Threads for hanna

  1. 2

    It’s difficult because of the safety checks it implements, among other reasons. A lot of people I see starting out try to use an object oriented approach, if anything rust is closer to functional languages (it certainly has some inspiration from something like Haskell). But also, for someone who is just working on a hobbyist project, rust may be a tad too much, however how else will you learn it without actually trying it?

    1. 5

      Most of my trouble with Rust came from trying to use it functionally. Closures in particular were hard to figure out as they pertained to the borrow checker, depending on what state they closed over. I would often write more imperative code in Rust than I would in Python, for example.

      1. 2

        As someone several repos deep in “I’m going to build my next toy in rust!” campaigns, I feel this comment :D

      1. 3

        Now if only they’d open source windows 7 haha. I wish. None the less it’s cool to see old software like this previously a black box in essence be open sourced by corporates. It’d be cool if older things like 98/95 or 3.1 we’re open sourced since their architecture was supersceded by the NT kernel and platform.

        1. 3

          I think this is a key point, and a key confession.

          All versions of MS-DOS are long dead, and the last release of the last branch, IBM PC DOS 7.1 (no, not 7.01) was 2003:

          It’s dead. If MS were serious about FOSS, they could release DOS without any impact on current Windows.

          But they don’t.

          DOS doesn’t have media playback or anything. There shouldn’t be any secrets in there.

          It would help FreeDOS and maybe even an update to DR-DOS.

          So why not?

          I suspect they are ashamed of some of it.

          Win9x is equally dead, with no new releases in over 20 years. But I bet some of the codebase is still used, especially UI stuff, and some doesn’t belong to them.

          Win9x source code would really help ReactOS and I suspect MS is scared of that, too.

          IBM, equally, could release OS/2. Especially Workplace OS/2 (the PowerPC version) as there should be little to no MS code in that.

          Red Hat could help. They have relevant experience.

          But they don’t. How mysterious, huh?

          1. 10

            Any big project like this might contain licensed code.

            MSFT is a huge company with big pockets, so if they slip up, they might have to pay out a bunch of money to whatever ghouls have speculatively purchased the IP to that code. It’s rather easy to convince a jury that big bad MSFT is wantonly denying a rights-holder their fair share by open-sourcing.

            What’s the upside to open-sourcing? A bunch of nerds are happy, another bunch are vocally unhappy just because the license is not the best one du jour, and snarky Twitterers are highlighting shitty C code.

            It’s much easier to just say “we can’t risk it”.

            1. 3

              whatever ghouls have speculatively purchased the IP to that code

              I’m going to shamelessly steal that term for speculators in IP.

              1. 2

                Well, yes, but… here we are, discussing a fairly substantial app which they just did precisely this to.

                It can be done and it does happen.

                So I submit that it’s more important to ask if there’s anything that people can do in order to help it happen more often, rather than discuss why it doesn’t happen.

                So, for example, we can usefully talk about things like MS-DOS, which is relatively tiny and which contains very little licensed code – for instance, the antivirus and backup tools in some later versions – and which could easily be excised with zero functional impact.

                The question becomes not “why doesn’t this happen?” but the far more productive “well what else could this happen to?”

                For instance, I have MS Word for DOS 5.5 here. It works. It’s still useful. It’s a 100% freeware download now, made so as a Y2K fix.

                But the last ever DOS version was MS Word for DOS 6, which is a much nicer app all round. How about asking for that just as freeware? Or even their other DOS apps, such as Multiplan and Chart? How about VB for DOS, or the Quick* compilers?

                1. 2

                  So I submit that it’s more important to ask if there’s anything that people can do in order to help it happen more often, rather than discuss why it doesn’t happen.

                  Sure, I am on board with this!

                  I keep being reminded about this, the fact that MSFT does anything with open source, much less literally owning a huge chunk of its infrastructure (Github) is mind-blowing to me.

                  I’m pretty sure there are people within MSFT who want to open-source DOS. 20 years ago this would have been unthinkable.

                2. 1

                  That, and who knows if they even still have the source code?

                  1. 2

                    :-D Yes, that is very true.

                    I think WordPad happened because the source to Windows Write was lost.

                    Whereas Novell Netware 5 and 6 introduced new filesystems – which lacked the blazing, industry-beating performance of the filesystem of Netware 2/3/4 – not because the source was lost, but because nobody could maintain it any more.

                    The original Netware Filesystem was apparently an approximately half megabyte single source file in x86 assembly. Indeed it is possible that it was machine-generated assembly: Novell ported Netware from its original 68000 architecture to 80286 by writing a compiler that compiled 68000 assembler into 80286 object code.

                    When they revealed this and were told that it was impossible, they responded that they did not know that it was impossible so they just did it anyway.

                    There were only a handful of senior engineers who could, or even dared, to make any changes to this huge lump of critical code, both performance-critical but also vital to data integrity.

                    So in the end, when all those people were near retirement, they just replaced the entire thing, leaving the old one there untouched and writing a completely new one.

                    This lost a key advantage of Netware. Netware servers were extremely vulnerable to power loss, because at boot, the OS read the disks’ file allocation tables into RAM and then kept them there. The data structures were in memory only and so if the server was downed without flushing them to disk, data loss was inevitable.

                    This had 2 key results:

                    1. Netware disk benchmarks were 2-3 orders of magnitude faster than any other OS in its era, the time of slow, expensive spinning disks.
                    2. Netware had a linear relationship between amount of disk space and amount of RAM needed. The more disk you added, the more RAM you had to have. In the 1980s that could mean that a server with big disks needed hundreds of megabytes of memory, at a price equivalent to a very nice car or perhaps a small house.
                    1. 2

                      I think WordPad happened because the source to Windows Write was lost.

                      It’s not. (I’m looking at it.)

                      Write was just really, really early. It was written while Windows 1.0 was being written. The version included in NT 3.x is still 16 bit; while those systems did include some 16 bit code, this is the only executable I’m seeing that was 16 bit for lack of porting.

                      Important code, in particular its formatting code, was written in 16 bit assembly.

                      WordPad was a showcase for the then-new RichEdit control, which was part of rationalizing the huge number of rich text renderers that had proliferated up to that point.

                3. 3

                  Not the latest version, but here you go:

                  1. 3

                    True. But those were obsolete even 25Y ago.

                    From vague memory:

                    MS-DOS 1.x was largely intended to be floppy-only.

                    MS-DOS 2.x added subdirectories.

                    MS-DOS 3 added support for hard disks (meaning 1 partition on 1 hard disk).

                    3.1 added networking

                    3.2 added multiple hard disks.

                    3.3 added multiple partitions per hard disk (1 primary + 1 extended containing multiple logical partitions).

                    That was it for years. Compaq DOS 3.31 added FAT16 partitions above 32MB in size.

                    IBM wrote DOS 4 which standardised Compaq’s disk format.

                    Digital Research integrated 286/386 memory management into DR-DOS 5.

                    MS-DOS 5 copied that. That is the basis of the DOS support that is still in NT (32-bit Windows 10) today.

                    MS-DOS 6 added disk compression (stolen from Stacker), antivirus and some other utilities.

                    6.2 fixed a serious bug and added SCANDISK.

                    6.21 removed DoubleSpace

                    6.22 replaced DoubleSpace with DriveSpace (stolen code rewritten)..

                    That’s the last MS version.

                    Later releases were only part of Win9x.

                    IBM continued with PC-DOS 6.3, then 7.0, 7.01 and finally 7.1. That adds FAT32 support and some other nice-to-have stuff, derived from the DOS in Win95 OSR2 and later.

                    So, basically, anything before DOS 5 is hopelessly obsolete and useless today. DOS 6.22 would be vaguely worth having. Anything after that would be down to IBM, not Microsoft.

                  2. 2

                    They likely don’t own the rights to everything inside MS-DOS, or the rights are unclear. The product wasn’t made to be open source to begin with, so considerations for licensing was likely never taken. It would be a rather large undertaking to go through the code and evaluate if they could release each piece or not as they would likely have to dig up decades old agreements with third parties, many of which are likely vague compared to todays legal standards for software, and interpret them with regards to the code.

                    All of this for a handful of brownie points for people who think retro computing is fun? Eh. Not worth it.

                    1. 1

                      I think you may over-estimate the complexity of MS-DOS. :-D

                      Windows, yes, any 32-bit version.

                      But DOS? No. DOS doesn’t even have a CD device driver. It can’t play back any format of anything; it can display plain text, and nothing else. It doesn’t have a file manager as such (although DOSShell did, which came later.) It has no graphics support at all. No multitasking. It doesn’t have a mouse driver as standard, even. No sound drivers, no printer drivers. Very little at all, really.

                      The only external code was code stolen from STAC’s Stacker in DoubleSpace in MS-DOS 6, and that was removed again in DOS 6.2.

                      1. 2

                        DOS doesn’t even have a CD device driver

                        MSCDEX.EXE was in one of the MS-DOS 6.x versions, IIRC, but I suppose you mean that each CD-ROM drive vendor provided its own .SYS file to actually drive the unit?

                        1. 2

                          That’s right. The first time I ever saw a generic CD-drive hardware device driver – as oppposed to the filesystem layer which acted like a network redirector – was on the emergency boot disk image included in Win9x.

                          Never part of DOS itself. The SmartDrive disk cache only came in later, too, and there were tons of 3rd party replacements for that.

                          (I had some fascinating comments from its developer a while back about the IBMCACHE.SYS driver bundled with DOS 3.3 on the IBM PS/2 kit a while ago. I could post, if that’s of interest…?)

                          1. 1

                            You should definitely post those comments somewhere - the DOS era is fading into obscurity (deservedly or sadly, depending on who you ask).

                            1. 2

                              Interesting. OK, maybe I will make that into a new blog post, too. :-) Cheers!

                    2. 1

                      Indeed, really makes you think about the goals and morals behind projects and things within big corporations. As much as I’d like to see it happen, I doubt it ever will.

                      1. 2

                        My suspicion overall is this:

                        A lot of history in computing is being lost. Stuff that was mainstream, common knowledge early in my career is largely forgotten now.

                        This includes simple knowledge about how to operate computers… which is I think why Linux desktops (e.g. GNOME and Pantheon) just throw stuff out: because their developers don’t know how this stuff works, or why it is that way, so they think it’s unimportant.

                        Some of these big companies have stuff they’ve forgotten about. They don’t know it’s historically important. They don’t know that it’s not related to any modern product. The version numbering of Windows was intentionally obscure.

                        Example: NT. First release of NT was, logically, 1.0. But it wasn’t called that. It was called 3.1. Why?

                        Casual apparent reason: well because mainstream Windows was version 3.1 so it was in parallel.

                        This is marketing. It’s not actually true.

                        Real reason: MS had a deal in place with Novell to include some handling of Novell Netware client drive mappings. Novell gave MS a little bit of Novell’s client source code, so that Novell shares looked like other network shares, meaning peer-to-peer file shares in Windows for Workgroups.

                        (Sound weird? It wasn’t. Parallel example: 16-bit Windows (i.e. 3.x) did not include TCP/IP or any form of dial-up networking stack. Just a terminal emulator for BBS use, no networking over modems. People used a 3rd party tool for this.

                        But Internet Explorer was supported on Windows 3.1x. So MS had to write its own alll-new dialup PPP stack and bundle it with 16-bit IE. Otherwise you could download the MS browser for the MS OS and it couldn’t connect and that would look very foolish.

                        The dialup stack only did dialup and could not work over a LAN connection. The LAN connection could not do PPP or SLIP over a serial connection. Totally separate stacks.

                        Well, the dominant server OS was Netware and again the stack was totally separate, with different drivers, different protocols, everything. So Windows couldn’t make or break Novell drive mappings, and the Novell tools couldn’t make or break MS network connections.

                        Thus the need for some sharing of intellectual property and code.)

                        Novell was, very reasonably, super wary of Microsoft. MS has a history of stealing code: DoubleSpace contained stolen STAC code; Video for Windows contained stolen Apple QuickTime code; etc. etc.

                        The agreement with Novell only covered “Windows 3.1”. That is why the second, finished, working edition of Windows for Workgroups, a big version with massive changes, was called… Windows for Workgroups 3.11.

                        And that’s why NT was also called 3.1. Because that way it fell under the Novell agreement.

                        1. 3

                          16-bit Windows (i.e. 3.x) did not include TCP/IP or any form of dial-up networking stack… The dialup stack only did dialup and could not work over a LAN connection. The LAN connection could not do PPP or SLIP over a serial connection. Totally separate stacks.

                          There’s some nuance here.

                          • 1992: Windows 3.1 ships with no (relevant) network stack. In unrelated news, the Winsock 1.0 interface specification happened, but it wasn’t complete/usable.
                          • 1993: Windows for Workgroups 3.11 ships with a LAN stack. The Winsock 1.1 specification happened, which is what everybody (eventually) used.
                          • 1994: A TCP/IP module is made available for download for Windows for Workgroups 3.11. That included a Winsock implementation.
                          • 1995: Internet Explorer for Windows 3.x is released.

                          Of course, IE could have just bundled the TCP/IP stack that already existed, but that wouldn’t have provided PPP. It could have provided a PPP dialer that used the WfWg networking stack, but that wouldn’t have done anything for Windows 3.1 users.

                          As far as I can tell, the reason for two stacks is Windows 3.1 support - that version previously had zero stacks, so something needed to be added. There would also have been many WfWg users who hadn’t installed networking components.

                          There’s an alternate universe out there where the WfWg stack was backported to 3.1, with its TCP/IP add-on, and a new PPP dialer…but that’s a huge amount of code to ask people to install. Besides, the WfWg upgrade was selling for $69 at the time, mainly to businesses.

                          The real point is a 1992 release didn’t perfectly prepare for a 1995 world. Windows 95 (and NT 3.5) had unified stacks.

                          MS has a history of stealing code: DoubleSpace contained stolen STAC code; Video for Windows contained stolen Apple QuickTime code; etc.

                          The STAC issue was about patents, not copying code. The QuickTime copying allegation was against San Francisco Canyon Co, who licensed it to Intel, who licensed it to Microsoft.

                          1. 2

                            You are conflating a whole bunch of different stuff from different releases here. I don’t think that the result is an accurate summary.

                            Windows 3.1: no networking. Windows 3.11: minor bugfix release; no networking.

                            Windows for Workgroups 3.1: major rewrite; 16-bit peer-to-peer LanMan-protocol networking, over NetBEUI. No TCP/IP support IIRC.

                            Windows for Workgroups 3.11: a major new version, disguised with a 0.01 version number, with a whole new 32-bit filesystem (called VFAT and pulled from the WIP Windows Chicago, AKA Windows 95), a 32-bit network stack and more. Has 16-bit TCP/IP included, over NIC only. No dialup TCP/IP, no PPP or SLIP support.

                            32-bit TCP/IP available as an optional extra for WfWg 3.11 only. Still no dialup support.

                            IE 1.x was 32-bit only.

                            IE 2.0 was the first 16-bit release.

                            The dialup TCP/IP stack was provided by a 3rd party, FTP Software.

                            That dialup stack was dialup only and could not run over a NIC.

                            So, if you installed 16-bit IE on WfWg 3.11, which I did, in production, you ended up with effectively 2 separate IP stacks: a dialup one that could only talk to a modem on a serial port, and one in the NIC protocol stack.

                            The IE PPP stack was totally separate and independent from the WfWg TCP/IP stacks, and it did not interoperate with WfWg at all. You could not map network drives over PPP for example.

                            The real reason that there were 2 stacks is not so much separate OSes – it’s that MS licensed it in.

                            As far as the STAC thing – I may as well copy my own replied from the Orange Site, as it took a while to write.

                            This is as I understand it. (It’s my blog post, BTW.)





                            MS bullied Central Point Software into providing the backup and antivirus tools, on the basis of CPS being able to sell upgrades and updates.

                            CPS went out of business.


                            MS attempted to bully STAC into providing Stacker for free or cheaply. STAC fought back.

                            Geoff Chappell was involved:


                            He’s the guy that found and published the AARD code MS used to fake Windows 3.1 failing on DR-DOS.


                            As described here:

                            Discussed on HN here:

                            Especially see this nice little summary:

                            It would be hard to patent this stuff that narrowly. Various companies sold disk compression; note the whole list here:


                            MS saw the code, MS copied it, STAC proved it, MS removed it (MS-DOS 6.21) and then added the functionality back (MS-DOS 6.22) after re-implementing the offending code.

                  1. 7

                    Hare looks cool for what it is, I tried it. However, the compiler currently at least is extremely rudimentary, the errors are confusing, it calls the bootstrap compiler to compile hare code, and it seems to not recognize standard library modules sometimes. I’m a huge zig fan myself, but I’m a language enthusiast at the same time, so I’m hoping hare will grow.

                    1. 1

                      Typography has to be one of the most painful things when it comes to web/ui design.

                      1. 2

                        Reminds me somewhat of Nix’s language, but for general configuration and not just nix (granted you said nix was an inspiration), I like it! May use it for projects where I want a flexible configuration language. A library for embedding parsing/execution would be nice alongside the CLI/REPL if there isn’t one already, preferably in C/C++ or another language with a C abi so people can make wrappers for it.

                        1. 2

                          How does the windows package manager compare to something like apt or pacman on Linux these days? Last I used it, it used a git repository for packages, and worked quite well, but I’m unsure how big the ecosystem is now since then.

                          1. 4

                            I’d say it’s good enought, it gets the job done.

                            1. 4

                              I tried it at my previous job, and it didn’t seem comparable. For starters, it does not care about dependencies at all, so you can install something that doesn’t work, or break something by uninstalling another thing and you won’t get as much as a warning.

                              It seemed more like a fancy curl that downloads .exes by name or ID.

                              1. 1

                                Yeah that was my experience before as well. I’m hoping it becomes more like package managers on Linux or like homebrew on Mac. But unfortunately it seems currently it’s as you said, just a fancy curl.

                            1. 1

                              I was planning to go ice skating with my five year old son. But, since we both caught a cold, I guess I will try to come up with something creative to do at home instead. All ideas are welcome.

                              Oh. And I will keep actively avoiding the news.

                              1. 1

                                I get the sentiment behind avoiding the news. I’ve had a lot of anxiety/panic attacks recently due the stuff going on, so I’ve been trying my best to avoid it. Hope you and your son feel better!

                              1. 4

                                Amazing work as always. I’ve been following serenity’s development from the start and these milestones of sorts always impress me. I can’t even comprehend what it takes to write an operating system, let alone a web browser that works on it.

                                1. 2

                                  Personally I think that SPAs do serve a purpose, dynamically rendering/changing content is more efficient than loading a new page in it’s entirety since you don’t need to load the entire document again, as well as less requests to resources need to be made (such as CSS, JavaScript files, as they’re already loaded by the time content changes). While they can certainly be bulky when it comes to bundle size, in terms of request count and resource usage in some scenarios they can be more efficient.

                                  1. 3

                                    Personally really like the facelift. The site is nice and easy on the eyes with the dark mode. I do agree with adamshaylor’s negative points however, there is multiple contrast issues, and the CPL raise means there’s more to read from left-to-right (and vice versa). Overall though, nice update, I’m glad MDN finally got a much needed facelift.

                                    1. 3

                                      Nix works pretty well for the most part, the real friction of it is when you need to do something that doesn’t have its own package/flake or derivation. Though things like Home Manager do definitely help with this as you can easily manage your own derivatives and flakes with it, though most new users won’t actually know Home Manager exists and that’s a sort of community contention point.

                                      1. 2

                                        I’ve found it to be pretty easy if it’s similar enough to something that you can copy-paste the derivation. As a bonus, it’s way more natural to do than it is to package a .deb or whatever. The downside is that if you need to do anything weird, you’re in for a bad time.

                                        1. 1

                                          Yeah, I agree with that. The second you need to do anything out of the normal it becomes a hellscape.

                                          1. 1

                                            I’ve considered trying Guix because I think Nix is really held back by its language and design (why are packages functions????) but I don’t want to go from a niche distro to an even more niche one. :/

                                            (I also worry about the fact that it’s a GNU project, but that’s a separate issue.)

                                            1. 1

                                              Guix is so weird.. it’s like they took nix but decided to make it only-free and use a lisp for configs

                                              1. 1

                                                I know there’s a “nonguix” package list somewhere… but you’re not allowed to talk about it on official Guix channels, even if someone asks, because it’s a GNU project.

                                                TBH I don’t really care about the choice of language that much, I just really think Nix is a bad language and the heavy use of functions and lazy evaluation was a really bad idea.

                                                1. 2

                                                  There are other places to ask things both something like this or just tele/irc/discord/matrix channels that are not the official one.

                                                  Here’s how you reproduce your system, first: guix describe --format=channels > channels.scm then: guix pull -C channels.scm and do guix system/home reconfigure..

                                                  The channel system is simpler than what nix does, it’s just a thin wrapper around git afaik. Guix cares a lot about bootstrapping so keeping track of the version of guix that is compatible with your package is possible. In nix when they update the code then old derivations may no longer build… so much for reproducibility.

                                                  Guix may actually cure some of the GNU stigma (finally!) … it feels like it is on the doorstep of the future.

                                                  1. 1

                                                    TBH I still find “we don’t talk about nonguix” annoying. I have similar frustrations with emacs and the fact that you have to explicitly add melpa. Though to be fair, it’s worse with emacs because almost all the really good emacs packages are on MELPA, whereas you could probably get by fine without nonguix as long as your hardware supports it.

                                                    Does guix describe include information about the list of installed packages or whatever? It looks to me like it’s just the state of all your channels, which is good, but it’s not what I would call a reproduction.

                                                    Overall though Guix looks very interesting, and I think more work in the space of declarative package managers/operating systems is always welcome! I look forward to seeing what comes out of it :)

                                                    1. 1

                                                      Look, I agree that it is kind of annoying to be treated like a child and placing a flat ban on relevant technical discussion but there’s not really an issue.. Guix is free software and there is plenty of alternative (communication) channels where everyone hangs out (so they are just as “official” in many ways). You can easily make your own (guix) channel and package whatever you want (or work with others and establish communal channels like guixrus or nonguix).

                                                      Does guix describe include information about the list of installed packages or whatever? It looks to me like it’s just the state of all your channels, which is good, but it’s not what I would call a reproduction.

                                                      No, that is what your config is for. Guix describe is there to tell you the state of guix itself, which is (clearly) also an element in reproducing the desired software.

                                                      1. 1

                                                        Aha. Yeah, it’s frustrating to me that Nix doesn’t reify the channel state nicely by default. I think this is one of the things that flakes solve: when I look at /etc/nixos/flake.lock I get a list of the git hashes of each flake I have and such. I think that the version of nix I use is determined by what the nixpkgs flake gives me, but I’m not sure.

                                                  2. 1

                                                    Yeah that’s fair enough, I don’t have anything against Lisps, but just feels weird to use them as a config.

                                                    1. 1

                                                      I’ve only ever used a lisp for emacs config, and it’s actually been alright. You can write some pretty compact DSLs using quoting.

                                              2. 1

                                                The second you need to do anything out of the normal it becomes a hellscape.

                                                But that’s pretty much also true if you just want to build anything ‘out of the normal’ just once. On the plus side, nixpkgs has the largest set of packages out there.

                                                1. 1

                                                  Well I mean more of trying to make a derivation for anything out of the norm it’s a bit of a hellscape. Say for example I want to create a derivation for some programming language I’m making so I can update it via nix, it’s a bit of a hellscape compared to something like arch’s BUILDPKG where it’s practically just a glorified shell script.

                                                  1. 2

                                                    From my point of view, a nix derivation is a glorified shell script and some meta data.

                                                    1. 1

                                                      I mean sure, but considering PKGBUILD is literally just a shell script with variables and functions lol

                                            2. 1

                                              What is Home Manager and how does it help? The docs seem pretty focused on how to use it and not what it is helping with:

                                              1. 2

                                                Think of it like a nix system configuration but for your specific user/home directory. It allows you to have a nix config for stuff like per-user SSH keys, derivations, packages per-user, etc. Pretty handy when you have a multi-user system and want each user to be able to have their dotfile configuration in a similar format to /etc/nixos/configuration.nix.

                                                1. 1

                                                  Very cool, thank you

                                            1. 9

                                              I use but mainly because they have been extremely reliable and I don’t want the effort of moving.

                                              1. 3

                                                This is the first im hearing of Joker, how long have they been around?

                                                1. 3

                                                  Over 20 years and I’ve been using them for about 16

                                                  1. 1

                                                    Huh, i’ll definitely check them out next time I plan on buying a domain.

                                                2. 1

                                                  Just want to +1 this. I’ve used Joker for personal domains going back at least 15 years and have had zero problems with ~25+ domains over that time. Domain registration isn’t something I’m very price-sensitive about – see 25-ish domains managed in >10 years – so I haven’t really tracked how competitive they are there, but for the basics (search, register, renew, delegate DNS to my cloud provider) I’ve had no reason to look around.

                                                  1. 1

                                                    I stuck with them through the price increases of the zeros because they are very simple and (not coincidentally?) very reliable – and everyone else’s prices caught up anyway.

                                                  1. 12

                                                    I personally use Porkbun, the issue with it is it doesn’t have some domains services like Namecheap, Google Domains, and others have. If you use cloudflare for a lot of services you can transfer domains you bought elsewhere to them via their registrar product. Otherwise I just recommend finding one you’re comfortable with, and provides the TLDs that you need/want.

                                                    1. 6

                                                      Porkbun won me over when I selected “New Zealand” in the “Country” dropdown on their sign-up form :)

                                                      1. 3

                                                        Is it common for companies to not recognize New Zealand as a country?

                                                        1. 3

                                                          Sorry, no, it’s not that people don’t know NZ is a country - it’s the little message that Porkbun shows under the dropdown if you select New Zealand as an option :)

                                                          1. 1

                                                            Ah! Ok I see it now :D

                                                      2. 4

                                                        I also use Porkbun. Phenomenal customer support, good prices too.

                                                        1. 3

                                                          Same issues with, using until more TLDs are available. Would also switch to tho.

                                                        1. 5

                                                          This was short and straight to the post, amazingly written, however I feel it’s a bit too short. Not everyone will understand the return type annotation such as (Type -> Type) -> Type, personally I would of also went and slightly explained how that format works. Just my two cents.

                                                          1. 5

                                                            Working on a RISC-V emulator written in Zig for fun, while also learning the ins and outs of the architecture. So far it’s a pretty cool experience and I recommend anyone interested in CPU architecture to look into themselves, it’s a lot simpler than x86 is, so it’s fairly nice for a side project.

                                                            1. 27

                                                              (Original) headline is misleading.

                                                              “Mandate less secure” makes it sound like they want to downgrade the algorithm selection. Actual article text says that they want to mandate certain CAs for better security, but that their plan happens to be bad.

                                                              I’d flag this as “incorrect” but that flag isn’t available anymore. 🤷

                                                              1. 7

                                                                They article says it will force browsers to accept CAs that do not currently meet the requirements for their root programs.

                                                                How is that not making them less secure?

                                                                1. 7

                                                                  Goals vs. outcomes. There have been actual efforts to make TLS less secure—that is, with the stated goal of making TLS less secure—and this is not one of them.

                                                                  If the title were “EU proposal would force browsers to accept less secure certificates” then the title would not be implying intent. But using the phrase “plans to” speaks to intent, which makes it incorrect.

                                                                  1. 7

                                                                    No. This legislation would mandate less secure certificates. The point of a certificate is solely proving identity, and this legislation mandates browsers accept a substantially less secure CA’s certificates.

                                                                    Hence the certificates are less secure. It would matter if they used 16bit key, they would still be less secure for their one purpose.

                                                                    1. 2

                                                                      Again, I’m speaking about goals vs. outcomes and the wording of the title. You seem to be arguing about the outcome, even though I don’t necessarily disagree with you about that.

                                                                      1. 5

                                                                        The title is “EU plans to mandate less secure certificates in browsers”. That is the correct title.

                                                                        The EU’s intent is to improve security (debatable), but the mandate isn’t “browsers must make PKI safer”, the mandate is that browsers must support certificates from unsafe/insecure CAs. Which is what the title says.

                                                                        1. 4

                                                                          Scenario: Olliej wants to go out to get some groceries. Olliej gets the keys to his petroleum fuel burning transportation device.

                                                                          Two headline options:

                                                                          1. Olliej plans to burn petroleum fuel and release toxic gases in the environment.
                                                                          2. Olliej’s ride to grocery shopping will burn petroleum fuel and release toxic gases in the environment.

                                                                          Which one would you say is more accurate?

                                                                          1. 2

                                                                            Not a reasonable analogy as it assumes the person making the action is the person making the decision.

                                                                            A better equivalent would be:

                                                                            People drive to grocery stores

                                                                            In order to prevent traffic jams due to cars running out of gas, a law is planned that requires people to have 20kms of gas in the car.

                                                                            People now have to buy a gas can for their electric cars.

                                                                            The goal: stopping people running out of gas

                                                                            The solution: require people have a gas buffer

                                                                            The plan: require every car to have a gas tank

                                                                2. 3

                                                                  Yeah, title is misleading. Though things like that are common in journalism, but of course on here rules are more strict with that kind of thing. I don’t really see the point of mandating certain ones for better security rather than all, would there even be a benefit to that besides slightly stricter/more secure authority on certs?

                                                                  1. 1

                                                                    The title should probably be changed to “EU plans to mandate less secure certificate authorities in browsers “