1. 7

    Setting up Fastmail. I was browsing Youtube today while logged into my account I’ve been using for 8 years, and out of nowhere it asked me to “verify my age” so I could watch an age-restricted video by inputting my credit card info (which it already has since I’ve been paying membership to a few channels for the last year or so, but apparently my credit card’s not good for this particular check) or sending my ID (which I am not doing), and this was the last straw.

    Other bullshit Google tried to pull on my accounts in the past includes locking up my oldest account for daring to use IMAP to access gmail on a wifi network I hadn’t previously approved, and then unblocking it as soon as I tried logging in from a new phone, probably because it was a Pixel that had just come out.

    I have four gmail accounts which I’m increasingly afraid of losing and they’re the only google service I depend on, so I’m gonna move all the important accounts off of it and forward the rest of the emails to Fastmail.

    1. 4

      I have only good things to say about Fastmail. I’ve considered moving to a cheaper option but I would never ever go back to Google. And honestly, the cheaper options are only thoughts b/c I’m cheap.

      1. 2

        I have been very very very happy with Fastmail. I use it for several domains, including one I share with the family. The downtimes have been measured in the order of hours, total over the last few years. It doesn’t do anything fancy, but it provides me reliable mail and calendaring that I pay for and that’s just so great.

        1. 1

          Good for you. I’ve been on Fastmail for a couple of years and very happy with it.

        1. 3

          Sledding, sledding, lifting weights, and more sledding! It’s been dumping snow here in Tronna, and the girls are so excited.

          1. 1

            I’m taking over two teams on our data side of the house, which is exciting/scary, because while data engineering is much closer to my background than the web product development I was managing before, the teams are in a more challenging current state, so it’s definitely hit the ground running time.

            Outside of work, we got a big old dumping of snow last night so I’m looking forward to taking the girls out to horse around in it. I’m also going to make a fist of it with Linux as a daily driver; I was going to set up QEMU and PCI passthrough for a Windows (or possibly Mac) guest, but at the end of the day, eh.

            1. 5

              These are not things I hate about SQL.

              1. 10

                It’s amazing to me that AMD and Intel have managed to fall so incredibly behind. There’s literally no redeeming quality to AMD and Intel CPUs: they’re slower, they consume way more power, they run far hotter, even the price isn’t all that different.

                AMD and Intel have over half a century of experience building CPUs each. I can imagine that an incredibly inefficient market dominated by a single player would result in subpar CPUs, but we nominally have two big companies that compete with one another. How could they both fail so completely?

                1. 18

                  Apple bought all the TSMC 5nm there was to be had to roll out the M1. Looking at the Zen3 performance, it seems a 5nm Zen3(4?) would be competitive with the M1. The new AMD laptop chips they announced in Jan are very close to M1 level power/performance already if I read the benchmarks correctly. So AMD are not so far behind - Apple has a small process lead by the looks of things.

                  Of course, the end user (perfectly reasonably) doesn’t care about this - the only thing that matters to them is the performance of the box in front of them. Right now that crown very clearly goes to Apple.

                  1. 4

                    Do you really think it’s mostly just a process thing? That TSMC 5NM can do with ~30W (probably way less considering the MacBook Air’s cooling solution) what TSMC 7NM needs 65W+ to do?

                    That seems unlikely to me. For such a gigantic difference in performance per watt with just a 1 node advantage, there has to be some major CPU architecture and design differences. My numbers are super conservative as well; the fanless MacBook Air isn’t going to run the CPU at 30W for minutes, it’s probably going to do most of the compilation at a much lower power draw. The 3700x in the desktop isn’t going to constrain itself to 65W if the desktop is at all remotely reasonably cooled, it’s probably going to do most of the compilation at a much higher power draw.

                    1. 13

                      Why are you comparing the M1 to a desktop CPU from 2019? AMD Cezanne APUs are competitive to the M1 despite being 7nm. In fact, some Cezanne APUs beat the M1 on multicore benchmarks when limited to 15W:

                      https://www.anandtech.com/print/16446/amd-ryzen-9-5980hs-cezanne-review-ryzen-5000-mobile-tested

                      Yes, Apple delivered a great competitive core. But can we stop with the superlatives on how they are generations ahead and how AMD is behind. Ryzen APUs and the M1 deliver about the same performance with comparable wattage. The only company that doesn’t have a good story is Intel.

                      1. 4

                        I’m discussing the article, yes, which compares the M1 to the 3700x.

                        It would be interesting to see how the ryzen 5000 series holds up when put in a thin chassis with no fans under sustained multi-core load. Just limiting it to 15 watts seems like a bad way to simulate its performance under those conditions. I somehow doubt that it would match a 3700x, but maybe I’m wrong. I’m also open to the possibility that actually, the 3700x is way faster than the M1, but that GCC is way slower than (Apple’s build of) Clang.

                      2. 8

                        Yes. The M1 is designed around a specific power budget & everything is cut down to fit inside that target. AMD’s desktop chips have no such limits & therefore don’t bother optimising every last W out of the design. You can’t make direct comparisons between the two. (Also, AMD’s power draw quotes are much closer to peak power draw, whilst The M1’s 10W is more like Intel’s “normal power draw”. i.e. it’s a made up benchmarking number. You can’t directly compare those either. See https://www.anandtech.com/show/16214/amd-zen-3-ryzen-deep-dive-review-5950x-5900x-5800x-and-5700x-tested/8 for the difference.)

                        It is more reasonable to compare AMD’s laptop SOCs with the M1 & there the latest AMD design appears to be about 90% of the M1 performance within a similar power budget, whilst running much slower memory. Give AMD’s chip designers free access to TSMC’s 5nm process & put the memory on the same substrate as the CPU & it seems likely they’ll match or exceed the M1.

                        The M1 is a /great/ CPU, but it’s not the great breakthrough that everyone seems to think it is. It’s only because we’ve been forced to use expensive, sub-par Intel chips for years because Intel had a lock on the laptop market whilst they flailed around trying to get their two last fab generations to work properly that it looks like such a huge step forwards for the end user.

                        1. 3

                          Let’s keep in mind, too, that this is Apple’s first desktop CPU. I imagine that they will remain competitive even as their power budget expands, because the demands on a phone CPU and a laptop/desktop one are different.

                          1. 2

                            Isn’t it actually a Laptop CPU? I thought the “real” desktop ones are yet to come.

                            1. 1

                              You’re right – the distinction I was trying to make was that it’s basically still an iPad CPU.

                        2. 3

                          My understanding of other benchmarks is that the M1 Air can run at full cpu capacity for about ten minutes before throttling down, so these emacs builds were probably running at full power. However, full power for the Air is still only 10 watts, which is how they get away with not having a fan. It’s just a (normally fanless) phone chip scaled up to laptop standards, something people have been waiting for ever since the original iPad Pro out benchmarked many flagship laptops.

                          1. 5

                            According to Anandtech at full throttle the M1 draws about 27W. Not for very long in an Air though :)

                      3. 5

                        I think we’ll need to wait a few more years to know if they’ve really failed so completely.

                        1. 4

                          I think that’s already pretty amazing. Until a few months ago for decades we could always count on having the best hardware in the Intel / AMD world. For the first time in like 30 years Intel and AMD hardware is significantly inferior. Maybe they’ll catch up quickly, but this is a radically different state of affairs.

                        2. 3

                          Didn’t apple buy a year or so of exclusive use of the newest process at TMSC? How much of the performance gap is a willingness to spend a whole lot of money there?

                          1. 2

                            Have they really fallen behind? Is there any other non-apple CPU that I can buy at a similar price and use in a desktop with comparable performance? Power has good performance, but it still doesn’t surpass intel/amd; and it certainly doesn’t beat them at pricing. (It probably has better power consumption, granted.)

                            1. 1

                              See the “innovators dilemma” section of this post: https://apenwarr.ca/log/20201227. I don’t have domain knowledge to judge this is a right explanation, but it sounds convincing.

                            1. 18

                              What this rant does not focus on: It’s a good thing that these usecases are broken. Wayland prohibits your desktop applications from capturing keystrokes or recording other apps’ screens by default. X’s security model (and low level graphics APIs) is/are severely outdated, and Wayland promises not only to be more secure, but also expose cleaner APIs at the lower level (rendering, etc.)

                              These usecases are/will still be supported though, but this time via standardized interfaces, many of which already exist and are implemented in today’s clients.

                              X is based on a 30 year old code base and an outdated model (who runs server-side display servers these days?). Of course, switching from X to Wayland will break applications, and until they are rewritten with proper Wayland support they will stay that way. For most X11 apps there even is Xwayland, which allows you to run X11 apps in Wayland if you must.

                              1. 25

                                What this rant does not focus on: It’s a good thing that these usecases are broken

                                You should have more compassion for users and developers who have applications that have worked for decades, are fully featured, and are being asked to throw all of that away. For replacements that are generally very subpar. With no roadmap when party will be reached. For a system that does not offer any improvements they care about (you may care about this form of security, not everyone does).

                                I could care less about whether when I run ps I see Xorg or wayland. And I doubt that most of the people who are complaining really care about x vs wayland. They just don’t want their entire world broken for what looks to them like no reason at all.

                                1. 5

                                  I’m not saying that those apps should be thrown away immediately. Some of these work under XWayland (I sometimes stream using OBS and it records games just fine).

                                  If your application really does not run under XWayland, then run an X server! X is not going to go away tomorrow, rather it is being gradually replaced.

                                  I’m simply explaining that there are good reasons some applications don’t work on Wayland. I’m a bit sore of hearing “I switched to Wayland and everything broke” posts: Look behind the curtain and understand why they broke.

                                2. 17

                                  I’m kind of torn on the issue.

                                  On the one hand, the X security model is clearly broken. Like the UNIX security model, it assumes that every single application the user wants to run is 100% trusted. It’s good that Wayland allows for sandboxing, and “supporting the use cases, but this time via standardized interfaces” which allow for a permission system sounds good.

                                  On the other hand, there’s clearly no fucking collaboration between GNOME and the rest of the Wayland ecosystem. There’s a very clear rift between the GNOME approach which uses dbus for everything and the everything-else approach which builds wayland protocol extensions for everything. There doesn’t seem to be any collaboration, and as a result, application authors have to choose between supporting only GNOME, supporting everything other than GNOME, or doing twice the work.

                                  GNOME also has no intention of ever supporting applications which can’t draw their own decorations. I’m not opposed to the idea of client-side decorations, they’re nice enough in GTK applications, but it’s ridiculous to force all the smaller graphics libraries which just exist to get a window on the screen with a GL context - like SDL, GLFW, GLUT, Allegro, SFML, etc - to basically reimplement GTK just to show decorations on GNOME on Wayland. The proposed solution is libdecorations, but that seems to be at least a decade away from providing a good, native-feeling experience.

                                  This isn’t a hate post. I like Wayland and use Sway every day on my laptop. I like GNOME and use it every day on my desktop (though with X because nvidia). I have written a lot of wayland-specific software for wlroots-based compositors. But there’s a very clear rift in the wayland ecosystem which I’m not sure if we’ll ever solve. Just in my own projects, I use the layer-shell protocol, which is a use-case GNOME probably won’t ever support, and the screencopy protocol, which GNOME doesn’t support but provides an incompatible dbus-based alternative to. I’m also working on a game which uses SDL, which won’t properly support GNOME on Wayland due to the decorations situation.

                                  1. 13

                                    the X security model is clearly broken

                                    To be honest I feel the “brokenness” of the security model is vastly overstated. How many actual exploits have been found with this?

                                    Keyloggers are a thing, but it’s not like Wayland really prevents that. If I have a malicious application then I can probably override firefox to launch something that you didn’t intend (via shell alias, desktop files) or use some other side-channel like installing an extension in ~/.mozilla/firefox, malicious code in ~/.bashrc to capture ssh passwords, etc. Only if you sandbox the entire application is it useful, and almost no one does that.

                                    1. 10

                                      This isn’t a security vulnerability which can be “exploited”, it’s just a weird threat model. Every single time a user runs a program and it does something to their system which they didn’t want, that’s the security model being “exploited”.

                                      You might argue that users should never run untrusted programs, but I think that’s unfair. I run untrusted programs; I play games, those games exist in the shape of closed-source programs from corporations I have no reason to trust. Ideally, I should be able to know that due to the technical design of the system, those closed source programs can’t listen to me through my microphone, can’t see me through my webcam, can’t read my keyboard inputs to other windows, and can’t see the content in other windows, and can’t rummage through my filesystem, without my expressed permission. That simply requires a different security model than what X and the traditional UNIX model does.

                                      Obviously Wayland isn’t enough on its own, for the reasons you cite. A complete solution does require sandboxing the entire application, including limiting what parts of the filesystem it can access, which daemons it can talk to, and what hardware it can access. But that’s exactly what Flatpak and Snaps attempts to do, and we can imagine sandboxing programs like Steam as well to sandbox all the closed source games. However, all those efforts are impossible as long as we stick with X11.

                                      1. 3

                                        Every single time a user runs a program and it does something to their system which they didn’t want, that’s the security model being “exploited”.

                                        If you think a permission system is going to solve that, I going to wish you good luck with that.

                                        Ideally, I should be able to know that due to the technical design of the system, those closed source programs can’t listen to me through my microphone, can’t see me through my webcam, can’t read my keyboard inputs to other windows, and can’t see the content in other windows, and can’t rummage through my filesystem, without my expressed permission.

                                        Ah yes, and those closed-source companies will care about this … why exactly?

                                        They will just ask for every permission and won’t run otherwise, leaving you just as insecure as before.

                                        But hey, at least you made the life of “trustworthy” applications worse. Good job!

                                        But that’s exactly what Flatpak and Snaps attempts to do […]

                                        Yes, letting software vendors circumvent whatever little amount of scrutiny software packagers add, that will surely improve security!

                                        1. 7

                                          If you think a permission system is going to solve that, I going to wish you good luck with that.

                                          It… will though. It’s not perfect, but it will prevent software from doing things without the consent of the user. That’s the goal, right?

                                          You may be right that some proprietary software vendors will just ask for every permission and refuse to launch unless given those permissions. Good. That lets me decide between using a piece of software with the knowledge that it’ll basically be malware, or not using that piece of software.

                                          In reality though, we don’t see a lot of software which takes this route from other platforms which already have permission systems. I’m not sure I have ever encountered a website, Android app or iOS app which A) asked for permissions to do stuff it obviously didn’t need, B) refused to run unless given those permissions, and C) wasn’t obviously garbage.

                                          What we do see though is that most apps on the iOS App Store and websites on the web, include analytics packages which will gather as much info on you as possible and send it back home as telemetry data. When Apple, for example, put the contacts database behind a permission wall, the effect wasn’t that every app suddenly started asking to see your contacts. The effect was that apps stopped snooping on users’ contacts.

                                          I won’t pretend that a capability/permission system is perfect, because it isn’t. But in the cases where it has already been implemented, the result clearly seems to be improved privacy. I would personally love to be asked for permission if a game tried to read through my ~/.ssh, access my webcam or record my screen, even if just to uninstall the game and get a refund.

                                          Yes, letting software vendors circumvent whatever little amount of scrutiny software packagers add, that will surely improve security!

                                          I mean, if you wanna complain about distros which use snaps and flatpaks for FOSS software, go right ahead. I’m not a huge fan of that myself. I’m talking about this from the perspective of running closed source software or software otherwise not in the repos, where there’s already no scrutiny from software packagers.

                                          1. 3

                                            There’s probably evidence from existing app stores on whether users prefer to use software that asks for fewer permissions. There certainly seems to be a market for that (witness all the people moving to Signal).

                                            1. 3

                                              But hey, at least you made the life of “trustworthy” applications worse. Good job!

                                              “Trustworthy software” is mostly a lie. Every application is untrustworthy after it gets remotely exploited via a security bug, and they all have security bugs. If we lived in a world without so much memory-unsafe C, then maybe that wouldn’t be true. But we don’t live in that world so it’s moot.

                                              Mozilla has its faults, but I trust them enough to trust that Firefox won’t turn on my webcam and start phoning home with the images. I could even look at the source code if I wanted. But I’d still like Firefox sandboxed away from my webcam because Firefox has memory bugs all the time, and they’re probably exploitable. (As does every other browser, of course, but I trust those even less.)

                                            2. 1

                                              A complete solution does require sandboxing the entire application, including limiting what parts of the filesystem it can access, which daemons it can talk to, and what hardware it can access. But that’s exactly what Flatpak and Snaps attempts to do

                                              But that’s quite limited sandboxing, I think? To be honest I’m not fully up-to-speed with what they’re doing exactly, but there’s a big UX conundrum here because write access to $HOME allows side-channels, but you also really want your applications to do $useful_stuff, which almost always means accessing much (or all of) $HOME.

                                              Attempts to limit this go back a long way (e.g. SELinux), and while this works fairly well for server applications, for desktop applications it’s a lot harder. I don’t really fancy frobbing with my config just to save/access a file to a non-standard directory, and for non-technical users this is even more of an issue.

                                              So essentially I don’t really disagree with:

                                              I should be able to know that due to the technical design of the system, those closed source programs can’t listen to me through my microphone, can’t see me through my webcam, can’t read my keyboard inputs to other windows, and can’t see the content in other windows, and can’t rummage through my filesystem, without my expressed permission. That simply requires a different security model than what X and the traditional UNIX model does.

                                              and I’m not saying that the Wayland model isn’t better in theory (aside from some pragmatical implementation problems, which should not be so casually dismissed as some do IMHO), but the actual practical security benefit that it gives you right now is quite limited, and I think that will remain the case for the foreseeable future as it really needs quite a paradigm shift in various areas, which I don’t really seeing that happening on Linux any time soon.

                                              1. 2

                                                I don’t really fancy frobbing with my config just to save/access a file to a non-standard directory

                                                If a standard file-picker dialog were used, it could be granted elevated access & automatically grant the calling application access to the selected path(s).

                                                1. 1

                                                  there’s a big UX conundrum here because write access to $HOME allows side-channels, but you also really want your applications to do $useful_stuff, which almost always means accessing much (or all of) $HOME.

                                                  This is solved on macOS with powerboxes. The Open and Save file dialogs actually run as a separate process and update the application’s security policy dynamically to allow it to access files that the user has selected, but nothing else. Capsicum was designed explicitly to support this kind of use case, it’s a shame that NIH prevented Linux from adopting it.

                                                  1. 1

                                                    This sounds like a good idea! I’d love to see that in the X11/Wayland/Unix ecosystem, even just because I hate that awful GTK file dialog for so many reasons and swapping it out with something better would make my life better.

                                                    Still; the practical security benefit I – and most users – would get from Wayland today would be very little.

                                              2. 5

                                                I think “broken” is too loaded; “no longer fit for purpose” might be better.

                                                1. 2

                                                  Well, the security model is simply broken.

                                                  I agree that a lot of focus is put on security improvements compared to Wayland’s other advantages (tear-free rendering being the one most important to me). But it’s still an advantage over X, and I like software which is secure-by-default.

                                                  1. 1

                                                    How many actual exploits have been found with this?

                                                    They were very common in the ‘90s, when folks ran xhost +. Even now, it’s impossible to write a secure password entry box in X11, so remember that any time you type your password into the graphical sudo equivalents that anything that’s currently connected to your X server could capture it. The reason it’s not exploited in the wild is more down to the fact that *NIX distros don’t really do much application sandboxing and so an application that has convinced a user to run it already has pretty much all of the access that it needs for anything malicious that it wants to do. It’s also helped by the fact that most *NIX users only install things from trusted repositories where it’s less likely that you’ll find malware but expect that to change if installing random snap packages from web sites becomes common.

                                                  2. 4

                                                    It’s good that Wayland allows for sandboxing

                                                    If I wanted to sandbox an X application, I’d run it on a separate X server. Maybe even an Xnest kind of thing.

                                                    I’ve never cared to do this (if I run xnest it is to test network transparency or new window managers or something, not security), so I haven’t tried, but it seems to me it could be done fairly easily if someone really wanted to.

                                                    1. 2

                                                      Whoa, I’ve never heard about the GNOME issues (mostly because I’m in a bubble including sway and emersion, and what they do looks sensible to me). That sucks though, I hope they somehow reconcile.

                                                      Regarding Nvidia I think Simon mentioned something that hinted at them supporting something that has to do with Wayland, but I could just as easily have misunderstood.

                                                    2. 8

                                                      Wayland prohibits your desktop applications from capturing keystrokes or recording other apps’ screens by default

                                                      No, it doesn’t. Theoretically it might enable doing this by modifying the rest of the system too, but in practice (and certainly the default environment) it is still trivial for malware to keylog and record screen on current Wayland desktop *nix installs.

                                                      1. 3

                                                        it is still trivial for malware to keylog and record screen on current Wayland desktop *nix installs.

                                                        I don’t think that’s true. The linked article says recording screens and global hotkeys is “broken” by Wayland. How can it be so trivial for “malware” to do something, and absolutely impossible for anyone else?

                                                        Or is this malware that requires I run it under sudo?

                                                        1. 10

                                                          It’s the difference between doing something properly and just doing it. Malware is happy with the latter while most non malware users are only happy with the former.

                                                          There are numerous tricks you can use if you are malware, from using LD_PRELOAD to inject code and read events first (since everyone uses libwayland this is really easy), to directing clients to connect to your mitm Wayland server, to just using a debugger, and so on and so forth. None of these are really Wayland’s fault, but the existence of them means there is no meaningful security difference on current desktops.

                                                          1. 2

                                                            I don’t know if I agree that the ability to insert LD_PRELOAD in front of another application is equivalent to sending a bytestring to a socket that is already open, but at least I understand what you meant now.

                                                        2. 4

                                                          I’m sick of this keylogger nonsense.

                                                          X11 has a feature which allows you to use the X11 protocol to snoop on keys being sent to other applications. Wayland does not have an equivalent feature.

                                                          Using LD_PRELOAD requires being on the other side of an airtight hatch. It straight-up requires having arbitrary code execution, which you can use to compromise literally anything. This is not Wayland’s fault. Wayland is a better lock for your front door. If you leave your window open, it’s not Wayland’ fault when you get robbed.

                                                          1. 7

                                                            Indeed, it’s not waylands fault, and I said as much in response to the only reply above yours, an hour and 20 minutes before you posted this reply. You’re arguing against a straw man.

                                                            What is the case is that that “airtight hatch” between things that can interact with wayland and things that can do “giant set of evil activities” has been propped wide open pretty much everywhere on desktop linux, and isn’t reasonably easy to close given the rest of desktop software.

                                                            If you were pushing “here’s this new desktop environment that runs everything in secure sandboxes” and it happened to use wayland there would be the possibility of a compelling security argument here. Instead what I see is people making this security argument in a way that could give people the impression it secures things when it doesn’t actually close the barn doors, which is outright dangerous.

                                                            In fact, as far as I know the only desktop *nix OS that does sandbox everything thing is QubesOS, and it looks like they currently run a custom protocol on top of an X server…

                                                            1. 2

                                                              Quoting you:

                                                              Wayland prohibits your desktop applications from capturing keystrokes or recording other apps’ screens by default

                                                              No, it doesn’t.

                                                              Yes, it does. Wayland prohibits Wayland clients from using Wayland to snoop on other Wayland clients. X11 does allow X11 clients to use X11 to snoop on other X11 clients.

                                                              Other features of Linux allow you to circumvent this within the typical use-case, but that’s a criticism of those features moreso than of Wayland, and I’m really tired of it being trotted out in Wayland discussions. Wayland has addressed its part of the problem. Now it’s on the rest of the ecosystem to address their parts. Why do you keep dragging it into the Wayland dicsussion when we’ve already addressed it?

                                                              1. 7

                                                                This

                                                                Wayland prohibits your desktop applications from capturing keystrokes or recording other apps’ screens by default

                                                                And this

                                                                Wayland prohibits Wayland clients from using Wayland to snoop on other Wayland clients.

                                                                Are two very different statements. The latter partially specifies the method of snooping, the former does not.

                                                                Why do you keep dragging it into the Wayland dicsussion when we’ve already addressed it?

                                                                I do not, I merely reply to incorrect claims brought up in support of wayland claiming that it solves a problem that it does not. It might one day become part of a solution to that problem. It might not. It certainly doesn’t solve it by itself, and it isn’t even part of a solution to that problem today.

                                                        3. 4

                                                          X’s design has many flaws, but those flaws are well known and documented, and workarounds and extensions exist to cover a wide range of use cases. Wayland may have a better design regarding modern requirements, but has a hard time catching up with all the work that was invested into making X11 work for everyone over the last decades.

                                                          1. 3

                                                            X’s design has many flaws, but those flaws are well known and documented, and workarounds and extensions exist to cover a wide range of use cases.

                                                            Once mere flaws become security issues it’s a different matter though.

                                                            [Wayland] has a hard time catching up with all the work that was invested into making X11 work for everyone over the last decades.

                                                            This may be true now, but Wayland is maturing as we speak. New tools are being developed, and there isn’t much missing in the realm of protocol extensions to cover the existing most-wanted X features. I see Wayland surpassing X in the next two, three years.

                                                            1. 2

                                                              Yeah, I started to use sway on my private laptop and am really happy with it. Everything works flawlessly, in particular connecting an external HiDPI display and setting different scaling factors (which does not work in X). However, for work I need to be able to share my screen in video calls occasionally and record screencasts with OBS, so I’m still using X there.

                                                          2. 4

                                                            I wonder if X’s security model being “outdated” is partly due to the inexorable slide away from user control. If all your programs are downloaded from a free repo that you trust, you don’t need to isolate every application as if it’s out to get you. Spotify and Zoom on the other hand are out to get you, so a higher level of isolation makes sense, but I would still prefer this to be the exception rather than the rule.

                                                            In practice 99.9% of malicious code that is run on our systems is done via the web browser, which has already solved this problem, albeit imperfectly, and only after causing it in the first place.

                                                            1. 4

                                                              If all your programs are downloaded from a free repo that you trust, you don’t need to isolate every application as if it’s out to get you

                                                              I completely agree, as long as all of my programs are completely isolated from the network and any other source of untrusted data, or are formally verified. Otherwise, I have to assume that they contain bugs that an attacker could exploit and I want to limit the damage that they can do. There is no difference between a malicious application and a benign application that is exploited by a malicious actor.

                                                              1. 1

                                                                all of your programs are completely isolated from the network?

                                                                how are you posting here?

                                                                1. 2

                                                                  They’re not, that’s my point and that’s why I’m happy that my browser runs sandboxed. Just because I trust my browser doesn’t mean that I trust everyone who might be able to compromise it.

                                                                  1. 1

                                                                    that makes sense for a browser, which is both designed to run malicious code and too complex to have any confidence in its security. but like i said i would prefer cases like this to be the exception. if the rest of your programs are relatively simple and well-tested, isolation may not be worth the complexity and risk of vulnerabilities it introduces. especially if the idea that your programs are securely sandboxed leads you to install less trustworthy programs (as appears to be the trend with desktop linux).

                                                                    1. 2

                                                                      Okay, what applications do you run that never consume input from untrusted sources (i.e. do not connect to the network or open files that might come from another application)?

                                                                      1. 1

                                                                        I don’t think you are looking at this right. The isolation mechanism can’t be 100% guaranteed free of bugs any more than an application can. Your rhetorical question is pretty far from what I thought we were discussing so maybe you could rephrase your argument.

                                                            2. 1

                                                              This argument seems similar to what happened with cinnamon-screensaver a few weeks ago:

                                                              https://github.com/linuxmint/cinnamon-screensaver/issues/354#issuecomment-762261555 (responding to https://www.jwz.org/blog/2021/01/i-told-you-so-2021-edition/)

                                                              It’s a good thing for security (and maybe for users in the long term once they work again) that these usecases are broken, but it is not a good thing for users in the short term that these usecases don’t work on Wayland.

                                                            1. 2

                                                              I’ve had a crazy thought for a while that they’d try to turn Windows into a Linux at some point, given their deeper integration with Linux via WSL. Probably won’t happen since there’s been so much sunk into the Windows way of doing things and there’s such a broad divergence from UNIX at this point, but one can always hope :)

                                                              1. 7

                                                                My understanding is that WSL has backed off from syscall translation to basically just virtualization with some nifty bits. If so, that’s probably a net win for utility but much less interesting from a technical perspective.

                                                              1. 1

                                                                Define “self-hosting” – like, on a VPS? On bare metal under my desk?

                                                                1. 2

                                                                  Related question: What’s your backup plan if you forget your master password, for example after an accident leaving you with a temporary memory loss?

                                                                  1. 1

                                                                    Keeping the number of accounts I need to keep track of in the first place low so that manual recovery is plausible!

                                                                    It’s a good question though - I have had the experience of not having to type my master password for only a week or two, then coming back to it and not having a clue what it was. It was only muscle memory that saved me.

                                                                    1. 1

                                                                      1Password family means my partner and I can reset each other’s keys. (I haven’t read the whitepaper in a while, but iirc everyone in the family’s private keys get stored encrypted by everyone else in the family. 1P themselves still cannot access your data since they don’t have an unencrypted copy of anyone’s keys, and you can’t indiscriminately access others’ data because the 1P server won’t just give it to you.

                                                                      1. 1

                                                                        If I’m not mistaken and memory serves, 1Password generates a PDF form for your physical vault or safe deposit box that is an emergency backup plan with your master key.

                                                                        1. 1

                                                                          Yeah, I have this. I also use a family plan, so my wife can get in; and, honestly, I wrote the password down and it’s in our secure storage with our passports and such.

                                                                      1. 14

                                                                        I’ve been really tempted to buy a remarkable2. But the reviews I see say it’s great for note taking but not so great for just reading PDFs. Mostly I want to read PDFs. I’m still on the fence.

                                                                        1. 14

                                                                          As long as your PDFs don’t require color, it is 100% worth it. Definitely one of my favorite devices at the moment.

                                                                          1. 5

                                                                            Same. In the month or so I’ve had one, it hasn’t caused me a single frustration (and I’m the kind of person who gets annoyed at the user interfaces of my own Apple products). It works exactly as advertised. Anyone who thinks it might be worth the price tag should watch a third party review video and check out the official and awesome list projects. It has been awhile since I’ve stayed this excited about a new device so long after buying it.

                                                                          2. 12

                                                                            I picked one up recently hoping that I could migrate a lot of my ebooks and pdfs to it. I don’t plan on returning it, but I wouldn’t recommend it.

                                                                            I was a huge fan of the kindle dx, but I’ve managed to break the buttons on a couple which renders them practically useless. I was on the fence with the first remarkable device but figured I’d given the latest iteration a shot. I figured it’d be a good DX substitute. It’s not. I want to like it, the physical design is really good, but the software sucks.

                                                                            I have a large collection of documents (epub/pdfs) that I was looking forward to getting on the device. Largely a mix of books published in electronic formats from regular publishers (O’Reilly, Manning, PragProg, etc.) as well as a few papers and docs I’ve picked up here and there.

                                                                            First, the reMarkable desktop/mobile app that you have to rely on for syncing is a little wonky. Syncing between the device and mobile/desktop versions of the app works, but leaves a little to be desired. Second, I have yet to load a pdf or epub that isn’t brutally slow to navigate (just page by page). If the document has images or graphics (even simple charts and illustrations) it will affect navigation performance. Occasionally a document will load relatively quickly, and navigate reasonable well, only to slow down after a few page turns. Epubs tend to be a little more difficult to work with - particularly if you decide to change the font. All I have to compare this device to is my broken DX, which, everything considered, positively smokes the reMarkable.

                                                                            It’s usable. It works alright for PDFs, less so for epubs. On the positive side, the battery life is quite good.

                                                                            1. 3

                                                                              I agree with your analysis in most regards. Syncing a lot of ebooks and pdfs to it is not something at which it would excel by default. I have a large Calibre library, and I haven’t synced it over for that reason. However, it’s something I’m looking forward to investigating with KOReader, which supports the reMarkable.

                                                                              I haven’t experienced the lag that you talk about, but can understand that that would be bothersome – though I definitely have experienced the “wonkiness” of the companion apps.

                                                                              1. 1

                                                                                My understanding is that epubs are converted to PDF before being synced? Is that actually the case?

                                                                                1. 4

                                                                                  It renders the epub to pdf for display but that’s all in-memory. It’s still an epub on disk.

                                                                                  1. 1

                                                                                    I don’t know. I’ve got a couple books that are both pdf and ePub, and the pdf version behaves a little better. You can also resize and change fonts for ePub doc, but not for PDFs.

                                                                                    1. 1

                                                                                      Along these lines, another interesting observation I’ve made has to do with the way some kinds of text get rendered. In particular, I’ve encountered epubs with code listings that render fine in other apps and on other devices, but render horribly on the remarkable2 device. Interestingly, in some of those cases I will also have a publisher provided PDF that renders just fine.

                                                                                      Further, epubs and PDFs are categorized differently in both the app and the device. With epubs you can change the justification, page margins, line spacing, fonts, and font size. With PDFs you have fewer options, but you do have the ability to adjust the view (which is great for papers since you can get rid of the margins).

                                                                                    2. 2

                                                                                      I don’t think so – from my playing around with ssh, there are definitely some epubs stored on device. I actually think the browser extension generates epubs, rather than pdfs which was surprising.

                                                                                      1. 2

                                                                                        Huh. Cool. Hmmm. The real reason I shouldn’t get one is that I always fall asleep with my e-reader and it often bounces off my face.

                                                                                        1. 3

                                                                                          That’s a pro, for the device, it weighs next to nothing. I’ve damn near knocked myself out dropping an iPad Pro on my head when reading in bed.

                                                                                          1. 1

                                                                                            For me, it’s more the fact that the Kobo then ends up falling onto the floor. I’m not crazy with that with a $120 device, so …

                                                                                  2. 7

                                                                                    I own Gen 1 and Gen 2. I love the simplicity and focus of the device. It’s an amazing… whiteboard.

                                                                                    Note taking is not suuuper great. Turns out marking up a PDF to take notes actually isn’t that great because the notes quickly get lost in the PDF. It’s not like in real life, where you can put a sticky note to jump to that page. The writing experience is fantastic though. I have notebooks where I draw diagrams/ideas out. I like it for whiteboarding type stuff.

                                                                                    Reading is terrible. I mean, it works. Searching is painfully slow. The table of contents doesn’t always show up (even though my laptop PDF reader can read the TOC just fine). When you do get a TOC, the subsections are flattened to the top level, so it’s hard to skim the TOC. PDF links don’t work. Text is often tiny, though you can zoom in. EPUBs appear to get converted to PDFs on the fly and their EPUB to PDF conversion sucks. Though, I’ve found doing the conversion myself in Calibre is way better.

                                                                                    Overall, I like the device for whiteboarding. But it’s kinda hard to recommend.

                                                                                    1. 2

                                                                                      Marking up PDFs works better in color, since you can pick a contrasting ink color. I do it in Notability on my iPad Pro (which is also great for whiteboarding / sketching.)

                                                                                      I was tempted by reMarkable when the first version came out, but I couldn’t see spending that kind of money on something that only does note taking and reading. I’m glad it’s found an audience though, it’s a cool device.

                                                                                      1. 1

                                                                                        Turns out marking up a PDF to take notes actually isn’t that great because the notes quickly get lost in the PDF. It’s not like in real life, where you can put a sticky note to jump to that page.

                                                                                        So far the best experience I’ve seen for this is LiquidText on an iPad Pro. While you can write on the PDF as any other annotator, there’s also a lot of more hypertext type of features, like collecting groups of notes in an index, or writing separate pages of notes that are bidirectionally hyperlinked to parts of the document they refer to. Or do things like pull out a figure from a paper into a sidebar where you attach notes to it.

                                                                                        The main downside for me is that you do more or less have to go all-on on LiquidText. It supports exporting a workspace to flat PDFs, but if you used the hypertext features in any significant way, the exported PDFs can be very confusing with the lack of expected context.

                                                                                        1. 1

                                                                                          Agreed that it is hard to find notes. There should be a way to jump to pages that have notes on them (this is how Drawboard PDF works, for example).

                                                                                          1. 1

                                                                                            What is the advantage over drawing on a piece of paper or on a whiteboard, then taking a photo of what you’ve drawn, if needed?

                                                                                            1. 1

                                                                                              I tried paper note books, but I’m too messy and make too many mistakes. Erasing, moving, and reordering is hard on paper.

                                                                                              A whiteboard is pretty good for temporary stuff and erases better than paper. But, it can be a bit messy.

                                                                                              I also tried Rocketbook for a while. I got the non-microwaveable (yes you read that right) one. That was okay. A little meh for me.

                                                                                              And of course, you can’t read PDFs on any of these.

                                                                                        1. 1

                                                                                          I use and endorse the use of 1Password, because it is the easiest for my non-technical wife to use. Any theoretical decrease in security due to the closed source nature of the client and service are entirely outweighed by the practical benefits of having my wife move onto strong passwords.

                                                                                          1. 9

                                                                                            XTerm also supports real graphics as well, thanks to the VT430’s sixel mode. This page has some nifty demos.

                                                                                            I wish this feature was better known/more used. Because few programs take advantage of this capability, many terminal emulators haven’t implemented sixel support.

                                                                                            Personally, I have found this feature useful for listing directories of images with lsix, and also for displaying output from GNUPlot.

                                                                                            1. 5

                                                                                              This is some amazing singing pig stuff.

                                                                                              1. 3

                                                                                                Singing pig?

                                                                                                1. 6

                                                                                                  Like, the quality of the output isn’t nearly as impressive as the fact that it works at all!

                                                                                                  1. 4

                                                                                                    Ahh I see. Not an expression I had heard before.

                                                                                                    I do agree, the output quality does leave a bit to be desired, but considering this is 30 year old technology, I give it somewhat of a pass.

                                                                                                    I do wish that there was a higher-quality more modern alternative. I know iTerm2 has an image drawing protocol, but no other terminal emulators have adopted it as far as I know.

                                                                                                    1. 5

                                                                                                      Kitty supports a graphics protocol too. I plan to one day port this to alacritty.

                                                                                                      1. 4

                                                                                                        The term that I’ve seen is dancing bear (commonly attributed as a Russian proverb): “The marvel is not that the bear dances well, but that the bear dances at all.”

                                                                                                        1. 2

                                                                                                          I would love for something more like Mathematica (as you note in a peer comment) that was open and widely adopted for interactive computing.

                                                                                                          1. 1

                                                                                                            How about Jupyter Console?

                                                                                                  2. 3

                                                                                                    I think the real tragedy is shoving this into a glorified vt100, instead of realizing there are better tools for this…

                                                                                                    1. 6

                                                                                                      If you want an interactive CLI type interface that can also embed images, what other tool is there available for this today? I guess Mathematica kind of has this, but it’s proprietary, and cannot be used as a general-purpose UI for other programs to target.

                                                                                                      1. 6

                                                                                                        Emacs?

                                                                                                        1. 3

                                                                                                          I’d add to that: works over SSH or some equivalent.

                                                                                                          I have a proof-of-concept implementation that adds two features to FreeBSD:

                                                                                                          • A content negotiation protocol over pipes, so the sender advertises the set of things it can produce and the receiver picks the one that it wants, gracefully falling back to unknown if one end doesn’t support the protocol.
                                                                                                          • A ‘pipe pealing’ mechanism in the TTY layer, so that you can establish independent pipes to the terminal emulator, for different types of data.

                                                                                                          Both of these could be cleanly encapsulated in the SSH protocol, but I haven’t actually done the work (yet).

                                                                                                          I’d love to see something like this standardised. I modified libxo in the base system to support this protocol, so you can pipe any libxo-enabled utility to something that wants JSON or HTML and have it work without the user having to pass any libxo flags to the first thing in the pipeline. Oh, and a proof-of-concept using the PTY interfaces so that the terminal could request an HTML version of what was being displayed and open that in a web browser. I’d love to have a terminal incorporate something like that properly so that, for example, ls gave me a table view that I could sort and filter.

                                                                                                          1. 2

                                                                                                            Jupyter console and, slightly more distantly, interactive notebooks both fit, imo.

                                                                                                          2. 2

                                                                                                            I think the real tragedy is that we are rio(1) (well, a descendant of it, anyway), in which this sort of thing — like a lot of things in Plan 9 — was so easy that it didn’t even seem noteworthy.

                                                                                                        1. 2

                                                                                                          They didn’t even mention my bugaboo: USB cables that only carry power, not data. They’re packed in with (some) devices that only support USB for charging, and I seem to have accumulated a number of them.

                                                                                                          So sometimes when I retrieve a cable from my stash to connect something to my computer, I have the frustrating experience of not being able to connect to the device, checking that I’ve installed drivers / put the device in “connect mode”, etc. until I remember that this must be one of those dud cables…

                                                                                                          1. 5

                                                                                                            Ouch, I sympathize. I tend to store these sorts of cables separately, in the trash can.

                                                                                                            1. 1

                                                                                                              I currently carry device chargers with me and avoid plugging my devices into other USB sockets to charge. This is mostly because I’m concerned about security.

                                                                                                              As charging over USB becomes more common and available, I think ‘power only’ cables will be useful, though I might have to buy them in a particular, garish colour to avoid the nightmare you’re describing.

                                                                                                              1. 2

                                                                                                                You can buy the “USB condom” adapters pretty cheaply, and use them to turn any cable into a power-only cable when you’re going to be charging from an untrusted port. I always used to bring a few with me back in the days when traveling was a thing.

                                                                                                              2. 1

                                                                                                                I am dying today trying to plug a monitor in via USB-C, and apparently every single C->C cable I have is power only? Or maybe it’s this busted MBP? Or maybe it’s just the phase of the moon?

                                                                                                                I hate USB more than almost anything else in computing.

                                                                                                                1. 1

                                                                                                                  O man, have you ever used SCSI? Macs used to use it, pre-USB. It wasn’t hot-pluggable, so you had to shut down everything first. And it sometimes required a “terminator” plug at the end of the chain, and there was weird voodoo about that which honestly I’ve blocked out of my memory. Plus the cables were as big around as a finger, stiff, and quite expensive.

                                                                                                                  1. 1

                                                                                                                    I used to tend a big SGI (a Power Challenge!) with weird flaky terminator problems. It was the worst. Super fun having a whole academic department go offline because of some dumbass $1,200 hunk of resistors and plastic in that edgy shade of mauve.

                                                                                                              1. 2

                                                                                                                I mean, the problem of essential complexity doesn’t go away because you can write your backend in JavaScript. Hard problems remain hard, and engineering is the art of maneuvering through an n-dimensional solution space to find anything that advances your goals. If that is Mongo, OK. But the idea that there’s something essential to NoSQL that means it will “win” is just marketing bafflegab.

                                                                                                                1. 5

                                                                                                                  I was intrigued by this:

                                                                                                                  According to the author of Kitty, tmux is a bad idea, apparently because it does not care about the arbitrary xterm-protocol extensions Kitty implements. Ostensibly, terminal multiplexing (providing persistence, sharing of sessions over several clients and windows, abstraction over underlying terminals and so on) are either unwarranted and seen as meddling by a middleman, or should be provided by the terminal emulator itself (Kitty being touted as the innovator here). A remarkable standpoint, to say the least.

                                                                                                                  Because this is something that I completely agree with. I have recently switched to abduco from tmux because I want my terminal to handle being a terminal and the only thing that I wanted from tmux was connection persistence. There are a load of ‘features’ in tmux that really annoy me. It does not forward everything to my terminal and implements its own scrollback which means I can’t cat a file, select it, copy it, and paste it into another terminal connected to a different machine (which is something I do far more often than I probably should).

                                                                                                                  1. 2

                                                                                                                    Yeah, I do not like how some terminal emulators now are leaving everything to tmux/screen, rather than implementing useful features for management, scrollback, etc themselves. For 99% of my cases, I don’t need tmux in addition to my shell and a good terminal emulator, so idk why I’d want to introduce more complexity.

                                                                                                                    kitty honestly works very well for me, and has Unicode and font features that zutty does not seem to consider. Clearly some work needs to be done for conformance to the tests that the author raises, but for my needs, kitty works great for Unicode coverage and rendering.

                                                                                                                    1. 1

                                                                                                                      Yeah, I do not like how some terminal emulators now are leaving everything to tmux/screen,

                                                                                                                      So I think tmux and screen both suck since they don’t pass through to the terminal things like scrollback. Instead of the same mouse wheel or shift+page up, I have to shift gears to C-a [ or whatever it is.

                                                                                                                      I actually decided to write my own terminal emulator… and my own attach/detach session thing that goes with it. With my custom pass-through features I can actually use them all the same way. If I attach a full screen thing, the shift pageup/down just pass through to the application, meaning it can nest. Among other things. I kinda wonder why the others don’t lobby for similar xterm extensions or something so they can do this too.

                                                                                                                    2. 2

                                                                                                                      I also love how Kitty pretty easily allows you to extend these features with other programs. Instead of Kitty’s default history, I have it enter neovim (with all of my configurations) so that I can navigate and copy my history in the same way the I write my code. I have been using Kitty for a few years and absolutely love it. The only issue I run into on occasion is that SSHing into some servers can mess the terminal up a little.

                                                                                                                      1. 2

                                                                                                                        Same. I never warmed to the “tmux is all you need” approach, because, honestly, it’s just a totally unnecessary interloper in my terminal workflow. I like being able to detach/reattach sessions, but literally everything else about tmux drives me bananas.

                                                                                                                      1. 2

                                                                                                                        I wonder whether Intel let USB turn into a mess intentionally (a bit like Google keeps up the churn rate for web technologies to kill off other browsers)?

                                                                                                                        1. 1

                                                                                                                          I’d not assign to malice what is more easily explained by stupidity (or institutional inertia).

                                                                                                                          1. 2

                                                                                                                            Or the economics of commodities.

                                                                                                                            1. 1

                                                                                                                              Sad day for Intel if this really is stupidity…

                                                                                                                              The outcome, be it simple stupidity or institutional cultural stupidity, is that usb needs proper competition to kill it off.

                                                                                                                              Maybe by a bolt of thunder!

                                                                                                                          1. 1

                                                                                                                            Neat, my university shows up on this list. Nowehere near the top, but on the list 🙂

                                                                                                                            e: Also, I only did undergrad.

                                                                                                                            1. 1

                                                                                                                              Same, although I left in ’92, so I doubt my experiences have much to say about their current rating.

                                                                                                                            1. 31

                                                                                                                              X11 really delivered on the promise of “run apps on other machines and display locally.” XResources let you store your configuration information in the X server. Fonts were stored in your display server or served from a font server.

                                                                                                                              X Intrinsics let you do some amazing things with keybindings, extensibility, and scripting.

                                                                                                                              And then we abandoned all of it. I realize sometimes (often?) we had a good reason, but I feel like X only got to show off its true power only briefly before we decided to make it nothing but a local display server with a lot of unused baggage.

                                                                                                                              (The only system that did better for “run apps remotely/display locally” was Plan 9, IMHO.)

                                                                                                                              1. 11

                                                                                                                                A lot of these things were abandoned because there wasn’t a consistent story of what state belonged in the client and server and storing state on the server was hard. For this kind of remote desktop to be useful, you often had thin X-server terminals and a big beefy machine that ran all of the X clients. With old X fonts, the fonts you could display depended on the fonts installed on the server. If you wanted to be able to display a new font, it needed installing on every X server that you’d use to run your application. Your application, in contrast, needed installing on the one machine that would run it. If you had some workstations running a mix of local and remote applications and some thin clients running an X server and nothing locally, then you’d often get different fonts between the two. Similarly, if you used X resources for settings, your apps migrated between displays easily but your configuration settings didn’t.

                                                                                                                                The problem with X11’s remote story (and the big reason why Plan 9 was better) was that X11 was only a small part of the desktop programming environment. The display, keyboard, and mouse were all local to the machine running the X server but the filesystem, sound, printer, and so on were local to the machine running the client. If you used X as anything other than a dumb framebuffer, you ended up with state split across the two in an annoying manner.

                                                                                                                                1. 11

                                                                                                                                  As someone who had to set up an X font server at least once, you didn’t have to have the fonts installed on every X server, you just had to lose all will to live.

                                                                                                                                  But yes, X was just one part of Project Athena. It assumed you’d authenticate via Kerberos with your user information looked up in Hesiod and display your applications via X, and I think there was an expectation that your home directory would be mounted over the network from a main location too.

                                                                                                                                  Project Athena and the Andrew Project were what could have been. I don’t think anyone expected local workstations to become more powerful than the large shared minis so quickly, and nobody saw the Web transforming into what it is today.

                                                                                                                                  1. 4

                                                                                                                                    At school I got to use an environment with X terminals, NFS mounts for user data, and NIS for authentication. It worked fairly well, and when you see something like that work, it’s hard to see the world in quite the same way afterwards.

                                                                                                                                    As for the web, it’s true that it challenged this setup quite a bit, because it was hard to have enough CPU on large server machines to render web content responsively for hundreds of users. But on the other hand, it seems like we’ve past the point of sending HTML/CSS/JS to clients being optimal from a bandwidth point of view - it’s cheaper to send an h264 stream down and UI interaction back. In bandwidth constrained environments, it’s not unimaginable that it makes sense to move back in the other direction, similar to Opera Mini.

                                                                                                                                    1. 2

                                                                                                                                      Omg what a scary thought!

                                                                                                                                    2. 2

                                                                                                                                      Andrew was really amazing. I wish it had caught on, but if wishes were horses &c &c &c.

                                                                                                                                      1. 1

                                                                                                                                        The early version of the Andrew Window Manager supported tiling using a complex algorithm based on constraint solving. They made an X11 window manager that mimicked the Andrew WM.

                                                                                                                                        Let me rephrase that: I know they made an X11 window manager that mimicked Andrew but I cannot for the life of me find it. It’s old, it would’ve been maybe even X10 and not X11…

                                                                                                                                        So yeah, if you know where that is, it would be a helluva find.

                                                                                                                                        1. 2

                                                                                                                                          iirc scwm uses some kind of constraint-solving for window placement. but i am approx. 99% sure that that’s not what you are looking for.

                                                                                                                                          it’s for that remaining 1% that i posted this message :)

                                                                                                                                  2. 9

                                                                                                                                    We didn’t abandon it; rather, we admitted that it didn’t really work and stopped trying. We spent our time in better ways.

                                                                                                                                    I was the developer at Trolltech who worked most on remote X, particularly for app startup and opening windows. It sucked, and it sucked some more. It was the kind of functionality that you have to do correctly before and after lunch every day of every week, and a moment’s inattention breaks it. And people were inattentive — most developers developed with their local X server and so wouldn’t notice it if they added something that would be a break-the-app bug with even 0.1s latency, and of course they added that sooner or later.

                                                                                                                                    Remote X was possible, I did use Qt across the Atlantic, but unjustifiable. It required much too much developer effort to keep working.

                                                                                                                                    1. 1

                                                                                                                                      I wonder how much of that pain was from legacy APIs? I spent some time about 15 years ago playing with XCB when it was new and shiny and it was possible to make something very responsive on top of it (I was typically doing development on a machine about 100ms away). The composite, damage, and render extensions gave you a good set of building blocks as long as everything involved in drawing used promises and you deferred blocking as long as possible. A single synchronous API anywhere in the stack killed it. I tried getting GNUstep to use the latency hiding that XCB enabled and it was a complete waste of time because there were so many blocking calls in the higher-level APIs that the mid-level APIs undid all of the work that you did at the lower level.

                                                                                                                                      If; however, you designed your mid- and higher-level drawing APIs to be asynchronous, remote X11 performed very well but getting people to adopt a completely new GUI toolkit seemed like too much effort.

                                                                                                                                      That said, the way that you talk to a GPU now (if you actually care about performance) is via asynchronous APIs because bus round trips can be a bottleneck. A lot of the lessons from good remote drawing APIs are directly applicable to modern graphics hardware. With modernish X11 you can copy images to the server and then send sequences of compositing commands. With a modern GPU, you copy textures into GPU memory and then send a queue of compositing command across the bus.

                                                                                                                                      1. 2

                                                                                                                                        We at Trolltech avoided legacy APIs, provided our users with good APIs (good enough that few people tried to go past it to the lower-level protocol), and still people had problems en masse.

                                                                                                                                        If your test environment has nanoseconds of latency, you as app developer won’t notice that the inner body of a loop requires a server roundtrip, but your users will notice it very well if they have 0.1s of latency. Boring things like entering data in a form would break, because users would type at their usual speed, and the app would mishandle the input.

                                                                                                                                        Enter first name, hit enter, enter last name, see that sometimes start of the last name was added to the first-name field depending on network load.

                                                                                                                                        Edited to add: I’m not trying to blame here (“fucking careless lazy sods” or whatever), I’m trying to say that coping with latencies that range from nanoseconds to near-seconds is difficult. A lack of high-latency testing hurts, but it’s difficult even with the best of testing. IMO it’s quite reasonable to give up on a high-effort marginal task, the time can be spent better.

                                                                                                                                        1. 2

                                                                                                                                          Note that a lot of the problems exist whether or not the code is part of the application process or not. If you use Windows Remote Desktop around the world, you have 100s of milliseconds of latency. If you press shift+key, it’s not uncommon to see them delivered out of order and incorrect results. (I don’t know exactly how this happens because a TCP connection implies ordering, so I suspect this is really about client message construction and server message processing.) The engine somehow has to ensure logically correct rendering while avoiding making application UI calls synchronous. Applications may not be aware of it, but the logic is still there.

                                                                                                                                          1. 1

                                                                                                                                            We at Trolltech avoided legacy APIs, provided our users with good APIs (good enough that few people tried to go past it to the lower-level protocol), and still people had problems en masse.

                                                                                                                                            I’ve never looked very closely at Qt, but I was under the impression that most of your drawing APIs were synchronous? I don’t remember promises or any other asynchronous primitives featuring in any of the APIs that I looked at.

                                                                                                                                            1. 3

                                                                                                                                              Neither really synchronous nor really asynchronous… There are three relevant clocks, all monotonic: Time proceeds monotonically in the server, in the app and for the user, and none of the three can ever pause any of the others as would be necessary for a synchronous call, and no particular latency or stable offset is guaranteed.

                                                                                                                                              So, yes, Qt is synchronous, but when people say synchronous they usually have a single-clock model in mind.

                                                                                                                                              There are no promises, but what some people consider synchronous drawing primitives don’t really work. Promises would let you write code along the lines “do something, then when the server call returns, draw blah blah”. Synchronous code would be “do something; draw blah blah;”. Qt’s way is react strictly to server events: The way to draw is to draw in response to the server’s asking for that, and you don’t get to cheat and expect what the server will ask for, and you can’t avoid redrawing if the server wants you to.

                                                                                                                                              We were careful about the three monotonic times, so the default handling has always been correct. But it’s very easy to do things like change the destination of keyboard input, and forget that the events that arrive at the program after the change may have been sent from the server (or from the user’s mind) either before or after the program performed the change.

                                                                                                                                              A tenth of a second is a long time in a UI. People will type two keystrokes or perform a mouse action that quickly. If you want to avoid latency-induced mistakes you have to think clearly about all three clocks.

                                                                                                                                      2. 2

                                                                                                                                        People got and continue to get a lot of mileage out of remote x. Even on windows, I believe you can use remote forwarding with putty to an x server like vcxsrv.

                                                                                                                                        The biggest killer of remote x was custom toolkits (as opposed to athena and xt) and, ultimately, glx. The former is slow to proxy transparently; the latter is nigh impossible.

                                                                                                                                        1. 1

                                                                                                                                          Yeah. I feel that the problem with Xorg isn’t necessarily Xorg itself, but instead a lot of the programmatic interfaces are kludgy, and the more complex usecases are specific enough that there has been very little documentation of them. It very likely would fulfill a lot of uses that people have no alternative for, but that knowledge has not been passed on. So instead people see it as a huge bloated mess, only partly because it is, but partly because they simply either don’t know or don’t care about those other workflows and uses.

                                                                                                                                        1. 7

                                                                                                                                          I was expecting this to be a lot more special pleading about how software engineering is so different than other white collar work, and I wasn’t disappointed, but it’s well enough argued that it’s an open question as to whether it’s special pleading or actually just the way more white collar work should be done.

                                                                                                                                          1. 12

                                                                                                                                            Yeah, if you talk to people with experience in both, or people in management science, it’s pretty obvious that SEs aren’t different. Most companies just are bad at handling white collar workers.

                                                                                                                                          1. 1

                                                                                                                                            USB is awful, and the fact that it’s largely being implemented by commodity consumer electronics companies means that is never going to be any good. Sigh.