as incorrect even if I would be perceived as some sort of racist and start a whole circus?

                                                                                                                          The truth here is complicated and not what people want to hear. It is absolutely incorrect to state that race and IQ are not correlated and to claim otherwise is to ignore decades of data. Does this mean science is racist? I wouldn’t make that argument. I actually would agree with vyodaiken, if he said that it is “bullshit”, if the argument presented was that race can be seen as the causative factor and used an indicator of innate superiority or directly linked to ability; that sort of thing is not supported by data and while never argued seems to be what was inferred.

                                                                                                                          I’ve never down-voted in a meta topic and usually avoid this sort of discussion because it is so far off the scope of this community I would argue it doesn’t belong anywhere near this site. I absolutely understand that people will be offended when they think they are being attacked based on their gender or race.

                                                                                                                          Simply discussing the scientific findings in this field is upsetting to many people and makes them feel uncomfortable or unwelcome. That is an unfortunate truth. But, using false statements to defend against perceived racism is just as intellectually bankrupt as using false statements to support racism - and none of it has anything to do with technology.

                                                                                                                          Where does it end? Are we going to add “fact checkers” to support or overturn “Incorrect” down-votes? Is it “uncharitable” to down-vote a factually incorrect statement that is being used in an argument defending minorities - a righteous position? Would it be not “uncharitable” to down-vote the same sort of factual incorrectness being used by a racist to support their argument?

                                                                                                                          With that said, I’ve hidden the “meta” tag going forward, because these recent threads are so far off-topic I don’t care to see any more of them. I appreciate being allowed in this community, outside of the meta threads, it is generally civil and tightly focused, but if we start mixing in subjective down-voting rationales and having threads about controversial topics of self-identity, race, or religion, it is my opinion that will greatly diminish this community and I probably won’t want to participate any longer, especially if we are going to accept hostility to facts and reality.

                                                                                                                          Edit: A good related piece - http://www.politico.com/story/2013/08/opinion-jason-richwine-095353 - Why can’t we talk about IQ?

                                                                                                                          1. 4

                                                                                                                            I do sympathize with your position, but I will observe that blocking meta threads means that you’re going to be subject to rules and norms that you will not have any warning of or input into.

                                                                                                                            1. 1

                                                                                                                              So the unintended consequence is that I will likely end up contributing much less and commenting much less than I might otherwise, which would be unfortunate.

                                                                                                                              I’ve enjoyed that what makes the front page here has generally been free of politics. I’ve not noticed any recent outbreak of uncharitable behavior here. I’ve actually found lobsters to be a rare gem of an online community with some cohesion and civility absent elsewhere. It’s a refreshing retreat, especially since we live in a world that is politically polarized on a global scale. The extremists on both sides not only claim they have the sole moral high ground - they share so little common ground and finding their opposites so abhorrent that civility is purposely abandoned, often to the point where violence often rationalized.

                                                                                                                              I’ll reconsider filtering meta - for now - but if lobsters starts to get political and new subjective down-voting reasons are added where ‘feels’ have the same weight as facts, I’ll probably have find somewhere else to get my tech links from.

                                                                                                                            2. 3

                                                                                                                              The claim that race influences IQ isn’t “bullshit” - it’s the accepted scientific consensus

                                                                                                                              Only to racists. This is not a debatable question. There is not even a scientific definition of race. IQ is not known to measure anything at all. The only people who keep pushing this phrenology level bullshit have an axe to grind and their pretense of dispassionate scientific interest is transparent. The fake plea for civility doesn’t fly either.

                                                                                                                              1. 1

                                                                                                                                Then feel free to consider me a racist and ignore my further commentary and I’ll do the same.

                                                                                                                                Edit: I’m not going to do it, but this absolutely Trolling here - as well as Incorrect. I guess I’d much rather be called racist because it’s a laughable term that has no sting when it’s thrown around in response to a refusal to accept facts and reality. Also, that you decide that you know my intentions and think I have some axe to grind without knowing me is just pure trolling. Enjoy, I’m done with it because I have no need to gain your respect and I’m not going to waste my time defending myself against your personal attacks.

                                                                                                                                1. 1

                                                                                                                                  So, I’m broadly of the opinion that individual and cultural differences trump (nebulous at best) “racial” differences.

                                                                                                                                  That said, given that complex traits are typically 30-50% heritable, I would be very surprised if any given measurement of intelligence turned out not to be heritable.

                                                                                                                                  The degree to which heritability generalises to racial traits in a multiracial society is arguable (largely hinging on whether race is a useful concept in genetics at all), but is far from settled.

                                                                                                                                  In short, you are making an assertion which isn’t falsifiable (let alone evidence supported) and it adds nothing to the debate.

                                                                                                                                  A more useful question might be: if racial intelligence differences were proven to exist, would that justify racism?

                                                                                                                                  (In my opinion it would not; curious about contrary arguments).

                                                                                                                                  1. 0

                                                                                                                                    It is a double-edged sword, of course.

                                                                                                                                    We can use our knowledge of differences to make us stronger and better as a culture or we can use that knowledge to support (or justify) our hateful and unhelpful behaviors. Would such behavior be justifiable? I would argue absolutely not in a civil society.

                                                                                                                                    The choice of course is ours. What sort of community do we want?

                                                                                                                                    My point remains that to label certain knowledge as inherently ‘racist’ is absurd and and then to claim only ‘racists’ acknowledge those truths, well, I’m gobsmacked. If this is how it is, I will be ‘proud racist’ in this context as the alternative is to be a proud ignoramus.

                                                                                                                                    1. 2

                                                                                                                                      Your representation of the discussion is not correct and what you claim to be “truths” are opinions that are not even posed as scientific questions and are being deceitfully marketed as scientific consensus. Whatever motivates people to insist on bringing up political claims about race/IQ in a discussion forum about computer technology, it’s not science. I am not asserting that scientists should not study genetics and intelligence, I am asserting that the pseudo-science such as that promoted by Richwine is off topic and offensive and has no place in a forum such as this one.

                                                                                                                                      1. [Comment removed by author]

                                                                                                                                        1. 1

                                                                                                                                          (You appear to have double posted)

                                                                                                                                          On this point we can finally agree.

                                                                                                                                          While we both likely see our respective viewpoints as repugnant, we are unlikely to ever come to any agreement except that these discussions are off-topic.

                                                                                                                                          That is a point I’ve been making all along. I absolutely disagree with essentially everything else you’ve said and would gladly continue the discussion but this isn’t the place, is it?

                                                                                                                                          These “meta” tagged threads are pure cancer.

                                                                                                                                  2. 0

                                                                                                                                    This is a perfect example of the kind of HN content I come here to escape. A tech forum is the wrong place to express your plaintive cry that you need more social experience.

                                                                                                                                    1. 0

                                                                                                                                      argument presented was that race can be seen as the causative factor and used an indicator of innate superiority or directly linked to ability; that sort of thing is not supported by data

                                                                                                                                      If the data shows that there are differences between the average IQs of different races, why wouldn’t the same data support race being a causative factor?

                                                                                                                                      1. 1

                                                                                                                                        Ah, simply because correlation does not necessarily imply causation. In this specific case, it should also be noted that due to disagreements on a “scientific” definition of “race” most of these studies use racial self-identity as the criteria.

                                                                                                                                        There are too many uncontrolled variables to make any reasoned conclusion as to a cause, but to deny these differences exist at all, like some here are trying to do, is insanity.

                                                                                                                                        (Also, I use “insanity” here as “extreme foolishness or irrationally”. I’m not intending to imply their positions are enough to medically diagnose and label them mentally ill - only that the many of the arguments made in this thread are irrational.)

                                                                                                                                        1. 0

                                                                                                                                          The question is what makes some people insist on bringing up this topic in forums like this. Are they truth seeking iconoclasts, unwilling to let irrational mobs limit the scope of their scientific curiosity? Given the quality of the “science” presented in these arguments, that’s impossible to credit. Jonathan Richwine is a professional ideologist who was forced to resign his position at the Heritage Foundation! Charles Murray wrote a book that was roundly denounced by the most prominent genetic scientists as a racist rant - he’s merited his own page in the SPLC directory of hate groups.

                                                                                                                                          1. -4

                                                                                                                                            Ah, simply because correlation does not necessarily imply causation.

                                                                                                                                            Necessarily, huh? :P

                                                                                                                                            Race happens before IQ tests though, and for some mysterious reason there are people in Africa trying to cure AIDS by having sex with virgins, and living in huts without any plans to change that.. and they’ve had just as much time to develop as we have.

                                                                                                                                            Go figure.

                                                                                                                                            1. 2

                                                                                                                                              I am waiting for the defenders of free and open scientific inquiry to explain how this stuff about Africans living in huts fits into their brave defense of rationality. To me, it’s just racist nonsense, but perhaps that’s just me.

                                                                                                                                    2. 1

                                                                                                                                      I find interesting highly entertaining that I was just shouted down for being a “racist” for merely trying mentioning the scientific consensus on the matter. I wish there was a way to ignore these people but sometimes, like a train wreck, it’s too crazy to turn away from.

                                                                                                                                      New Scientists’ Ethics Special issue out now actually has a debate that science itself may be “unethical” to practice going forward because of its potential to be dangerous/destructive/racist! What fragile and special snowflakes we all have become these days!

                                                                                                                                      I wonder if a better option would be when clicking down-vote, you are given the option to ignore the user.

                                                                                                                                      Seems like it could be a mature choice, but possibly it would just fragment the site and make echo chambers?

                                                                                                                                      I guess a Greasemonkey script could collapse the comments automatically as well.

                                                                                                                                      1. 0

                                                                                                                                        That racist babble is not even close to the scientific consensus . That political hacks claim a scientific consensus doesn’t make it so.

                                                                                                                                      2. 1

                                                                                                                                        To quote a small (fair-use) bit from that now famous “Why can’t we talk about IQ?” article, emphasis mine:

                                                                                                                                        For people who have studied mental ability, what’s truly frustrating is the déjà vu they feel each time a media firestorm like this one erupts. Attempts by experts in the field to defend the embattled messenger inevitably fall on deaf ears. When the firestorm is over, the media’s mindset always resets to a state of comfortable ignorance, ready to be shocked all over again when the next messenger comes along.

                                                                                                                                        At stake here, incidentally, is not just knowledge for the sake of knowledge, but also how science informs public policy. The U.S. education system, for example, is suffused with mental testing, yet few in the political classes understand cognitive ability research. Angry and repeated condemnations of the science will not help.

                                                                                                                                        What scholars of mental ability know, but have never successfully gotten the media to understand, is that a scientific consensus, based on an extensive and consistent literature, has long been reached on many of the questions that still seem controversial to journalists.

                                                                                                                                        Apparently accepting the scientific consensus, based on extensive and consistent literature, which has long been reached by the relevant researchers in the field, is still a struggle for many computer scientists and otherwise very smart and reasoned individuals as well, especially when the science doesn’t support their preconceived notions.

                                                                                                                                        I’m not sure if I should laugh or cry anymore these days.

                                                                                                                                        http://www.politico.com/story/2013/08/opinion-jason-richwine-095353 for the original article.

                                                                                                                                        1. 6
                                                                                                                                          1. Richwine is not a scientist.

                                                                                                                                          Jason Matthew Richwine is a conservative public-policy analyst[2] and commentator[3] best known for his controversial views on immigration and IQ. Wikipedia

                                                                                                                                          1. Richwine’s dissertation was not in science, not in social science, but in public policy

                                                                                                                                          2. Richwine’s dissertation made claims that are unsupported in science about the genetic basic of IQ and tied them to public policy recommendations.

                                                                                                                                          Richwine appears to not understand what it was about his dissertation that disturbed people. He argued for a clear and persistent genetic basis to IQ, used that to argue for an immigration system based on IQ tests, and then provided political advice on how to hide the intent of that system. https://www.washingtonpost.com/news/wonk/wp/2013/08/09/jason-richwine-doesnt-understand-why-people-are-mad-at-him/?utm_term=.4f44ca32a804

                                                                                                                                          1. In his Politico article, Richwine attempts to rehabilite the widely debunked Bell Curve and its racist political program

                                                                                                                                          “As a consequence, the interesting policy implications explored by Herrnstein and Murray were lost in the firestorm.” http://www.politico.com/story/2013/08/opinion-jason-richwine-095353

                                                                                                                                          Here’s an example of Murray from Bell Curve: “The professional consensus is that the United States has experienced dysgenic pressures throughout either most of the century (the optimists) or all of the century (the pessimists).” - from https://www.splcenter.org/fighting-hate/extremist-files/individual/charles-murray

                                                                                                                                          There is no credible argument here that dispassionate scientific research is being shouted down. People who persist in bringing up this claim create a hostile environment for the targets of Richwine and Murray’s and others racist remarks and political program.

                                                                                                                                          1. 7

                                                                                                                                            I wanted to comment that this sort of clear, crisp disagreement/refutation with minimal quotes and links to sources is exactly the sort of thing I like to see more of.

                                                                                                                                            That said, let’s drop the subthread for now.

                                                                                                                                    3. 5

                                                                                                                                      In practice skepticism about Rust or Haskell nets more troll ratings than racist babble. Tells you something.

                                                                                                                                  1. 0

                                                                                                                                    I propose new tags:

                                                                                                                                    • “Fallacious”, for situations where a comment might look correct, but involves a logical fallacy or false premises and so on. It’s not as simple as “Incorrect”.

                                                                                                                                    • “Sophistry”, for when a post looks correct/convincing, but you believe it’s intentionally fallacious. This would cover “high-level” trolling, for example.

                                                                                                                                    • “Bullshit”, for when a poster is clearly full of shit.

                                                                                                                                    You could have tags for upvotes too!

                                                                                                                                    • “Correct”, “Funny”, etc.

                                                                                                                                    And a couple of others that might come in handy:

                                                                                                                                    • “Ohgoshgollygee I saw a CUSS-word and now I need a safe space”
                                                                                                                                    • “I’m allergic to humour”
                                                                                                                                    1. 2

                                                                                                                                      If people are different, as we know they are, and free to choose, as they should be. Why then do we expect equivalent outcome for different groups?

                                                                                                                                      1. 3

                                                                                                                                        Because although the different outcome could be due to intrinsic differences between the groups (and we know they have differences), the different outcome can also be due to differences in how the two groups are treated (and we know they are treated differently).

                                                                                                                                        Why stop at the first explanation you can think of? There are many explanations possible: try to keep them all in mind, and accord to each the weight of its evidence

                                                                                                                                        1. 1

                                                                                                                                          Because although the different outcome could be due to intrinsic differences between the groups (and we know they have differences), the different outcome can also be due to differences in how the two groups are treated (and we know they are treated differently).

                                                                                                                                          The way you put it supports disregarding both possibilities. It could be individual differences, or it could be differences in treatment.

                                                                                                                                          You’re basically just assuming that it’s the latter, and that it’s a problem that needs to be somehow addressed at a collective level, which seems like quite a stretch, considering it could also not be about differences in treatment.

                                                                                                                                          Also, if it’s desirable to have just as many women in tech as there are men, why wouldn’t it be desirable to have equal proportions in all other professions as well?

                                                                                                                                          What is being done about nursing being dominated by women? It COULD be because men are discriminated against!

                                                                                                                                          Or it could be that in reality, gender distribution in various fields is actually a non-issue.

                                                                                                                                          1. 4

                                                                                                                                            The way you put it supports disregarding both possibilities. It could be individual differences, or it could be differences in treatment.

                                                                                                                                            I did that because I want to address the problem in the reasoning. I do, indeed,

                                                                                                                                            Or it could be that in reality, gender distribution in various fields is actually a non-issue.

                                                                                                                                            Am I right that your underlying question is why I perceive skewed gender distribution as an issue? That is a fair question, and deserves a straight answer.

                                                                                                                                            Like you, I do not perceive a skewed gender distribution as an intrinsic problem: as you say, people are free to make their choices. Then why do I worry when I see it? Because as far as I can tell, gender skew is very often caused by some property of the society – not of the individuals! – that discourages one group from joining or staying in a field. And here, there is a chance to maximise happiness: remove a stricture of society, and make it more likely that each individual joins the field that makes them happiest.

                                                                                                                                            I will also support the main pillar of my argument above: why do I believe gender skew is very often caused by some property of the society – not of the individuals? It comes from a pattern that you see repeated throughout the twentieth century. Remove a property of the system that allows gender to influence whether someone joins, and you find the proportion of the underrepresented gender increases. Hold blind auditions for orchestras? % of female professional musicians increases. Remove names and ages from resumés? % of women, foreigners, and older people hired increases. This pattern has repeated itself so often that my first instinct, when I see a gender imbalance, is to look for properties of the society that could cause that. If I don’t find one, all the better; but if I do, why not try to remove it, and make sure more people end up in the field that makes them happiest? It will certainly do no harm.

                                                                                                                                            P.s. Regarding men in nursing: let me Google that for you. I focus on tech because it is the topic of this post, and also because I myself work in a technological field.

                                                                                                                                            1. -2

                                                                                                                                              Hold blind auditions for orchestras? % of female professional musicians increases.

                                                                                                                                              I don’t believe that actually happens. You can find plenty of totally biased “liberal” studies to support the standard social justice non-issues people use for virtue-signalling, trolling, and contributing to the divide & conquer circus consuming the Western world.

                                                                                                                                              Remove names and ages from resumés? % of women, foreigners, and older people hired increases.

                                                                                                                                              Why would companies do that? -Just to participate in some liberal study arranged to “prove” discrimination?

                                                                                                                                              This pattern has repeated itself so often that my first instinct, when I see a gender imbalance, is to look for properties of the society that could cause that

                                                                                                                                              Surely you’re campaigning for gender parity in plumbing too!

                                                                                                                                              I didn’t appreciate the condescending LMGTFY there, and I won’t Google this for you, but there are differences in the overall intelligence levels between genders.

                                                                                                                                              Men tend to be both dumber and smarter, and women tend towards the mean. Even that alone explains the gender disparity in tech well enough. It’s just politically incorrect to bring it up.

                                                                                                                                              1. 2

                                                                                                                                                I don’t believe that actually happens.

                                                                                                                                                Most of the stuff the modern left is pushing leaves me scratching my head, but the specific case of blind auditions for orchestras is one only requires junior school numeracy and widely-available data to verify (only a correlation but it’s a hell of a big one).

                                                                                                                                                You can find plenty of totally biased “liberal” studies to support the standard social justice non-issues people use for virtue-signalling

                                                                                                                                                I’m not going to dispute that this happens, but once you’re willing to disregard studies on the basis that their findings don’t suit your notions of the world, you have left the path of reason.

                                                                                                                                                I’m well aware that this applies equally well to the social justice movement - but I’d ask you to think carefully about whether the sentiment you’ve expressed is a helpful way to think about the world.

                                                                                                                                                1. 0

                                                                                                                                                  Oh it’s you again, responding on behalf of someone else, with another mildly hostile and irrational post!

                                                                                                                                                  I’ll ask again, have I said something to upset you?

                                                                                                                                                  I’m not going to dispute that this happens, but once you’re willing to disregard studies on the basis that their findings don’t suit your notions of the world, you have left the path of reason.

                                                                                                                                                  Suppose you knew that 50% of all carrots are poisonous and will kill you. Would you insist that refusing to eat any carrots meant that you’d have left the path of reason?

                                                                                                                                                  1. 3

                                                                                                                                                    I’m responding on my own behalf, because I value the health of the community I’m part of.

                                                                                                                                                    I’ve explained amply downthread why your behavior is out of line with the norms of the community.

                                                                                                                                                    Suppose you knew that 50% of all carrots are poisonous and will kill you. Would you insist that refusing to eat any carrots meant that you’d have left the path of reason?

                                                                                                                                                    Your example really only makes sense because you’ve blown both the danger, the relative safety of alternatives, and the difficulty of discerning good from bad out of proportion.

                                                                                                                                                    Firstly, you’re presumably suggesting that you’ll eat something other than carrots (rather than starve). In this analogy, that would be ‘safe’ studies that agree with your worldview, unlike the ‘poisonous’ ones that disagree with it.

                                                                                                                                                    Secondly, the relative harm of accepting N new incorrect conclusions vs holding onto M existing incorrect conclusions is hardly comparable to life and death.

                                                                                                                                                    Thirdly, bad papers don’t look that much like good ones (unlike poisonous vegetables, which presumably look the same as safe ones). Many citations I read have glaring issues within the first page (I’d agree with your 50% number!) - obvious sampling bias, small populations, etc.

                                                                                                                                                    In short, I’m mildly hostile towards you because you persist in posting poorly-reasoned bullshit that is easy but time-consuming to refute to a community that’s managed to keep a good SNR to date.

                                                                                                                                                    1. -1

                                                                                                                                                      Your example really only makes sense because you’ve blown both the danger, the relative safety of alternatives, and the difficulty of discerning good from bad out of proportion.

                                                                                                                                                      Here’s roughly the same example, in a more directly related way:

                                                                                                                                                      If you know that 50% of all studies produced by Academia are biased/goal-seeked/nonsense, would refusing to accept the conclusions of all studies produced by Academia mean that you’ve left the path of reason?

                                                                                                                                                      In reality, the percentage is most likely closer to 80%. I doubt there’s a study on that, but that doesn’t mean it’s not actually true.

                                                                                                                                                      On a related note, here’s an example of what passes for science these days: https://www.corbettreport.com/un-warning-just-3-years-left-to-save-the-earth/

                                                                                                                                                      In short, I’m mildly hostile towards you because you persist in posting poorly-reasoned bullshit

                                                                                                                                                      That’s just like, your opinion, man. From my point of view, you seemed to have a problem with me personally, and difficulties in identifying actual ways of figuring out the truth.

                                                                                                                                                      you’re willing to disregard studies on the basis that their findings don’t suit your notions of the world

                                                                                                                                                      Actually, I’m disregarding studies on the basis that most studies are bullshit. If you already thought most of them were actually bullshit, why would you chastise me for disregarding them?

                                                                                                                                                      Do you, in fact, have a problem with poorly reasoned bullshit?

                                                                                                                                                      1. 2

                                                                                                                                                        From my point of view, you seemed to have a problem with me personally.

                                                                                                                                                        I can’t argue with how my words have impacted you.

                                                                                                                                                        I can honestly say I have no personal quarrel with you; I’m not sure there’s more assurance I could offer. I feel like the discussion is starting to get pretty good.

                                                                                                                                                        Here’s roughly the same example, in a more directly related way:

                                                                                                                                                        That’s a perfectly good example that illustrates your point clearly.

                                                                                                                                                        In reality, the percentage is most likely closer to 80%. I doubt there’s a study on that, but that doesn’t mean it’s not actually true.

                                                                                                                                                        One number or another; we’re in broad-strokes agreement that you can’t trust everything you read.

                                                                                                                                                        Actually, I’m disregarding studies on the basis that most studies are bullshit. If you already thought most of them were actually bullshit, why would you chastise me for disregarding them?

                                                                                                                                                        There’s a world of difference between ‘most studies are bullshit’ and ‘the studies referenced by someone disagreeing with me are probably bullshit and don’t require checking’.

                                                                                                                                                        If someone makes a claim you disagree with, ask for a source. When they give you one, show them why it’s bullshit.

                                                                                                                                                        By doing so, you can be more effective in advancing your own perspective (by demolishing poorly-supported opposing arguments) and you can (now and then) also discover holes in your own understanding.

                                                                                                                                                        For instance, in the case of blind auditions in orchestras, the canonical source is summarized here with the full text here.

                                                                                                                                                        This took me less than 5 minutes to find; the summary explains enough about the method to get a reasonable picture of how likely it is to pan out; the full article

                                                                                                                                                        On a related note, here’s an example of what passes for science these days: https://www.corbettreport.com/un-warning-just-3-years-left-to-save-the-earth/

                                                                                                                                                        That’s a video (not science) referring to a guardian article (journalism, not science) about a UN officials letter (politics, not science).

                                                                                                                                                        The video opens by fabricating quotes that aren’t present in the article (“save the world” vs “stop the worst effects”). It goes on to skip linking to it or otherwise make it easy to fact-check its claims (bad journalism).

                                                                                                                                                        The guardian article quotes from a letter (also without a link, bad Guardian) and adds a bunch of irrelevant fluff. Would’ve done better to just publish the letter.

                                                                                                                                                        I track down the letter published in nature; it doesn’t present any sources, but links to a blog post summarizing a report that integrates the findings of three working groups and two special reports…

                                                                                                                                                        None of this is science. This is (low-quality, partisan) journalism from Corbett & Guardian.

                                                                                                                                                        Do you, in fact, have a problem with poorly reasoned bullshit?

                                                                                                                                                        In the world at large? Not really; that’s just how people live.

                                                                                                                                                        On this particular discussion forum we’ve managed to largely avoid it, and a large part of that is refuting it when it gets posted.

                                                                                                                                                        1. -1

                                                                                                                                                          That’s a perfectly good example that illustrates your point clearly.

                                                                                                                                                          And it matches the carrot analogue well.

                                                                                                                                                          There’s a world of difference between ‘most studies are bullshit’ and ‘the studies referenced by someone disagreeing with me are probably bullshit and don’t require checking’.

                                                                                                                                                          Well no. The former implies the latter, and so, there’s no real problem with the latter.

                                                                                                                                                          If someone makes a claim you disagree with, ask for a source. When they give you one, show them why it’s bullshit.

                                                                                                                                                          Demanding sources is usually just a way to shut down a discussion, to silence someone you disagree with.

                                                                                                                                                          Showing why a study is bullshit might be difficult or impossible, or just not worth the trouble, especially if your “opponent” won’t listen to you anyway. This is all just part of why people should rely less on studies and more on reasoning and logic.

                                                                                                                                                          For instance, in the case of blind auditions in orchestras, the canonical source is summarized here with the full text here.

                                                                                                                                                          From the paper:

                                                                                                                                                          Although some of our estimates have large standard errors and there is one persistent effect in the opposite direction, the weight of the evidence suggests that the blind audition procedure fostered im- partiality in hiring

                                                                                                                                                          In other words, they start by admitting that their study is bullshit.

                                                                                                                                                          This took me less than 5 minutes to find; the summary explains enough about the method to get a reasonable picture of how likely it is to pan out; the full article

                                                                                                                                                          But you didn’t notice it was bullshit? And you’re lecturing me about using sources?

                                                                                                                                                          The video opens by fabricating quotes that aren’t present in the article (“save the world” vs “stop the worst effects”).

                                                                                                                                                          And you’re oblivious to humour and sarcasm?

                                                                                                                                                          See, this is where I conclude that you’re trolling, aaand we’re done here.

                                                                                                                                                          Do us both a favour and don’t respond to any of my future messages.

                                                                                                                                                          1. 2

                                                                                                                                                            Do us both a favour and don’t respond to any of my future messages.

                                                                                                                                                            While we’re at it, please don’t respond to any of my messages.

                                                                                                                                                            1. 2

                                                                                                                                                              See, this is where I conclude that you’re trolling, aaand we’re done here.

                                                                                                                                                              That’s unfortunate - I felt like we were starting to get close to an understanding.

                                                                                                                                                              Well no. The former implies the latter, and so, there’s no real problem with the latter.

                                                                                                                                                              That assumes that whoever is citing a source didn’t (e.g.) read it to check that it supports their position (ok, that might be more common than I’d like).

                                                                                                                                                              Demanding sources is usually just a way to shut down a discussion, to silence someone you disagree with.

                                                                                                                                                              Is a discussion full of unsubstantiated claims really such a valuable thing to save? Let it be shut down.

                                                                                                                                                              especially if your “opponent” won’t listen to you anyway

                                                                                                                                                              I don’t understand why you would engage in discussion with someone who disagrees with you if you didn’t think the other person might change their view.

                                                                                                                                                              In other words, they start by admitting that their study is bullshit.

                                                                                                                                                              I think this is a real point of difference between how you and I reason about statistical results.

                                                                                                                                                              When a study doesn’t include a section summarizing their own contrary results, I tend to suspect incompetence or data fabrication.

                                                                                                                                                              I suspect this because when measuring many small effects with some jitter, it’s vanishingly unlikely (0.95 ^ number of effects) that the data collected won’t contain any ‘reverse’ effects (like the one called out here).

                                                                                                                                                  2. 1

                                                                                                                                                    don’t believe that actually happens. You can find plenty of totally biased “liberal” studies to support the standard social justice non-issues people use for virtue-signalling, trolling, and contributing to the divide & conquer circus consuming the Western world.

                                                                                                                                                    Denial of empirical evidence on the basis of ideological gibberish stuffed with meaningless slogans. I love “virtue signalling” which is a pre-packaged ad-hominem attack on people who make any moral arguments at all.

                                                                                                                                                2. 2

                                                                                                                                                  The way you put it supports disregarding both possibilities.

                                                                                                                                                  That’s how trying to figure out the truth works.

                                                                                                                                                  You’re basically just assuming that it’s the latter

                                                                                                                                                  What? Either I’m blind, @sietsebb edited their comment, or you are engaging in pure fabrication. There’s nothing in the parent post to support that claim.

                                                                                                                                                  1. 1

                                                                                                                                                    Have I said something to upset you?

                                                                                                                                                    The way you put it supports disregarding both possibilities.

                                                                                                                                                    That’s how trying to figure out the truth works.

                                                                                                                                                    Well, the truth isn’t discovered by disregarding it, and its opposite.

                                                                                                                                                    What? Either I’m blind, @sietsebb edited their comment, or you are engaging in pure fabrication.

                                                                                                                                                    The comment has actually been edited. I don’t remember what exactly it said before, but the guy he’s responding to suggested that maybe the reason there are fewer women in tech is just because people[1] are different, which is of course the real reason behind it.

                                                                                                                                                    [1] More specifically, boys and girls are different, and biologically wired to be inclined to have different interests, aligned with their gender roles in procreation and survival.

                                                                                                                                                    This guy acknowledged that could be the case, but went on to insinuate that maybe it’s not, i.e. maybe it’s because of discrimination. That’s what I was responding to.

                                                                                                                                                    I did have a point too, which you’ve ignored for some reason.

                                                                                                                                                    1. 2

                                                                                                                                                      This guy acknowledged that could be the case, but went on to insinuate that maybe it’s not, i.e. maybe it’s because of discrimination.

                                                                                                                                                      You claimed there was a single, correct explanation for a phenonema. When it was pointed out that other explanations cannot be ruled out by available evidence, you argued that they were pushing a political agenda instead of accepting that there isn’t enough evidence to make a hard call.

                                                                                                                                                      On most of the internet, that level of debate doesn’t bother me in the slightest; I’ll continue to rail against it within this community for awhile yet.

                                                                                                                                                      Have I said something to upset you?

                                                                                                                                                      You have lowered the standard of debate within this community. Long-form text allows ample time to engage with ideas you disagree with on their flaws without the need to put words into your opponents mouths. Rather than posting ‘I disagree with this’, understand that your arguments are imperfect; build your arguments on the basis of explicit assumptions (eg “if we accept that the differences are biological, gender equality is a fools errand”).

                                                                                                                                                      [1] More specifically, boys and girls are different, and biologically wired to be inclined to have different interests, aligned with their gender roles in procreation and survival.

                                                                                                                                                      I don’t believe this is a falsifiable claim (at least, not with an experiment that would pass ethics approval at a reputable university). It’s certainly plausible, and seems likely to me, but that’s not the same thing.

                                                                                                                                                      1. 1

                                                                                                                                                        instead of accepting that there isn’t enough evidence to make a hard call.

                                                                                                                                                        And that’s what worked both ways. If you have two theories, and discard them both, you’re left with no theories, and that’s not “how figuring out the truth works”.

                                                                                                                                                        You have lowered the standard of debate within this community.

                                                                                                                                                        Oh come on, Mr. “that’s how figuring out the truth works”.

                                                                                                                                                        1. 1

                                                                                                                                                          And that’s what worked both ways. If you have two theories, and discard them both, you’re left with no theories, and that’s not “how figuring out the truth works”.

                                                                                                                                                          I’ve clearly misread something completely.

                                                                                                                                                          You replied to Sietsebb, who pointed out that both theories are plausible. That’s doesn’t allow you to discard either of them!

                                                                                                                                                          Was someone specifically discarding both theories here (or even forwarding an argument that could lead to doing so)? If so, who? If not, I fail to see how your comment is adding anything to the discussion.

                                                                                                                                                          1. 0

                                                                                                                                                            You replied to Sietsebb, who pointed out that both theories are plausible. That’s doesn’t allow you to discard either of them!

                                                                                                                                                            Here’s what he originally said:

                                                                                                                                                            Because although the different outcome could be due to intrinsic differences between the groups (and we know they have differences), the different outcome can also be due to differences in how the two groups are treated (and we know they are treated differently).

                                                                                                                                                            Here’s my original response:

                                                                                                                                                            The way you put it supports disregarding both possibilities. It could be individual differences, or it could be differences in treatment.

                                                                                                                                                            Only two possible explanations were presented, both were said to apply (to some extent), and neither was offered as the decisive factor.

                                                                                                                                                            Here’s your original response to that:

                                                                                                                                                            That’s how trying to figure out the truth works.

                                                                                                                                                            .. How did that make sense?

                                                                                                                                                            1. 2

                                                                                                                                                              Because when you care about correctness (truth) you have to include uncertainty in your mental model of the world.

                                                                                                                                                              1. 0

                                                                                                                                                                I’m pretty sure you understand that the case we’ve been discussing was left with nothing but uncertainty, which I’m sure you understand was not an example of how figuring out the truth works.

                                                                                                                                                                1. 1

                                                                                                                                                                  (I’m not the downvoter, either.) You are overlooking part of the sentence. I’ve bolded it.

                                                                                                                                                                  There are many explanations possible: try to keep them all in mind, and accord to each the weight of its evidence.

                                                                                                                                                                  That leaves you with more than only uncertainty.

                                                                                                                                                                  1. 1

                                                                                                                                                                    Not sure why someone (not me) has downvoted you here - this is a perfectly good comment.

                                                                                                                                                                    I think this is the crux of our disagreement, though. Sometimes, uncertainty is the only valid conclusion you can draw from the available data.

                                                                                                                                                                    That’s the price of correctness; picking an answer because you need a conclusion is how you get bullshit.

                                                                                                                                                        2. 1

                                                                                                                                                          Only addressing the point about editing, because I wouldn’t want people to think I was bait-and-switching: my edit was to tinker with my phrasing, no changes in the substance.

                                                                                                                                                          Also, my last edit was four hours before your reply, so it won’t have affected your response.

                                                                                                                                                1. [Comment from banned user removed]

                                                                                                                                                  1. 7

                                                                                                                                                    suddenly saw their methods of ripping off millions of people threatened

                                                                                                                                                    I’m with you in the sense that record companies are scummy and have done scummy things too, but “producing and selling music” does not qual “ripping off millions of people”.

                                                                                                                                                    Now we see the same thing but it’s governments. They’re just as crooked as the record label executives tho.

                                                                                                                                                    The key word here is actually “governments”. The MAFIAA couldn’t have “prevented progress” without the government’s intellectual property enforcement machinery.

                                                                                                                                                    1. 0

                                                                                                                                                      I don’t know. I think its more like “New Children, Rising”, in that all the technological prowess of the 5-eyes wouldn’t really be feasible without the emergence of an utterly totalitarian class of youth who have empowered these agencies to present the capabilities to their governments, and thus allow themselves to be weaponised.

                                                                                                                                                      Its like what we’re dealing with here, with the 5 eyes context, is not so much “old men”, but rather “new generations”, akin to the very sorts we’re used to in the startup world, who have immense brilliance: yet decide to apply it to nefarious goals.

                                                                                                                                                      Somewhere in the midst of all this political upheaval sits a hacker, or maybe a group of them, probably pretty young .. who are very, very pleased with their newfound totalitarian powers.

                                                                                                                                                      This isn’t good for the world. But neither is your proposition: that we are all ruled by Old Men.

                                                                                                                                                      (Truth: we’re ruled by hunger, old and new.)

                                                                                                                                                    2. 6

                                                                                                                                                      No it isn’t, and it is simplistic to think this is the problem being discussed here. Libertarians need to grow up, get off their high horses, and shift their energies into problem solving rather than soap boxing.

                                                                                                                                                      If someone breaks into your home and causes you grief then you have an expectation that, as a member of society, you can walk into a police station and call upon its resources. If someone jumps into a car the wrong side of four glasses of wine, whether or not injury or worse is resulting, then society addresses this.

                                                                                                                                                      Yet, if the vector of grief delivery is purely computer/Internet in source, then different rules apply? Anyone looking for help is in fact an old man with old ideas and needs to die so society can get back to evolving?

                                                                                                                                                      The problem space we are talking about here is that when a crime is in the process of or has been committed, society needs to be able to legally collect evidence.

                                                                                                                                                      I’m going to be blunt now.

                                                                                                                                                      You, like many others, are unable to separate the problem from the solutions being touted. The situation is not helped when only extreme and fringe examples are used to justify arguments resulting in only nonsense prevailing.

                                                                                                                                                      Historically wiretaps have worked well and society is generally is accepting of them. They work as they are handled centrally and are physically secured. For old men, it makes sense to try to transfer these old ideas to new mediums and it is not a dumb idea to try. Of course only an expert though who knows that this is not going to be practical.

                                                                                                                                                      Ironclad communications for all does not help society collect evidence. Should a trader who irresponsibly destroyed the Joe Public’s pension be immune from investigation as they used WhatsApp?

                                                                                                                                                      We need something, but ironclad communications is not it. Maybe a blend of threshold with some kind of accountable wiretap journal is something more realistic.

                                                                                                                                                      Arguing that the bad actors will anyway use ironclad communications is irrelevant in the same way that bad actors illegally obtaining firearms is already addressed. Arguing about government abuse and lack of oversight is another problem but it is not this one and confusing the two just helps no one.

                                                                                                                                                      It is always good to apply the Passport to Pimilco test, a movie I recommend everyone watches, also being that it is a classic great fun movie to watch too.

                                                                                                                                                      1. 12

                                                                                                                                                        Historically wiretaps have worked well and society is generally is accepting of them.

                                                                                                                                                        • The “historically” you’re talking about is only about a hundred years. In my country there are people living today who were born before the Supreme Court declared wiretapping to be constitutional in 1928.
                                                                                                                                                        • I would argue that they have not worked well at all–that in fact they’ve been disastrous. They were instrumental in J. Edgar Hoover’s ability to turn the FBI into his own personal kompromat-collection service for decades. They were used to harass and intimidate many civil rights activists, including Martin Luther King Jr.–among many other targets chosen not because of their crimes but because they were political opponents of those in power. And they’ve been used similarly in many other countries.

                                                                                                                                                        With cryptography we are able to take back a little of the privacy in our personal communications that people took for granted for most of human history.

                                                                                                                                                        1. 5

                                                                                                                                                          I am not a Libertarian. Or a crypto anarcho whooziwatsit. I’m not soapbixing. I’m just giving the inevitable deductions forced by the math behind crypto:

                                                                                                                                                          You cannot give Theresa May what she wants without also giving Vladimir Putin the ability toi shut off our smart grids.

                                                                                                                                                          You cannot give Theresa May what she wants wihtout also risking our entire financial infrastrucutre.

                                                                                                                                                          So, if you want to kick smart grids off the Internet and require that they exist only in airgapped LAN segments (arguably a wise thing), and kick financial transactions off the Internet, then give her what she wants.

                                                                                                                                                          1. -1

                                                                                                                                                            You cannot give Theresa May what she wants without also giving Vladimir Putin the ability toi shut off our smart grids.

                                                                                                                                                            You cannot give Theresa May what she wants wihtout also risking our entire financial infrastrucutre.

                                                                                                                                                            To play the Devil’s advocate.. yes, you can. The same way you can ban guns from civilians while letting the military have their toys. May wants to read your what’s app, but she can still let banks use strong crypto.

                                                                                                                                                            Do US export restrictions on crypto ring a bell?

                                                                                                                                                            1. 2

                                                                                                                                                              Yeah. I’m not sure these regulations will actually destroy all trust in the internet. Monitoring and logging and what not are already built in to banking platforms dealing with trillions of dollars. People seem to trust the system despite all that. Enough to use it anyway.

                                                                                                                                                              1. 2

                                                                                                                                                                The analogy fails. Guns are physical things, and their ammunition is consumable. Encryption is knowledge, and once that knowledge is encoded as software, it is free to copy.

                                                                                                                                                                Do US export restrictions on crypto ring a bell?

                                                                                                                                                                You mean the completely ineffective restrictions on encryption? Yes, they do. They don’t work. They have never worked. They didn’t work back in the bad old days when they classified encryption as a “munition”, and they don’t work now.

                                                                                                                                                                1. 2

                                                                                                                                                                  The analogy fails.

                                                                                                                                                                  The question was whether it is possible to ban something in one context while allowing it in another context. Guns, dangerous chemicals, and crypto all fit the bill.

                                                                                                                                                                  Whether you could make your own gun, your own explosive chemical, or your own crypto app is an orthgonal issue. I don’t think anyone here ever argued about whether “they” could take crypto away from tech-savvy individuals. However, such a ban and enforcement & punishment against tech companies plus targeted prosecution of private individuals’ unapproved use of crypto could quite effectively take it away from most people. All while simultaneously allowing its continued use in banks, mil, etc.

                                                                                                                                                                  1. 2

                                                                                                                                                                    You mean the completely ineffective restrictions on encryption? Yes, they do. They don’t work. They have never worked. They didn’t work back in the bad old days when they classified encryption as a “munition”, and they don’t work now.

                                                                                                                                                                    Perhaps my memory is faulty, but as I recall it was very difficult to find a software release with good crypto in those days (as a non-american).

                                                                                                                                                                    I would classify that as ‘working’ in that it achieved the goal of delaying widespread adoption of crypto, giving the US time to work on cryptanalysis, compromising root CAs, etc.

                                                                                                                                                                  2. 1

                                                                                                                                                                    If they actually couldn’t read WhatsApp’s messages after it adopted Signal’s encryption, they wouldn’t have let it happen.

                                                                                                                                                                    “Hi there. You will place backdoors X Y Z in the code, or we will fuck up your life, mmm’kay? You will not tell anyone about this, or we will fuck up your life.”

                                                                                                                                                                    1. 2

                                                                                                                                                                      Who’s they?

                                                                                                                                                                      1. 0

                                                                                                                                                                        Since you’re surely not asking for “their” exact identities, you don’t actually need an answer to that question.

                                                                                                                                                                        You’re just close to invoking “tinfoil” or something.

                                                                                                                                                                        You have to admit though, that what I suggested is a realistic, and even likely scenario. It essentially is that simple, so why wouldn’t they do it?

                                                                                                                                                                        1. 1

                                                                                                                                                                          Yeah, so I’m guessing NSA and the rest of the five eyed vampire squid. In that case, I don’t see what all the fuss is about. All Theresa May is trying to do is introduce a law to publicly acknowledge the already existing secret backdoors. Isn’t that a good thing? The government should be transparent about these things. If you want to tell a nontechnical user about the backdoors, surely it’s easier to point them at the law that mandates said backdoors than to explain how secretly broken crypto works?

                                                                                                                                                                          1. 1

                                                                                                                                                                            Yeah, so I’m guessing NSA and the rest of the five eyed vampire squid.

                                                                                                                                                                            I was actually thinking more along the lines of “The Powers That Shouldn’t Be”, or “The Establishment”. But I suppose the NSA is a part of that.

                                                                                                                                                                            All Theresa May is trying to do is introduce a law to publicly acknowledge the already existing secret backdoors. Isn’t that a good thing?

                                                                                                                                                                            So something like:

                                                                                                                                                                            1. We’re doing immoral things to the masses in secret. This is bad.
                                                                                                                                                                            2. We wrote a law that says we’ll do immoral things to the masses. Now there is no problem.

                                                                                                                                                                            Is that how you think? Is mass surveillance what the masses asked for, by voting in the politicians that would do it? (Please don’t answer “yes”)

                                                                                                                                                                            If you want to tell a nontechnical user about the backdoors, surely it’s easier to point them at the law that mandates said backdoors than to explain how secretly broken crypto works?

                                                                                                                                                                            What’s the meaningful distinction between:

                                                                                                                                                                            1. The government can read all your messages because they circumvented their encryption. They told you they’d do this!
                                                                                                                                                                            2. The government can read all your messages because they circumvented their encryption. They did this without telling you.

                                                                                                                                                                            Either way, the government reads your messages. The legality of the backdoors isn’t the issue here.

                                                                                                                                                                            1. 1

                                                                                                                                                                              I have a strong preference that the government tell me what it’s up to.

                                                                                                                                                                              1. 1

                                                                                                                                                                                I have a strong preference that the government tell me what it’s up to.

                                                                                                                                                                                That doesn’t address my point though. The problem is not that the government doesn’t tell you it’s doing bad things to you.

                                                                                                                                                                                The problem is that the government is doing bad things to you.

                                                                                                                                                                                1. 1

                                                                                                                                                                                  In a democracy, it’s reasonably important that you know what the government is doing, because you can’t vote on it otherwise.

                                                                                                                                                                                  That might not help much in (eg) the USA where the voting system ensures you only get to choose between two options, neither of which will take action on the issue.

                                                                                                                                                                                  1. 2

                                                                                                                                                                                    It should be patently obvious by now that they really don’t give a fuck about what you want.

                                                                                                                                                                                    They know that no one wants mass surveillance, but they’ll give it to you anyway, because it’s not done to your benefit. It’s not for “the greater good” either - it’s for the greater power and control over the tax-cattle.

                                                                                                                                                                                    No one wants wars, but they’ll make you pay for (or fight in) them anyway, and so on ad infinitum.

                                                                                                                                                                                    Trump was Hope & Change 2.0. You probably remember the first guy that promised to shut down Guantanamo. This one promised to “drain the swamp”, and proceeded to fill it with Goldman Sachs cronies instead.

                                                                                                                                                                                    The word “Democracy” should ring mighty hollow by now.

                                                                                                                                                                                  2. 1

                                                                                                                                                                                    Exactly. And what will defeating Theresa May’s law do to change that? The existing secret backdoors aren’t going to be removed. But if the law passes, then everybody, even the people who don’t believe the powers that be put a backdoor in whatsapp, will know the government is reading their messages.

                                                                                                                                                                                    1. 2

                                                                                                                                                                                      Once the law passes, it does not only set a terrible precedent, it will most likely never be repealed.

                                                                                                                                                                                      1. 1

                                                                                                                                                                                        Yeah, that too.

                                                                                                                                                                                      2. 1

                                                                                                                                                                                        everybody, even the people who don’t believe the powers that be put a backdoor in whatsapp, will know the government is reading their messages

                                                                                                                                                                                        That’s not a good thing though, because it advances the chilling effect, which is of course why they publicize the mass surveillance to begin with.

                                                                                                                                                                    2. 7

                                                                                                                                                                      Libertarians need to grow up, get off their high horses, and shift their energies into problem solving rather than soap boxing.

                                                                                                                                                                      For the record, I’m not a Libertarian as it’s commonly understood. But what exactly are you suggesting they do? What would “problem solving” mean in practice? Are you not “soap boxing”?

                                                                                                                                                                      you have an expectation that, as a member of society, you can walk into a police station and call upon its resources

                                                                                                                                                                      Do you also have a reasonable expectation that the police will give a flying fuck and actually do something to achieve justice?

                                                                                                                                                                      Yet, if the vector of grief delivery is purely computer/Internet in source, then different rules apply?

                                                                                                                                                                      If you’re referring to “intellectual property theft”, we might agree somewhat. But if you’re arguing in favour of governments circumventing/breaking encryption so that they can catch terrorists, you’re way off the mark there.

                                                                                                                                                                      It’s not terrorists they’re after.

                                                                                                                                                                      You, like many others, are unable to separate the problem from the solutions being touted. The situation is not helped when only extreme and fringe examples are used to justify arguments resulting in only nonsense prevailing.

                                                                                                                                                                      I can’t tell what you mean with that.

                                                                                                                                                                      Historically wiretaps have worked well

                                                                                                                                                                      For maintaining a police state? -Why yes, they have.

                                                                                                                                                                      and society is generally is accepting of them

                                                                                                                                                                      You seem to be unable to separate “society” into rulers and subjects. People often talk about how “we” need to this and we need to that, but it’s not actually we that make the decisions. In case you haven’t noticed, whenever we demand something, we’re met with tear gas and batons.

                                                                                                                                                                      Ironclad communications for all does not help society collect evidence.

                                                                                                                                                                      There’s “society” again. Is it “society” that collects evidence? Is it “society” that wiretaps dissidents and “disappears” them?

                                                                                                                                                                      Should a trader who irresponsibly destroyed the Joe Public’s pension be immune from investigation as they used WhatsApp?

                                                                                                                                                                      Are there other ways the crime could be investigated, besides reading his encrypted private communications?

                                                                                                                                                                      1. 1

                                                                                                                                                                        Just for your last question, I think there’s a cost-related dystopian thought in the mix :(

                                                                                                                                                                        Catching criminals, for any value of crime, by reading their admissions online, is a very affordable way of cracking down.

                                                                                                                                                                        It also gives fertile ground for all sorts of new ways to set people up. Nothing read online can be a joke or considered spectral evidence. Gone are the days of stating “Cocaine and hookers last night” on a bank transfer.

                                                                                                                                                                        1. 0

                                                                                                                                                                          There’s “society” again. Is it “society” that collects evidence? Is it “society” that wiretaps dissidents and “disappears” them?

                                                                                                                                                                          Yes.

                                                                                                                                                                          Are there other ways the crime could be investigated, besides reading his encrypted private communications?

                                                                                                                                                                          So we are talking about invasion of privacy being the crux of the matter?

                                                                                                                                                                          All evidence collection by its nature is an invasion of privacy, whether it is looking at someones bank account, interviewing their friends or family or browsing their communications encrypted or not.

                                                                                                                                                                          Everyone should be entitled to their privacy, regardless of the medium but is it is irresponsible saying “over my dead body” knowing that it is no longer exotic for a crime to be purely digital and unaccountable?

                                                                                                                                                                          What tangible reason is a WhatsApp communication any different making a phone call and why it should it receive more legal protection than other mediums?

                                                                                                                                                                          I guess, victims should really be more accepting of an investigation going cold because the suspects used encryption? “If only they had use a PSTN line we could have done something” eh?

                                                                                                                                                                          1. 3
                                                                                                                                                                            There’s “society” again. Is it “society” that collects evidence? Is it “society” that wiretaps dissidents and “disappears” them?
                                                                                                                                                                            

                                                                                                                                                                            Yes.

                                                                                                                                                                            In most literature, that’s called a state. In a few cases, the states interests are sufficiently aligned with the societies interests to conflate the two; that’s far from common.

                                                                                                                                                                            1. 1

                                                                                                                                                                              Is it “society” that collects evidence? Is it “society” that wiretaps dissidents and “disappears” them?

                                                                                                                                                                              Yes.

                                                                                                                                                                              If you’re that dishonest, there’s really no point in discussing this further.

                                                                                                                                                                          2. 4

                                                                                                                                                                            If someone breaks into your home and causes you grief then you have an expectation that, as a member of society, you can walk into a police station and call upon its resources. … Yet, if the vector of grief delivery is purely computer/Internet in source, then different rules apply?

                                                                                                                                                                            To use the model you’re advancing here, it would be as though the government wanted to address home break ins by installing centrally monitored cameras in all homes. Due to the nature of crypto, the exegeses are different, so different things are needed or must be considered. Your equivalence is false.

                                                                                                                                                                            1. 1

                                                                                                                                                                              We need something, but ironclad communications is not it. Maybe a blend of threshold with some kind of accountable wiretap journal is something more realistic.

                                                                                                                                                                              What on earth do you think I meant by this then?

                                                                                                                                                                              Christ on a bike, are you all insane?

                                                                                                                                                                              1. 0

                                                                                                                                                                                I am literally the Stasi.

                                                                                                                                                                                That’s not a popular position around here. Not what you actually said? Oh, well, better safe than sorry, I’m going to pretend you said something I disagree with. Don’t want to get caught agreeing with the wrong side.

                                                                                                                                                                            2. 1

                                                                                                                                                                              Historically wiretaps have worked well and society is generally is accepting of them. They work as they are handled centrally and are physically secured.

                                                                                                                                                                              Yup. Historically they worked very very well. . However, events since then tend to have obscured one’s memory of the earlier events.

                                                                                                                                                                              I often wonder about the ways in which the two events might be related.

                                                                                                                                                                              I’m sure the average man in the street feels things are working well.

                                                                                                                                                                          1. -4

                                                                                                                                                                            Kudos to a geographical area for successfully encouraging women into tech!

                                                                                                                                                                            in Russia, even the very youngest were extremely focused on the fact that their future employment opportunities were more likely to be rooted in Stem subjects

                                                                                                                                                                            Ah, Putin. That crafty old bastard! He made sure Russia remained a shithole, so that people would take their future employment opportunities seriously, so that more women would go into tech!

                                                                                                                                                                            Well played, Sir. Well played.

                                                                                                                                                                            While Russia is doing something right, it’s still not there yet in terms of gender parity.

                                                                                                                                                                            Sadly, though quite masterful, Putin’s performance is still somewhat lacking in terms of making everyone have the exact same interests regardless of differences in gender and intelligence and, say, personality.