1. 9

    I wish the staging area didn’t exist. Hidden state that changes by itself is a recipe for accident in any man-machine interface, and in this case, quite unnecessary.

    Wanna track, untrack or restore a file? Now it’s implicitly staged too, yet hidden from git diff, and inconveniently becomes part of the next commit, despite your explicit command to commit something else.

    When I commit something, I want to see what I have (in git diff) first and then commit specific files (or --all or even --patch for parts of files). I never want to use the staging area. Can I turn it off?

    1. 13

      When I commit something, I want to see what I have (in git diff) first and then commit specific files (or –all or even –patch for parts of files). I never want to use the staging area. Can I turn it off?

      You can try to adapt your habits and configuration. E.g. you can configure an alias for git add -A && git commit [...] (see https://stackoverflow.com/q/2419249/)

      I wish the staging area didn’t exist.

      I like it.

      It allows for easily splitting the current changes into multiple commits. I often use git add -p to interactively select what should be part of the next commit while keeping everything else around. That can be temporary comments for what I’m going to work on next or just stuff that should be in a separate commit. Sometimes it makes sense to work on a set of changes as one work unit, but structure it differently into review units. To test & commit what is currently staged I can do:

      git stash save --keep-index
      do_my_tests
      git commit -m "Fix foo"
      git stash pop
      

      Even when I want to commit all current changes, I like using git add -p to review them, especially if I have touched multiple files. “Changes in foo.ext? I just did those, stage the whole file (a). Changes in bar.ext? I did those an hour ago, let’s confirm those one by one (y)…”

      (I also use a lot of aliases, so for me git add -p becomes g ap, git stash save --keep-index is g ss, git diff --patience --cached becomes g dc, and so on)

      (I would prefer a consistent use of “staging area” and “staged” everywhere.)

      1. 9

        Agreed. Mercurial gets along just fine without it and is a much easier to use DVCS system.

        1. 1

          I dunno. I’m much more experienced with git; which colours things, but I’ve never got myself into a jam I can’t figure out. I use mercurial for work and I’ve had weird situations I can’t explain where a file content doesn’t match what the commit diff says it should.

        2. 4

          Yes, index/stage interactions with diff only comparing the working tree is one of the biggest git footguns. It makes me only stage files until the absolute end before I commit.

          1. 2

            You can use --verbose flag to git commit to see the diff and list of files below the commit message (it will not be included in commit message). You can even make it default via git config --global commit.verbose true. This should help with such accidental commits.

            1. 1

              … that is the only time one is meant to stage files? Does anyone have a sane workflow that involves running git add but not following soon by git commit?

              1. 3

                I stage something (which could be as small as a single line) as soon as I’m happy with it, and commit when I’m happy with the change as a whole. Often I’ll write a rough version of something, stage it, and then rewrite it to be nicer - but with the safety net of being able to easily undo the change if it’s wrong.

                I guess I could make small commits for this, but then I’d be making tonnes of tiny commits and squashing them before each push, which feels like a lot more work. I like each of my commits to pass tests, but these tiny bits I stage might not even compile.

                Or I might make one large change, then stage and commit bits of it separately if there are multiple logical changes there.

                It does help though that I use magit, which makes staging or unstaging things line-by-line in my text editor trivially simple. I certainly wouldn’t want to go back to using git add / git commit / etc in a terminal.

            2. 4

              But according to documentation if you will do git commit <pathspec> then it will ignore staging area (named index there):

              When pathspec is given on the command line, commit the contents of the files that match the pathspec without recording the changes already added to the index.

              And if you want to be able to review what will be committed, then just use --verbose flag for git commit or set it to be default via git config --global commit.verbose true.

              1. 2

                Thanks for explaining, that is good to know! Yes, I’ve noticed commit now obeys what you say, but it wasn’t always like that, and I didn’t know how to trust it, because I hadn’t seen that explanation.

                I chose to describe the old behaviour, because it deserved mention as a contributing factor in this footgun. I can’t edit my old post anymore, but I can now delete this ingredient in my fear and distrust of the staging area.

                1. 1

                  Well, it seems that it is there since git 2.0 so it is over 7 years now. So I would say, that unfortunately your post is more FUDy than technical.

                2. 2

                  You can also use commit -p to commit just part of your current diff and skip the index.

                3. 3

                  What behavior are you suggesting git add should have? Are you saying this should record file names but not contents so a later commit just includes whatever’s there?

                  1. 8

                    Git add should just git commit --amend to the last dummy commit until you give it a message. Stage is just this weird limbo between being a commit and not.

                    1. 4

                      git add/rm should not even exist: They need to be atomic with the commit to avoid the limbo state, as you say, and that would make sense if they were options to that command: git commit --add/--rm.

                      And git checkout <file> should of course not stage files as a side-effect of restoring them.

                      1. 4

                        Well, actually stage area is exactly that “dummy commit”… So it has exactly behaviour you want. I agree that git diff behaviour could be different, but with your approach it would behave exactly the same as it is doing right now.

                        1. 3

                          You can’t git add some stuff and then switch branches without committing because it’s not a real commit.

                          1. 1

                            Well, how would you differentiate between “dummy” and “real” commit then? How would you prevent it from being pushed to remote?

                            We have git stash that provide similar functionality to what you want.

                            1. 2

                              Many good options here:

                              1. Don’t distinguish at all, if you run git push with changes “staged” they get pushed.
                              2. Don’t distinguish at all, but don’t update the branch ref until you run the new and more minimal “git commit”. If you try and run git push with changes staged, there is no altered branch to push. (Probably add a new tag along the lines of branchname#staged so you can go back to it)
                              3. Just add a flag to the commit header, if you feel the need to distinguish (but why?)
                              1. 1
                                1. Then how to differentiate in git add whether create new “dummy commit” or “append to existing dummy commit”?
                                2. As above, but additionally how to detect which commit is the “dummy commit”?
                                3. How to differentiate between flag and user-entered value in the “dummy commit”?
                                1. 1
                                  1. “dummy commit” is a sidetrack in my opinion. python -c 'import this' | grep Explicit

                                    git commit --add README.md # Creates a new commit
                                    git commit --amend --add main.c # Adds to the same commit
                                    

                                    If you ask me, I’m not talking about changing git add, but rather deprecating it and the whole staging area.

                                  2. Sounds stateful (might defeat the purpose)

                                  3. If you could have multiple “staged” commits on a branch, meaning unpushable, that would solve some real workflow issues, at least for me, like having to count how many commits not to push in order to push one commit (e.g. git push HEAD~42:master). No idea about implementing that flag, though.

                                  1. 1

                                    Ad 1. It is how it works today (well, you do not need --add flag). I love staging area, I really like that concept and I miss it in other tools.

                                  2. 1
                                    1. This changes the workflow to commit then add instead of add then commit. Creating a new commit is still a separate command
                                    2. The dummy commit is head. Committing dummy commit to a real commit probably implicitly creates a new dummy commit in the porcelain.
                                    3. I don’t see the issue. The flag is another metadata field (like signature) distinct by definition…
                                2. 2

                                  git add amends the current commit if it has no message. If the current commit has a message, it creates a new commit with no message. git add --amend could be the command to edit a commit after its message has been set.

                                  Stash is useful but basically shouldn’t exist as is. That is does is a flaw in git’s model. Instead git stash could just make a nameless commit on the current branch and then set some flag somewhere so that the next “cherry-pick” command will pick up the commit you just made. There can be some list of commits that were stashed that the tool can pick up on.

                          2. 1

                            This is the approach I took in git9. It works well for me.

                            1. 2

                              How do you manage partial updates? When for example I want to add only some changes and ignore others.

                              1. 1

                                I don’t think this is a good workflow. How do you run tests against your partial updates?

                                1. 2

                                  In many cases I do not need to, as these are for example minor configuration changes to make it work with my environment. In other cases these are minor documentation/comments. In other cases I split my work into separate parts after longer period without commit. In all of these cases I have CI that test my partial updates.

                                  1. 2

                                    Regardless: it’s not supported, and not particularly missed. The staging area adds a bunch of unnecessary state and complexity to both the mental model of the repository, and the implementation.

                                    It’s a feature that I don’t find pulls it’s weight.

                        1. 1

                          Maybe also your IntelliJ installation is just messed up?

                          Java example: https://imgur.com/a/S4C59p0

                          Sorry for the name change, but my demo project already had Foo.java, but it changes nothing if I also rename “int foo;” to “int lol;” in bar.

                          1. 1

                            Yes, but notice how baz (which is a string and couldn’t possibly be useful) is ranked above booze and boop; it has no confidence in the latter two, it’s just showing them because they’re members of Bar.

                            If you ask for completion earlier, it only shows the two members.

                            1. 5

                              which is a string and couldn’t possibly be useful

                              What if you wanted to write bar.baz.length()?

                          1. 13

                            Chips that end up in CMP products can not end up in GeForce products. CMP products have significantly less resale value on eBay during the next crypto downturn. This is not to protect Gamers from scalpers and miners, this is to ensure Nvidia will not lose potential customers to a flood of second hand GPUs.

                            1. 6

                              I’m really intrigued by these devices. I’ve heard a lot of good things about them, but the thing that’s putting me off is that you seem to have to use their cloud service to sync PDFs and notes, and the hand-written stuff seems to use a proprietary format.

                              There’s also a reviewer on YouTube called “My Deep Guide” who loves the rM2 but he has some valid criticisms of the software not being as good as the hardware, especially compared to competitors.

                              1. 4

                                I’ve refused to connect my device to their cloud and have had no problem - it is a bit unfortunate that this means losing the handwriting recognition, but everything else I care about works just fine.

                                You can sync files over usb, the remarkable pretends to be a network adapter and serves a webpage on 10.11.99.1 which you can drag files onto/off of. I’ve also sshed into the device and created a script to back it up with restic (just a normal piece of backup software, not remarkable specific) ;)

                                The hand written notes format is proprietary, but it’s simple and has been reverse engineered. It’s not hard to export the notes to another format.

                                I’d generally recommend it, as long as you understand it as “paper + pdfs printed onto paper + bare bones linux” and not anything more.

                                1. 2

                                  This section is titled “jailbreak,” which is actually a bit of misnomer because the reMarkable runs Linux and you can ssh into it with ease.

                                  1. 3

                                    I’m not sure how that really makes it a more usable device. Instead of being able to plug it in with a USB cable and sync files as a removable drive, I have to put it on the network and use a non-standard feature?

                                    1. 3

                                      You can plug in a USB cable, it just shows up as a network interface instead of as a storage device. It’s probably not the most usable option, but it does make it easier to see and interact with the device as a computer instead of as a fancy flash drive.

                                      1. 3

                                        When you connect a reMarkable to your computer via USB, the computer sees a USB network adapter. Then use DHCP or set an IP manually for that adapter. Usually the reMarkable will use 10.11.99.1 for itself and 10.11.99.2 for “your side”.

                                        So even when you use USB, you can ssh into it.

                                        1. 1

                                          I would check out the Awesome list, specifically the APIs and Cloud Tools sections. I also use scp fairly often to just grab the files directly, or even export them using the app.

                                          I’ll check out “My Deep Guide,” I haven’t really read many reviews of the device myself. I’m also not really aware of any competitors?

                                    1. -1

                                      Finally some good news.

                                      Good to know that Microsoft finally went open source … not intentionally but still.

                                      The ReacOS developers could not be more happy I think - to have ready to use/read reference instead of doing time consuming reverse engineering :)

                                      1. 16

                                        The source code is still under copyright even if it was leaked, so that would seem ill advised at best.

                                        1. 9

                                          Emulator and clone OS developers tend to run like the plague from this kind of thing.

                                          1. 8

                                            I’m not sure ReactOS developers want to provoke more accusations like this: ReactOS ‘a ripoff of the Windows Research Kernel’, claims Microsoft kernel engineer

                                            1. 7

                                              ReactOS people once halted the development for over a year to make sure there is no ill-gotten code in their repository, where code obtained by disassembling any Microsoft binary was considered just as illegal as leaked source code.

                                              They take the “cleanroom” part very seriously.

                                              Anyway, Windows XP API/ABI support in ReactOS is already very good. The real difficulty with using ReactOS as a free Windows alternative is that it doesn’t support anything beyond the Windows XP ABI, while all new software is now built with the Vista/7 ABI in mind. No modern toolchain, free or non-free, has an option to target WinXP anymore.

                                            1. 10

                                              I submitted this because this is the second time in the week I’ve seen other posts recommending moving the sshd listening port to an unprivileged port and I think this is always a terrible idea.

                                              1. 43

                                                Now, back to SSH: when we start SSH on port 22, we know for a fact that this is done by root or a root-process since no other user could possibly open that port. But what happens when we move SSH to port 2222? This port can be opened without a privileged account, which means I can write a simple script that listens to port 2222 and mimics SSH in order to capture your passwords. And this can easily be done with simple tools commonly available on every linux system/server. So running SSH on a non-privileged port makes it potentially LESS secure, not MORE. You have no way of knowing if you are talking to the real SSH server or not. This reason, and this reason alone makes it that you should NEVER EVER use a non-privileged port for running your SSH server.

                                                The author is suggesting trusting port 22 because it is a “root” process.There is a “way of knowing if you are talking to the real SSH server or not”, and it’s actually one of SSHs features since its first release. I would trust any port, no matter the “privilege level” required to listen on that port, for a single reason: I trust the SSH server based on its fingerprint, not on its listening port; and I know that my server’s key data is only readable by root, it has been like this in almost all SSH default installations for the last 20 years.

                                                Now, let’s pretend you STILL want to move the port away because you get so many attacks on your SSH port. First of all: are you able to logon as root? If so, fix that now. Secondly: are you using passwords? If so, fix that now and change into public key authentication.

                                                I want to move the port away because of the insane amount of traffic that I have to pay for (if I rent a server, VPS, or anything similar which bills me on network egress/ingress). Disabling password access (for any user) will not make dumb port scans and SSH fingerprinters stop looking at my SSH banner and then decide, based on this information, to just try out username/password combinations, even when my server rejects this authentication method.

                                                The rest of the arguments are personal opinion.

                                                1. 8

                                                  Besides, by this reasoning creating a connection to the many many services that run on port >1024 is a bad idea too. Connect to MySQL on 3306? Oh noes! Have your app run on localhost:8080 and a proxy on *:80? Oh noes!

                                                  1. 3

                                                    Please move your MySQL port to 306 and launch MySQL as root.

                                                    1. 1

                                                      call me crazy but I don’t think “you risk an attacker accessing your database” and “you risk an attacker having a shell to do whatever they want” are really equivalent.

                                                      1. 1

                                                        Well, the DB in most cases have much more value to the attacker than your machine, so I would say, that from the pragmatic viewpoint, DB is more likely to be targeted.

                                                    2. 8

                                                      the insane amount of traffic that I have to pay for

                                                      how much money per month do you estimate you were paying for to handle traffic from people attempting to ssh into a given node?

                                                      1. 3

                                                        About 2 euro cents a month, per host.

                                                        1. 1

                                                          the question is: how many resources of concurrent connections does this take, which are completely unnecessary and are filling your logs

                                                          1. 3

                                                            Clearly not enough to make log tuning worthwhile.

                                                            A lot of these blanket statements ignore the fact that action or inaction is perfectly reasonable dependent on threat model. But of course, most people making blanket statements aren’t applying a threat model when doing so.

                                                        2. 6

                                                          This was basically what I was going to say.

                                                          If a server can somehow knock down sshd, listen on the same unrestricted port, they still would have to present the appropriate hostkeys.

                                                          Even then, LSM’s like SELinux, etc can put restrictions on who can name_bind on any port you want. only caveat is that you have to write the policy for it. I am strongly against the >1024 privileged ports restriction in the era of LSMs.

                                                          1. 1

                                                            I am strongly against the >1024 privileged ports restriction in the era of LSMs.

                                                            Can you expand?

                                                            1. 1

                                                              With LSM you can disable opening any port by all applications and then allow opening ports per application. So on server it allows for much greater security, as you can directly list which application will be able to open connections (and even make it so no port requires super user, as application/user combo will be handled by LSM).

                                                              1. 1

                                                                This is an argument for LSM-based port binding policies, not against the <1024 requires root policy. Unless the two are mutually exclusive?

                                                                1. 1

                                                                  Not exclusive, but even with LSM allowing the usage of port <1024 you still need to run given program as root. So all you gain is more complexity instead of simplification

                                                          2. 2

                                                            I trust the SSH server based on its fingerprint

                                                            I very rarely know the fingerprint of a server before connecting to it.

                                                            For my most commonly used hosts, I can look it up with a little bit of work (sourcehut, github, gitlab) but of those, only github made it easy to find and verify. For a lot of hosts in a corporate cloud though, the instances are torn down and replaced so often that host-based keys are essentially meaningless.

                                                            1. 7

                                                              If you’re not verifying host keys, you’re basically trusting the network - but you don’t, otherwise you could use telnet instead of ssh.

                                                              Maybe look into SSH host key signing, so you just need one public signing key to verify that the host has been provisioned by a trusted entity.

                                                              1. 3

                                                                It is also possible to use ssh with kerberos. Then you know that the server is the correct one. Even without ssh-fingerprints.

                                                              2. 5

                                                                You should really start checking the fingerprints. Ignoring that crucial step is how you get hacked. There are way more attack vectors than you can think of. An attacker could get in, for example through your jobs documentation intranet and modify an ip on a document. Or for example, if a DNS server of yours is compromised. If you use password authentication in these situations, you are essentially let the attacker in all servers you have access to.

                                                                Other comments already pointed out viable solutions. You should adopt one of them or simply start checking the fingerprints. What you are doing is dangerous.

                                                                1. 6

                                                                  The “implied trust on first use”-model works well enough for many – though perhaps not all – purposes. It’s the “host fingerprint changed”-warning that provides almost all of the security.

                                                                  1. 2

                                                                    Most of the security no doubt. Almost all… That is debatable. If something happens once every 1000 would you not care to protect against it because you already provided 99.9% of the security?

                                                                    What security is in essence, is accounting for the unlikely yet exploitable cases. You look at that attack vectors as a corner case until it is not a corner case anymore. This is how security threats evolve.

                                                                    1. 1

                                                                      The thing is, what is the attack vector here, and how do you really protect from it? In your previous post you mentioned modifying the internal documentation to change the IP; but where do you get the host key? From the same internal documentation? Won’t the attacker be able to change that, too?

                                                                      You can use SSHFP records; but of course an attacker can potentially get access to the DNS too, as you mentioned.

                                                                      The thing is that good distribution of these fingerprints is not a trivial problem if you’re really worried about these kind of attacks. Are they unfeasible? Certainly not, and if you’re working for a bank, CA registrar, or anything else that has high security requirements you should probably think about all of this. But most of us don’t, and the difficulty of pulling all of this off effectively is so high that most of us don’t really need to worry about it.

                                                                      We don’t lock our houses with vault doors; a regular door with a regular lock is a “good enough” trade-off for most cases. If you’re rich you may want to have something stronger, and if you’re a bank you want the best. But that’s not most of us.

                                                                      1. 1

                                                                        The attack vector is making you believe you are initially trusting the host you think you know, but it is in fact another host.

                                                                        But you are right, it you misguide a user into connecting to another host, you could also show him another fingerprint and trick them into believing itnid legit too. Fingerprints are just a huge number usually displayed as an unintelligible string of chars. It’s not like the user recognise them by heart.

                                                                        I do check them if I change computer, or if l connect to a knowm machine I ask a coleage to verify it. But I’ll agree that it.s a trade off and that maybe it.s ok for most people to just trust.

                                                            2. 3

                                                              I think this post and discussion around it is a waste of time. Right now, wasting my time. But I wanted to come here and proclaim in spectrum of terrible ideas, it doesn’t even register. Do you have scale that starts at terrible and then just goes to some k multiple of terrible?

                                                              I moved my ssh port in like 2002 (the year) , and you know what, I no longer had to see 150+ log messages a day about failed logins, it went to zero. Like 1-1. Mission Accomplished.

                                                              Please enumerate all the other terrible ideas I shouldn’t follow, might be a good list.

                                                              edit, btw, I am just poking good terrible fun at you.

                                                            1. 3

                                                              I got mine about two weeks ago. I paid 400 EUR (500 minus 50 black friday deal minus 50 for refurbished instead of new) plus 80 EUR for the protective sleeve. In hindsight I consider 80 for the sleeve quite expensive, although it fits the device really well. The sleeve also smelled like a glue factory for a day. I could not tell that the device was refurbished instead of new.

                                                              Previously I’ve only used my Lenovo X220 Tablet (Laptop with rotatable display) for electronic note taking. The display resolution wasn’t an issue (1366x768), as the Wacom stylus input has a much higher resolution and xournal supports that. However, the device is way too thick and heavy. Also the digitizer is quite inaccurate near the edges. And it’s a bit annoying to switch between normal use and note taking. So I only used it for note taking in a few university lectures some years ago and went back to paper after that.

                                                              Back to the reMarkable: I really like it. I only use it only for taking. For me it feels absolutely natural to take notes on it. The latency is low enough to not notice it at all. Also it’s nice that the e-ink display is not a glowing light like a regular display.

                                                              With real paper my issue often was that I either mixed too many different things in the same notebook or I had to shuffle around too many notebooks. Usually my notes were quite messy with many crossed out sections on a single sheet. So for me the killer feature is the ability to organize my notes into files and folders and the ability to incrementally refine my notes. I can erase things that are no longer relevant, rewrite small sections, move text around (within the same page) or move pages from one file to another.

                                                              I have not created an account and I don’t plan to use their cloud. Even if I trust them, I can never be sure that their cloud is properly secured. I just use ssh and tar to create backups (either over Wifi or USB (device shows up as a network device (usb0) and is assigned an IP via DHCP), password is shown in Settings -> About)

                                                              Their update strategy is a bit annoying, as they release them in batches. If you’re unlucky you read on reddit about new features but have to wait a few weeks until your device id is eligible for the newest update. Also copy&paste from one page to another is still a missing feature - I really hope they are going to add that soon. Also it would be nice to have some feature to quickly switch between the 5 most recent files.

                                                              Battery life: I estimate 2-3 days, but I always recharge after a day of heavy use.

                                                              I would have preferred USB-C or mini-USB over micro-USB, as those are usually more robust, but that’s a minor nitpick.

                                                              User indirection said it’s overpriced compared to paper notebooks. My take on that is: It is, if you’re somewhat organized and your notes need little refinement/rework.

                                                              For me, however, it has been really helpful for organizing my thoughts and prioritizing tasks when I can start out with absolutely messy notes that I can gradually refine. It helped me tremendously to stay motivated and finally tackle some legacy projects in need of attention - I made more progress in the last two weeks than the previous month.

                                                              1. 1

                                                                Summary, if I understand this correclty: For some Intel CPUs, conditional jump instructions ending at or crossing cache line boundaries can lead to unpredictable behavior. To fix this, Intel released microcode updates that detect such cases and disable caching for those situations. This impacts performance. To “fix” this, Intel has released patches for GNU Assembler to insert mitigations.

                                                                Wow!

                                                                1. 4

                                                                  How about a dropdown menu (like the downvote dropdown) with both + e.g. Google cache and others?

                                                                  1. 3

                                                                    The Stallman katamari is a great example of this, spawning additional vitriol that leaked into other threads.

                                                                    Yes, because some users on the website did things such as allude to blaming Stallman’s apologia for pedophilia on autism. Such things make people upset, for obvious reasons.

                                                                    Like many other users, I exclusively use lobste.rs for keeping up with technology and technology news. Why?

                                                                    TechCrunch.

                                                                    This is a news website. Not a discussion forum, and not an aggregator of news sources.

                                                                    /g/ on 4chan.

                                                                    Yes, because blaming pedophilia on autism isn’t good enough, we all need our fair share of racial slurs too.

                                                                    Ars Technica. The Daily Beast. El Reg. The New York Times. Wired. Vox. Vice.

                                                                    Every one of these is also a news website and not a discussion forum or news aggregator.

                                                                    Youtube comments.

                                                                    Nobody has ever has a continued quality discussion in Youtube comments. Maybe it’s because Youtube is not a forum.

                                                                    The Orange Site.

                                                                    This website is ran by a business with vested interests and has had a lengthy, horrific record with closed-door moderation.

                                                                    Reddit.

                                                                    Lobste.rs was opened as a direct reaction to Reddit and HN. Why? The reason stated above, and throughout the development of the website, an important feature which has historically distinguished its community from the one-upsmanship and frivolity of Redditor discourse, was the absence of down-votes.

                                                                    Many comments below boil down to the ridiculous

                                                                    I want technical content so I don’t mind seeing the culture flag go away.

                                                                    The entire reason that tags were added to the website was so that you can mute the things you don’t want to see. I came here for Ruby content so I wouldn’t mind seeing the javascript flag go away!

                                                                    Previously on this website, I rarely have seen posts discussing poor behavior of public FOSS figures get spammed (incorrectly) with “off-topic” because the people downvoting don’t want to see posts about the tech community [1] [2]. How could this not be relevant to a tech forum? This phenomenon of downvoting any such discussion as “off-topic” is new to me, and I’m curious where these people are coming from, and why they think it’s ok to abuse the website in this fashion.

                                                                    1. 3

                                                                      blaming pedophilia on autism

                                                                      That’s not what I wrote or stated, and the quality of conversation here is going to be higher if you can accurately represent opposing viewpoints–otherwise we just end up wasting a lot of time with back-and-forth talking past each other.

                                                                      <large number of “It’s a news site, not a forum!” claims>

                                                                      You overlook that every story, or almost every story, on those sites has a large comments section built in to those sites for discussion. In the case of Ars Technica, there is explicitly a forum.

                                                                      The reason stated above, and throughout the development of the website, an important feature which has historically distinguished its community from the one-upsmanship and frivolity of Redditor discourse, was the absence of down-votes.

                                                                      This misrepresents history. Lobsters has had downvotes going back at least five years, not including the time jcs removed them, which in turn caused trouble.

                                                                      why they think it’s ok to abuse the website in this fashion.

                                                                      That’s the same question motivating the proposal to remove the culture tag. It’s one thing to post, say, a retrospective on online communities in 1994. It’s another thing to echo a public call for shaming and dismissal.

                                                                      1. 1

                                                                        That’s not what I wrote or stated

                                                                        It’s what myself and the user responding directly below your post took from it. You never responded nor rebutted to that post, so I assumed that it was accurate.

                                                                        You overlook that every story, or almost every story, on those sites has a large comments section

                                                                        Yes, and a comments section is not a community. It’s nonsensical to equate the two. I didn’t know that Ars Technica specifically actually has a forum, but I can say confidently that it’s likely not the sort of community topic-wise I’m interested in participating with personally.

                                                                        This misrepresents history. Lobsters has had downvotes going back at least five years

                                                                        You also should accurately represent what I said. I never said that Lobsters was launched without downvotes. I was in the discussion about the UI for replacing them! What I was saying (“throughout the development of the website”) is that this is a feature that many have considered a great distinguishing quality of Lobsters over other forums through the majority of its lifetime.

                                                                        It’s another thing to echo a public call for shaming and dismissal.

                                                                        I will concede that this isn’t what I’m interested in, because while personally the call to simply remove any sort of cultural discussion of our profession from the website has upset me, and at times my comments simply suck, I believe strongly that completely removing culture from the website topics essentially because of the stalling man thread is a mistake and overreaction primarily because it’s long been a lively tag with lots of great posts and discussions, and it would be a shame to see an end put to it now. Yes, any sort of discussion about individuals should be navigated carefully, but it’s just a fact that any forum will see its own apocalypse moment when something smelly eventually hits the fan, and removing the culture tag would essentially end up just being just an attempt to dodge this sort of inevitability in a growing forum by walking back on the potency of topics covered.

                                                                      2. 2

                                                                        Previously on this website, I rarely have seen posts discussing poor behavior of public FOSS figures get spammed (incorrectly) with “off-topic” because the people downvoting don’t want to see posts about the tech community [1] [2]. How could this not be relevant to a tech forum? This phenomenon of downvoting any such discussion as “off-topic” is new to me, and I’m curious where these people are coming from, and why they think it’s ok to abuse the website in this fashion.

                                                                        The examples you present are about persons and their behavior when directly working with them on software/technology. The first one at least looks like the author was trying to present the situation in a reasonable manner, despite being directly affected. The second is focused on how to do better.

                                                                        At least for me, in the RMS drama the core issue was not about technology or people dealing with each other in that context. It also didn’t help that some reports seemed to be focused on maximizing impact while not being too concerned with accuracy. On this site, I would have preferred to only see the resignations as submission, and the story behind those only referenced in comments.

                                                                        1. 1

                                                                          I don’t disagree that the RMS threads were a perfect storm of garbage, although I feel this was aggravated by the confusion of the merges. However, I wouldn’t say we should simply limit ourselves to just talking about the behavior of public figures while they are specifically working on technology, because under this limit this website wouldn’t have permitted posts about the Reiser story, were it to occur while this website existed. I think the litmus test should be impact on the technology world, and we could probably both agree that the head of the FSF resigning is pretty far up there.

                                                                      1. 11

                                                                        TL;DR: A perfectly fine ext4 commit exposed an issue elsewhere in the kernel. This resulted in problematic system behaviour and had to be reverted.

                                                                        The original commit avoids large numbers of small I/O requests. Less I/O resulted in less entropy being available for the getrandom() syscall. At least for some Arch Linux system, systemd was using getrandom() during boot, which waited for entropy, but there was no other I/O to fill the entropy pool again.

                                                                        The proper fix (for getrandom()) needs more discussion, so the ext4 commit needs to be delayed until then.

                                                                        edit: related: https://lobste.rs/s/okrclo/linux_getrandom_boot_hangs

                                                                        1. 6

                                                                          To be precise, systemd isn’t the issue. Systemd has a target which purposefully waits for the crng to be initialized, and that doesn’t block the boot; it just looks suspicious in logs, which is why it got blamed. The real issue was that gnome-session blocked on getrandom.

                                                                          See https://lore.kernel.org/linux-ext4/20190915065142.GA29681@gardel-login/ where Pottering explains why Linus was incorrect in blaming systemd-random-seed, and https://lore.kernel.org/linux-ext4/CAHk-=wjPDR6_crhmvaoXDo8q6Joz5rD02bZpd2x9rr-LazPxRA@mail.gmail.com/ where Linus acknowledges that systemd is blameless and that the issue is that something is blocking to generate a cookie for X.

                                                                          EDIT: Also, fwiw, at https://lore.kernel.org/linux-ext4/20190915084802.GB29771@gardel-login/, Lennart describes why systemd doesn’t default to telling the kernel to account for the randomness from systemd-random-seed, which is what your linked article is complaining about. I don’t know it you agree with his reasons, but it’s good to realize it’s not just a bug or something they didn’t know they should’ve done.

                                                                            1. 4

                                                                              That’s an impressive URL slug.

                                                                          1. 21

                                                                            I definitely share the sentiment. On the other hand it feels bad to make an analogy to the Onion article which is about gun violence.

                                                                            1. 11

                                                                              Considering the real-world implications of this sort of technical irresponsibility (which include things like “airplanes crashing out of the sky and killing 600+ people”), I think this is entirely the analogy that needs to be made more often.

                                                                              It terrifies me that more people in the IT industry don’t realise the real-world implications for their decisions :/

                                                                              1. 16

                                                                                airplanes crashing out of the sky and killing 600+ people

                                                                                I’m not especially impressed with npm either, but I don’t think it’s causing airplanes to fall out of the sky?

                                                                                1. 2

                                                                                  NPM isn’t directly responsible for causing airplanes to fall out of the sky because it’s not being used in obviously-critical / life-or-death systems. The most it can do is ruin lives and thus kill people indirectly (ex., by presenting an attack surface by which bank accounts can be drained, or by being so bloated that, when deployed at scale, it heats up the atmosphere enough to be responsible for the death of a few hundred people from flooding or migration-related-violence somewhere down the line).

                                                                                  As a general policy, though, treating software problems as potentially fatal (the way we treat law problems as potentially fatal) is pretty reasonable. Anything deployed at scale has the potential to kill indirectly, and everything deployed at google- or facebook-scale probably has. Nothing is preventing individual software engineers from considering these cases, aside from taboos against reminding us of their possibility.

                                                                                  1. 2

                                                                                    The most it can do is ruin lives and thus kill people indirectly

                                                                                    I know someone who works in health informatics, where they provide web-based applications for patient management to hospitals. At least once they had a bug that caused allergy warnings to show up on the wrong patient’s record (such that a nurse might not know that you’re allergic to latex or penicillin). That absolutely could kill someone.

                                                                                2. 8

                                                                                  It terrifies me that more people in the IT industry don’t realise the real-world implications for their decisions :/

                                                                                  Often, the response to pieces like this tends to be a sort of reckless naivete: “what’s this guy’s problem? They can just fix it!” I think there’s a subconscious belief that the community will self-correct after each breach. This belief ends up being something of a thought-killer because it cuts off thoughts of, “but why did it ever happen in the first place?” My guess is those thoughts are seen as a bit negative/taboo, because obviously the community would never all be wrong about something!

                                                                                  I’m not sure what the cure for lackadaisical developers is, other than avoiding massively popular ecosystems just to have a better shot at being around people that care.

                                                                                  1. 6

                                                                                    The Canadian practice of the Iron Ring ceremony echos your very important point. https://en.m.wikipedia.org/wiki/Iron_Ring

                                                                                    1. 2

                                                                                      While surely virtuous, I doubt this ceremony (And any feel-good manifesto that gets posted here every now and then) have noticeable impact on how engineers deal with the real-world implications of their decisions. Oaths are nothing but fluff when there are no actual controls and consequence.

                                                                                      1. 3

                                                                                        I think that, as you suggest, the ceremony definitely does not usually result in software engineers feeling the weight of their decisions. I would hope and expect that it does feel that way for, for example, civil engineers. I also think we need to all take responsibility for moving our profession in the direction of greater accountability. We should live in a world where software engineers take this stuff seriously, and taking it seriously as individuals is one important way we can work towards that.

                                                                                  2. 5

                                                                                    The implication here is that it’s the result of a systemic flaw that is ultimately preventable.

                                                                                    1. 12

                                                                                      I think the point jjmalina is making is that it’s in poor taste to compare a JavaScript packaging problem to an act of wanton, unspeakable violence.

                                                                                      1. 19

                                                                                        wanton, unspeakable violence.

                                                                                        So, webpack?

                                                                                        1. 2

                                                                                          A satirical article by the onion (which is the comparison being made) is not an act of violence in any way, shape or form.

                                                                                          1. 3

                                                                                            The comparison is not between ‘a JavaScript packaging problem’ and ‘a satirical article by the onion’. The comparison is between ‘a JavaScript packaing problem’ and ‘gun violence’. (Both expressed in the form of satirical articles.)

                                                                                      2. 5

                                                                                        This was exactly my reaction and put me off from reading the article. For those who recognize the allusion, it’s very much a false equivalence to compare CI/CD failures to actual loss of human life. The Onion’s article is a biting satirical commentary on a tragic systemic failure of American culture and legislative bodies. This article is about NPM being insecure. Distasteful.

                                                                                        1. 2

                                                                                          I just see it as a pattern for a joke. A knock-knock joke can either be a completely harmless joke that a child would say, or an adult could come up with a terribly offensive one.

                                                                                        1. 1

                                                                                          What in this image indicates a MITM attack?

                                                                                          1. 5

                                                                                            If I interpret it correctly, atlas.ripe.net has a probe somewhere in KZ, and this probe tried to establish a connection with a facebook server. The other end of the connection basically said: “Hello, this is Facebook. Of course we can prove you’re directly talking to us. See this certificate.” - The problem is, this certificate is not signed by “DigiCert Inc” from “US”, which a standard browser should be able to verify on its own. Instead the fake-facebook certificate was signed by “No Data” from “KZ”, which your browser will only accept if you manually install that strange root certificate the KZ government wants you to install.

                                                                                            1. 4

                                                                                              Uhm, the fake cert? ;)

                                                                                              To clarify, it’s not a MITM attack in the normal sense. It’s a government mandating people to install fake certs on their devices so that the government can spy on them.

                                                                                              1. 3

                                                                                                It is an attack, because they are redirecting traffic to go through their servers, which then present a fradulent certificate that chains up to the government certificate.

                                                                                                1. 1

                                                                                                  And yet, it is a democratic republic of 18 million people. If it can happen there, it can happen anywhere. Government mandated security certificates imposed on its citizens is equivalent to a MITM attack if enforced by law.

                                                                                                  1. 14

                                                                                                    And yet, it is a democratic republic of 18 million people.

                                                                                                    Worth noting from Freedom House:

                                                                                                    President Nursultan Nazarbayev has ruled Kazakhstan since 1991. Parliamentary and presidential elections are not free or fair, and all major parties exhibit political loyalty to the president. The authorities have consistently marginalized or imprisoned genuine opposition figures. The dominant media outlets are either in state hands or owned by government-friendly businessmen. Freedoms of speech and assembly remain restricted, and corruption is endemic.

                                                                                                    While it is a democratic republic in name, it differs considerably from what I think we all imagine when we hear those words.

                                                                                                    1. 2

                                                                                                      Nazarbayev has stepped down as president as of 19 Mar 2019:

                                                                                                      https://en.wikipedia.org/wiki/Nursultan_Nazarbayev

                                                                                                      1. 7

                                                                                                        https://astanatimes.com/2018/07/kazakh-president-given-right-to-head-national-security-council-for-life/

                                                                                                        He was made lifetime chairman of the national security council and its powers expanded on his appointment

                                                                                                        The decisions of the security council and the chairman of the security council are mandatory and are subject to strict execution by state bodies, organisations and officials of the Republic of Kazakhstan

                                                                                                        I’d imagine things haven’t changed all that much.

                                                                                                        1. 3

                                                                                                          Agreed, the relinquishing of the presidency looks like window-dressing to me.

                                                                                                          (Edit: clarification)

                                                                                                    2. 4

                                                                                                      It is neither democratic nor a republic.

                                                                                                1. 1

                                                                                                  OMG, was expecting some “Quick API” paragraph at the end. Sounds like I’ll have to resort to RSS to create a Lobste.rs app.

                                                                                                  1. 5

                                                                                                    Users have made Lobsters apps in the past. Here are four, I’m not sure this is a complete list:

                                                                                                    It’s clearly possible to write a client for lobste.rs. There are also protocol gateways, specifically for Gopher.

                                                                                                    Sounds like I’ll have to resort to RSS to create a Lobste.rs app

                                                                                                    We’re in control of the stack from the sand (silicon) up. There isn’t a reason to “resort” to anything. If you need a missing feature put it where it belongs.

                                                                                                    1. 1

                                                                                                      Alas, I’ve lost the link, but there’s also a cool hack that replaces a Nintendo cartridge with a “dynamic” rom to achieve graphics beyond the reach of the original hardware.

                                                                                                          1. 1

                                                                                                            Yes! I didn’t remember it seeing it on YouTube, but now I realize why: I saw it in person at deconstruct.

                                                                                                        1. -1

                                                                                                          It appears like every other Unix shell, it is next to impossible to pipe stdout and stderr independently of each other.

                                                                                                          1. 9

                                                                                                            ?

                                                                                                            bash:

                                                                                                            $ fn() { echo stdout; echo stderr >&2; }
                                                                                                            $ fn 2> >(tr a-z A-Z >&2) | sed 's/$/ was this/'
                                                                                                            STDERR
                                                                                                            stdout was this
                                                                                                            

                                                                                                            Perhaps one could argue the syntax is somewhat cumbersome, but far from impossible…

                                                                                                            1. 3

                                                                                                              dash / POSIX sh:

                                                                                                              $ fn() { printf 'stdout\n'; printf 'stderr\n' >&2; }        
                                                                                                              $ fn
                                                                                                              stdout
                                                                                                              stderr
                                                                                                              $ fn 2>/dev/null
                                                                                                              stdout
                                                                                                              $ fn >/dev/null
                                                                                                              stderr
                                                                                                              $ (fn 3>&1 1>&2 2>&3) | tr a-z A-Z  
                                                                                                              stdout
                                                                                                              STDERR
                                                                                                              $ ( ((fn 3>&1 1>&2 2>&3) | tr a-z A-Z) 3>&1 1>&2 2>&3 ) | sed -e 's/std//'
                                                                                                              STDERR
                                                                                                              out
                                                                                                              
                                                                                                              1. 1

                                                                                                                Yes, but I never understood the whole “shuffle file descriptors” thing in sh. I mean, why can’t I do:

                                                                                                                $ make |{ tr a-z A-Z > stdoutfile } 2| more

                                                                                                                What does “3>&1 1>&2 2>&3” even mean? That last example I can’t even make sense of.

                                                                                                                Then again, I don’t manage a fleet of machines—I’m primarily a developer (Unix is my IDE) and really, my only wish is a simple way to pipe stderr to a program like more. And maybe a sane syntax for looping (as I can never remember if it’s end or done and I get it wrong half the time).

                                                                                                                1. 1

                                                                                                                  Think of it as variable assignment. Descriptor3 = Descriptor1; Descriptor2 = ..., so it’s just a three way swap of stderr and stdout.

                                                                                                                  If you want to be strict about it, the second to last example is incomplete as “stdout” was printed on stderr and “STDERR” was printed on stdout. In the last example the swap is reversed, so that I can run sed on the “real” stdout.

                                                                                                                  If you wonder why the order of the two output lines did change: it was never guaranteed to be in any order.

                                                                                                                  1. 1

                                                                                                                    Why? It seems pointless. And that still doesn’t do what I would like to do—pipe stdout and stderr to separate programs per my made-up example.

                                                                                                            2. 5

                                                                                                              Not only it is possible, but it’s also possible to send/receive data on multiple, arbitrary file descriptors, unlike with POSIX shell (dunno about bash). For example:

                                                                                                              pout = (pipe)
                                                                                                              perr = (pipe)
                                                                                                              run-parallel {
                                                                                                                some_command > $pout 2> $perr
                                                                                                                pwclose $pout
                                                                                                                pwclose $perr
                                                                                                              } {
                                                                                                                cat < $pout >&2
                                                                                                                prclose $pout
                                                                                                              } {
                                                                                                                cat < $perr
                                                                                                                prclose $perr
                                                                                                              }
                                                                                                              
                                                                                                              1. 3

                                                                                                                Just to complement what @nomto said, note that in Elvish this can be easily encapsulated in a function (see https://github.com/zzamboni/elvish-modules/blob/master/util.org#parallel-redirection-of-stdoutstderr-to-different-commands-1), so you can then do something like:

                                                                                                                > pipesplit { echo stdout-test; echo stderr-test >&2 } { echo STDOUT: (cat) } { echo STDERR: (cat) }
                                                                                                                STDOUT: stdout-test
                                                                                                                STDERR: stderr-test
                                                                                                                
                                                                                                                1. 1

                                                                                                                  Bash can sorta do it. They still need to be backed by “real” “files”, so you’d have to do mkfifo to get close to what your example is.

                                                                                                                  1. 2

                                                                                                                    That’s rather clunky, having to create a fifo means that you may leak an implementation detail of a script. I was stumped by this when I wanted to use gpg --passphrase-fd to encrypt data from STDIN: having to go through a fifo a security risk in that case.

                                                                                                              1. 9

                                                                                                                Want to find the magical ffmpeg command that you used to transcode a video file two months ago?

                                                                                                                Just dig through your command history with Ctrl-R. Same key, more useful.

                                                                                                                (To be fair, you can do this in bash with history | grep ffmpeg, but it’s far fewer keystrokes in Elvish :)

                                                                                                                Sorry, what? Bash has this by default as well (At least in Ubuntu, and every other Linux distribution I’ve used). ^r gives autocomplete on history by the last matching command.

                                                                                                                1. 10

                                                                                                                  I hoped I had made it clear by saying “same key”. The use case is that you might have typed several ffmpeg commands, and with bash’s one-item-at-a-time ^R it is really hard to spot the interesting one. Maybe I should make this point clearer.

                                                                                                                  1. 6

                                                                                                                    That’s handy, but it is easy to add this to bash and zsh with fzf:

                                                                                                                    https://github.com/junegunn/fzf#key-bindings-for-command-line

                                                                                                                    With home-manager and nix, enabling this functionality is just a one-liner:

                                                                                                                    https://github.com/danieldk/nix-home/blob/f6da4d02686224b3008489a743fbd558db689aef/cfg/fzf.nix#L6

                                                                                                                    I like this approach, because it follows the Unix approach of using small orthogonal utilities. If something better than fzf comes out, I can replace it without replacing my shell.

                                                                                                                    Structured data in pipelines seems very nice though!

                                                                                                                    1. 1

                                                                                                                      What exactly does programs.fzf.enableBashIntegration do? I just enabled it, and it seems to have made no difference.

                                                                                                                      1. 2

                                                                                                                        https://github.com/rycee/home-manager/blob/05c93ff3ae13f1a2d90a279a890534cda7dc8ad6/modules/programs/fzf.nix#L124

                                                                                                                        So, it should add fzf keybindings and completions. Do you also have programs.bash.enabled set to true so that home-manager gets to manage your bash configuration?

                                                                                                                        1. 1

                                                                                                                          programs.bash.enabled

                                                                                                                          Ah, enabling that did the trick (no need to set initExtra). Thanks!

                                                                                                                          I did however have to get rid of my existing bashrc/profile. Looks like I need to port that over to home-manager …

                                                                                                                          1. 2

                                                                                                                            Yeah, been there, done that. In the end it’s much nicer. Now when I install a new machine, I have everything set up with a single ‘home-manager switch’ :).

                                                                                                                  2. 4

                                                                                                                    I’ve always found bash’s ctrl+r to be hard to use properly, in comparison elvish’s history (and location) matching is like a mini-fzf, it’s very pleasant to use.

                                                                                                                    1. 1

                                                                                                                      I think the idea here is that it shows you more than one line of the list at once, while C-r is sometimes a bit fiddly to get to exactly the right command if there are multiple matches.

                                                                                                                      1. 1

                                                                                                                        For zsh try «bindkey '^R' history-incremental-pattern-search-backward» in .zshrc. Now you can type e.g. «^Rpy*http» to find «python -m http.server 1234» in your history. Stil shows only one match, but it’s easier to find the right one.

                                                                                                                        1. 1

                                                                                                                          I use https://github.com/dvorka/hstr for history search on steroids and I am very happy with it.

                                                                                                                        1. 2

                                                                                                                          Nice idea. But at first it was confusing to me, as I was expecting the foreground objects to represent 1. (The circle and square are black, but black is zero and white (the background) is one.)

                                                                                                                          1. 1

                                                                                                                            I like how the solution was to bump the culprit from 32bit to 64bit and avoid checking for overflow in the first place since it’s currently unimaginable that it would happen.

                                                                                                                            1. 3

                                                                                                                              In a kernel with CONFIG_DEBUG_VM_VMACACHE=y, the bug can be observed after “around 40 minutes” according to the report in project zero’s bug tracker.

                                                                                                                              After the change you need to increment the sequence number 2^32 times more often than before. This should raise the time to complete that demonstration to 2^32 * 40 / (60 * 24 * 365.25) or ~326,638 years.

                                                                                                                              1. 1

                                                                                                                                I came here to quote “thereby making an overflow infeasible” with the same thought in mind; that said, 640K ought to be enough for anybody.

                                                                                                                                1. 1

                                                                                                                                  @kivikakk @johnLate and the best thing is is that it doesn’t even grow the data structures since the the adjacent fields were 64bits already[1]

                                                                                                                                1. 2

                                                                                                                                  Nice work.

                                                                                                                                  However, I don’t like the bar graphs on page 70. I thought: “Nice, over half the ROP gadgets are gone! But wait… the code size doubled? That can’t be right…” Only then I realized that the y-axis doesn’t start at zero, so I can’t estimate the relative change by just visually comparing the bars.