1. 27

    I use https://protonmail.com. I wanted a Gmail alternative that was private and fully encrypted. I pay for the plus model so I can use my domain, I did not want the hassle or expense of a self-hosted model. I have been completely happy with Protonmail. I have used them since they were in beta.

    1. 7

      Yes, +1 for ProtonMail. From the small research I’ve done, they’re the most secure email provider. I also use my own domain.

      1. 5

        ProtonMail is great. The search function is a little bit slow, but since its encrypted at rest it kind of has to be.

        There are a couple of features that are great. The one I get the most use out of is having multiple address connect to the same email account. I have several email addresses, one for personal use, one used for signing up accounts, one for newsletters (or other noisy notifications), one scoped to projects, etc.

        There is also ProtonMail’s Bridge that gets around some of the security issues with IMAP/POP creating a connection over TLS, which then locally runs a IMAP/POP server on your machine.

        They have also had their OpenPGPjs (A opensource PGP impl in JS) library audited.(1)

        2 major caveats for anyone who is considering an encrypted email service is that

        1. Email is inherently insecure. It is hitting protonmails server in plain text possibly without StartTLS.
        2. You are probably going to forfeit some functionality for the this feature.

        1: It wasn’t directly them, more the community around OpenPGPjs, which they are part of. I’m also unsure of the original ownership of this project, but that can get muddied with opensource sometimes.

        1. 3

          I also use protonmail, no particular complaints about it.

          1. 3

            I have the Visionary plan and seamlessly migrated my email to them - including my whole archive which goes back about 13 years or so, once the bridge was out.

            It’s a very nice and simple web client, and the apps are good enough that they just work for my parents.

            Overall, I like it very much.

          1. 25

            I give away Sidekiq and sell Sidekiq Enterprise. If you use Ruby/Rails, it’s the standard. https://sidekiq.org

            1. 3

              it’s the standard

              For a very good reason. Wonderful piece of software. Thanks @mperham!

              1. 2

                Woah thats awesome. I have been using sidekiq lots. Great bit of software.

                1. 1

                  Hey @mperham!

                  Thanks for all of your code. I’ve used and loved several of your projects.

                  Out of curiosity what is the current status of Faktory? It sounded like an interesting project, but the rate of development looks like it kind of cratered last Dec.

                  1. 2

                    It’s under active development but summer has been slow due to family issues. Latest:


                1. 5
                  1. Work on Congressional outreach tool:
                    I’ve gotten most of the hard part out of the way. APIs to the Census and Propublica API are done. At this point I just need to finish the front end, and stop bikeshedding on the design.
                  2. eBooks as private podcast RSS feed:
                    This is mainly meant as an application to learn go. Very early stages.
                  1. Diagnosis issue with beta version that seems to only effect a small group of users located in UT. It seems to effect less than 1% of users located in UT, and doesn’t seem to be an issue for users in other states.
                  1. 5

                    Trying to get up to speed with Kubernetes and the whole ecosystem around it. Got a small cluster running with Kubespray, Rook for storage management and an Nginx Ingress controller. Certificate management, Network Policies, RBAC, Monitoring and so on still need a lot of work and learning on my side. I hope to get a MySQL Galera cluster and Wordpress to run with OpenID connect via Keycloak by the end of the week.

                    Besides that I should start to apply for a new job :)

                    1. 2

                      Redhat has a podcast series called PodCTL if you are interested.

                      Its largely produced by the team behind OpenShift & there has been somewhat of a lull in production & production quality in recent months.

                    1. 17

                      Standups should not

                      • Try to resolve an issue live
                        Don’t try to trouble shoot something or hash out details in a standup. Use the standup to report it, then grab someone after the meeting. Otherwise you are wasting everyone time. This one drives me nuts as it seems to happen in my stand ups all the time.

                      • Include a measure of how productive you are.
                        If you need that measure there are burn downs. Also its generally a good idea to not include any unnecessary management, as that does tend things to devolve into ‘make yesterday sound productive’ as @pab said.

                      • Be longer than 1 minute per person.
                        You want to report your current position, and where you are going. If it takes you more than 60 seconds to report this you are probably running into the prior two bullet points.

                      • Be longer than 10 minutes in total.
                        You don’t want to give time for devs to glaze over. If its taking longer either brevity is suffering from loquacious individuals, or the team may be getting too big.

                      • Happen prior to caffeination, lunch adjacent (unless team eats together), or near EOD
                        Stands ups should facilitate follow up communication between members. You want people be alert enough to help, but during a time where they wanting to wrap something because they have something else to do at that time.

                      1. 2

                        Yup. I think you hit the nail on the head. I did stand ups years ago as project lead. First 5-10 mins of work: 1) what are you doing 2) any foreseeable pain points, connect with your peers that your tasks need you to coordinate on.

                        Done. Everyone thought they were extremely productive (to my knowledge).

                        1. 2

                          Some tools that we use to achieve these goals:

                          • It is always OK and preferable for someone to say “can we / you continue this discussion after the daily?”. Not everything that is currently interesting and relevant you is that to everyone. It is very easy to forget this when you get excited!

                          • Keep everything short: It is OK if there is nothing peculiar happening or you don’t need input/help!

                          • Always briefly go through every task which has been worked on since last daily. From end of the process pipeline to the beginning (in our current case: task moved to production -> tasks moved to ready -> tasks moved to review -> tasks moved to in progress -> stories taken to in progress -> stories groomed to backlog). There is couple reasons for this “backwards” order. First it gives personal productivity measure (I deployed/did stuff that needs review/etc). Secondly it creates natural pull for people to review and take new tasks/stories to be worked on, which removes insane amount of that fruitless “is this the next thing, or this, or this” kind of conversation. Having physical kanban wall makes this really easy by the way.

                          • First couple items in the tip of the backlog are in strict priority order, so when previous story is done one just needs to take next one to be worked on. No need to converse about this during daily.

                          • Pick a time when daily starts. Be very strict about this. Making others to wait is rude, no one is that important.

                          Currently our team is 16 people, our dailies take 5 to 15 minutes. Depending on how much churn there has been.

                          1. 1

                            FYI The first known recorded standup from the highly productive Borland Quattro pro team was an hour long. Standups should be mini planner meetings, not status meetings.

                          1. 4
                            1. I’m working on a personal congressional outreach project based around ProPublica’s Congressional API.
                            2. Tweaking my kubenetes cluster.
                            1. Finishing up our first major UI overhaul.
                            1. 14

                              The Cambridge Analytics scandal has prompted me to delete Facebook and be much more aware of my privacy. I know that deleting Facebook is now a “cool” thing to do now, but it’s been a difficult decision. I still had many friends there that I have no other means of contacting. Ads have gotten much scarier recently, perfectly retargeted among services, so I was getting mentally ready for this. But stealing data for political purposes is where I draw the line.

                              I’ve also replaced google with DuckDuckGo, and am planning on changing my email provider too. But I don’t know if it’s going to be futile. I still shop on amazon and use many other irreplaceable services like google maps.

                              Again, I’m not a privacy freak. I try to find a middle ground between convenience and privacy, so these changes are hard for me

                              Any recommendations for a balanced solution?

                              1. 6

                                Whereas I’m about to have to get back on Facebook after being off quite a long time. I’ve simply missed too many opportunities among local friends and family info since they just refuse to get off it. Once it has them in certain numbers, they find it most convenient to post on it. That’s on top of the psychological manipulations Facebook uses to keep them there. I’ll still use alternatives, stay signed out, block JS, etc for everything I can. I will have to use it for some things for best effect.

                                The most interesting thing about leaving, though, was their schemes get more obvious. They tried to get me back in with fake notifications that had nothing to do with me. They’d look like those that pop up when someone responds to you but you’re not in the thread at all. They started with an attractive, Hispanic woman I’ve never seen from across the country that some friend knew. Gradually expanded to more attractive women on my Facebook but who I haven’t talked to in years or rarely like (not in my feed much). The next wave involved more friends and family I do talk to a lot. Eventually, the notifications were a mix of the exact people I’d be looking at and folks I’ve at least Liked a lot. I originally got nearly 100 notifications in (a week?) or something. Memory straining. Last time I signed in, there was something like 200-300 of them that took forever to skim with only a handful even real messages given folks knew I was avoiding Facebook.

                                So, that whole process was creepy as hell. Especially watching it go from strangers I guess it thought I’d like to talk to or date to people I’m cool with to close friends. A lure much like the Sirens’ song. Fortunately, it didn’t work. Instead, the services’ grip on my family and social opportunities locally are what might make me get back on. The older forms of leverage just in new medium. (sighs)

                                1. 3

                                  It kind of depends on what you are trying to prevent. There are some easy wins through

                                  1. As of March 2017 US ISPs automatically opt you in to Customer Proprietary Network Information. ISPs can sell this information to 3rd parties.. You can still opt out of these.
                                    Look for CPNI opt out with your ISP.

                                  2. uBlock Origin / uMatrix are great for blocking tracking systems.
                                    These do affect sites who make they’re money based on ads however.

                                  3. Opt out of personalized adverting when possible
                                    Reddit, Twitter, even Google give you an option for this.

                                  4. Revoke Unneeded Accesses
                                    https://myaccount.google.com/u/1/permissions https://myaccount.google.com/u/1/device-activity

                                  5. Make your browser difficult to fingerprint.
                                    EFF has a tool called panopticlick that can show you how common your browser’s fingerprint is. I locked down what I could (there should be instructions on panopticlick’s site), and added an extension that cycles through various common user-agents. It might sound like overkill, its not onerous to do.

                                  6. Don’t store longterm cookies.
                                    I actually disabled this mostly. I still blocked for 3rd parties, but first party cookies are allowed now. Using a hardware key or password vault makes signing easy, but ironically the part that killed this for me more sites supporting 2FA. I use Cookie AutoDelete for Firefox.

                                  7. Change your DNS provider.
                                    I don’t have a good suggestion for this one. I use quad-9, but I don’t really know enough to say whether or not I trust them.

                                  1. 2

                                    Unlike an email or web server, setting up a resolving only DNS server is quite painless. I do this at home and rarely have issues. And if I do, I can reset it at whim instead of trying to fight with tech support.

                                  2. 1

                                    I pay $40/year for Protonmail. It is fantastic.

                                    As for Facebook, why delete? It is actually a benefit to have an online presence for your identity, but you need to be careful with what about yourself you share. If you don’t take your online identity, someone else will. This is exactly why I’ve registered my name as a domain and kept it for years now. It is just another “string of evidence” that I am who I say I am on the internet.

                                    My FB is just a profile picture now and nothing else. I have set my privacy settings to basically super locked down.

                                    When it comes to socializing, there is little you can do to not be tracked. The only thing you can do is “poison the well” with fake information and keep important communication on secure channels (i.e. encrypted email, encrypted chat applications).

                                    1. 1

                                      I removed Facebook about 6 years ago and recently switched to Firefox beta and DDG. Gmail has had serious sticking power for me, though. I’ve had several fits and starts of switching email over the years but my Gmail is so intertwined with my identity nothing else has ever stuck.

                                      It is possible to switch, I’m sure, but in my case, I have never committed quite enough to pull it off.

                                      1. 3

                                        When I got off gmail, it took about two years before I wasn’t getting anything useful forwarded to my new identity.

                                        Setting up forwarding was quite painless and everything went smoothly otherwise. The sooner you start…

                                        1. 2

                                          When I looked into it, everone was suggesting FastMail if the new service needs longevity and speed. It’s in a Five Eyes country but usually safest to assume they get your stuff anyway if not using high-security software. The E2E services are nice but might not stick around. Ive found availability and message integrity to be more inportant for me than confidentiality.

                                          People can always GPG-encrypt a file with a message if they’re worried about confidentiality. Alternatively, ask me to set up another secure medium. Some do.

                                      1. 14

                                        Questions (and answers) like this really ought to start with a definition of what they mean by “Agile”.

                                        The top voted answer appears to be critiquing a very rigid Capital-A-Agile methodology, but none of it comes through to me as a valid critique of a more general lower-case-a-agile methodology: deploy regularly, tight feedback cycles with users, integrate feedback.

                                        1. 10

                                          I guess these discussions are always a bit futile, because “Agility” is by definition a positive property. It’s a tautology really.

                                          Most criticism of agile methods are more focussed on a specific implementation (scrum at company X), and the usual response is “this is not true agile”.

                                          1. 7

                                            “this is not true agile” I’ve been guilty of this in the past. Agile is good, therefore if what you’re describing to me isn’t good then it’s not true agile.

                                            But after years of Scrum at various shops, sometimes under the guidance of pricey “Scrum coaches” consultants I’m totally burnt out and disillusioned by it.

                                            As you say agile is by definition positive but beyond this, I think there are still a lot of good ideas and principles in the early agile movement just not in the Scrum process itself (which doesn’t predate Agile) and what it has come to represent.

                                            1. 6

                                              I would define Agile as “follows the principles of the Agile Manifesto”. This implies a few things:

                                              1. The Manifesto devalues things like comprehensive documentation. This can be criticized and discussed.

                                              2. Scrum is only one possible instance of Agile. Not necessarily the best, maybe not even a good one. I would suspect that people discussed that to death already when Scrum was fresh.

                                              3. You can do Scrum without Agile. Scrum is usually defined superficially. This means there is a lot of room for variation including stuff which undermines the Agile intentions. Second, it helps the consulting business, because how could you get Scrum right except by oral teachings of certified people?

                                              1. 1

                                                The Manifesto devalues things like comprehensive documentation. This can be criticized and discussed.

                                                This aspect is a bit peculiar. Do they devalue software-documentation? (which is how I understood this principle). Or maybe it can be thought of a devaluation of a requirements-library/document. I came to terms with this principle in the sense, that it meant as an advice to avoid wasteful, up-front documentation, because clearly you cannot build a good product without documentation.

                                                1. 1

                                                  From the manifesto:

                                                  That is, while there is value in the items on the right, we value the items on the left more.

                                                  It’s not “documentation doesn’t matter”, it’s “deliver something that works or your documentation is pointless”.

                                                2. 1

                                                  The key bit of superficiality that reduces Scrum’s value is that people ignore the fact that Scrum does not mandate a process:

                                                  It is the opposite of a big collection of interwoven mandatory components. Scrum is not a methodology. What is Scrum?

                                                  Scrum is not a process, technique, or definitive method. Rather, it is a framework within which you can employ various processes and techniques. Scrum Guide

                                                  They take the initial process guide, defined in Scrum as a starting point to test, reflect, and improve upon, and treat it as a big collection of interwoven mandatory components. It makes middle management feel good as they get to hold meetings, see progress, and implement a buzzword, but avoids all of the valuable parts of Scrum.

                                                3. 3

                                                  Bertrand Meyer has some criticisms (and compliments) of the core ideas, especially user stories vs requirements.

                                                  1. 1

                                                    thank you for that link. Would prefer text over video, but if it is Meyer, I’ll try to make room for it.

                                                    1. 1

                                                      Yeah, I feel the same way. He apparently has a book on the same topic, but I haven’t read it.

                                                      1. 1

                                                        okay, I haven’t watched it fully, but skipped over a few parts ,but I made sure to look at the user storeis and requirements parts. I am a bit torn on his view, because I can relate to his feeligns as a software user, that many times his user-story was forgotten and he attributes this to not generalizing them into requirements. However, I wonder if the lack of a requirements document is really the reason. Also, I think he must have forgotten how unusable a lot of requirements-backed software has been.

                                                        I share his sentiments on design and architecture work. However, good teams with good management have always made it possible to fit such work into the agile workflow. I attribute to agile consultants, that throughput and “velocity” have been overemphasized to sell agile, when it should much more be about building good products.

                                                        He lost me when he commented on test-driven development.

                                                      2. 1

                                                        His book is called “Agile! The good, the hype, and the ugly”, it’s brief, insightful, and well worth a read.

                                                  2. 5

                                                    I would argue that what you’re talking about there is more the consequences of adopting continuous integration and making deployments less painful, which one might call operational agility, but it has very little to do with the Agile methodology as such, at least from what I can see.

                                                    1. 6

                                                      Nope. Having tight feedback cycles with users is a core principle of Agile. Continuous integration on its own has nothing to do with user feedback, and doesn’t necessarily cause responsiveness to user feedback.

                                                      1. 1

                                                        The Agile Manifesto does not mention tight cycles, only “customer collaboration”.

                                                        1. 2

                                                          the Agile Principles (you have to click the link at the bottom of the manifesto) make multiple references.

                                                          1. 1

                                                            Can you explain? I don’t see the words “tight”, “feedback” or “cycles” here http://agilemanifesto.org/principles.html

                                                            1. 1

                                                              Presumably: The main difference between collaboration with customers (vs contract negotiations) is that rather than getting a single document attempting to describe what the customer wants up front (feedback cycle = one contract) you continually work with them to narrow down what they actually want (shorter/tighter than that).

                                                              1. 1

                                                                the first principle, satisfy the customer through early and continuous delivery of valuable software, implies it. the third, deliver working software frequently, implies it. the fourth, business people and developers must work together daily, is an out-and-out statement of it.

                                                          2. 1

                                                            In my experience CI&CD is more useful for bugs than features. If you are coming from waterfall I understand where the connection between CI/CD and agile comes in.

                                                            1. 2

                                                              Regardless of your experience and opinion of utility, those strategies are core to Agile and have obvious analogues in other industries that Agile draws inspiration from. They aren’t unique or novel products of Agile, but I think it’s fair to say that’s how they reached such widespread use today. It’s definitely incorrect to say they have little to do with Agile methodology.

                                                        2. 3

                                                          After having been making the error of using the word “agile” in the latter generic sense for some time, I came to realize that pretty much nobody does it. When you say “Agile” business people automatically think “Scrum” and it works (still) as a magical incantation. When you try to talk about the actual merits of agile approaches (plural) they tend to phase you out and think you’re trying to look smart without knowing anything.

                                                          1. -2

                                                            The top voted answer appears to be critiquing a very rigid Capital-C-Communism ideology, but none of it comes through to me as a valid critique of a more general lower-case-c-communism ideology: democratic, common ownership of the means of production, state and classlessness

                                                          1. 3

                                                            I’m very much confused with why this has become such a big deal. It seem like under clocking a device with faulty battery to extend the use of the devise is kind of a no-brainer.

                                                            1. 3

                                                              They shouldn’t hide this information from the user. Give me a warning or alert. Let me know I can restore peak performance by purchasing a new battery. The way Apple hides battery diagnostic info is crazy.

                                                            1. 5

                                                              Meanwhile, I’m still waiting on ESR for Vimperator or Vimium to catch up :)

                                                              1. 5

                                                                Vimperator is EOL sadly.

                                                                cmcaine has gotten an extended keyboard api for WebEx approved but it not slated to be implemented until the next release. They are also https://github.com/cmcaine/tridactyl working on a replacement for Vimperator called Tridactyl.

                                                                1. 3

                                                                  Yeah, I know.

                                                                  That said, Vimium is said to be the best among WebEx-compatible, Vimperator-like extensions. I think I’ll probably wait until 52 is EOL and decide what to do then.

                                                                  1. 4

                                                                    Someone on the orange website mentioned this one: https://github.com/ueokande/vim-vixen apparently the only one supporting ex commands

                                                                2. 1

                                                                  I’ve been using Vimium with Quantum (Firefox Developer Edition) for a few days and haven’t noticed any problems. (I am a long-time user of Vimium in Chrome.) I don’t know if it’s at 100% feature parity, but all of the features I use work.

                                                                1. 5

                                                                  It’s interesting, but it tells us nothing other than “we were able to establish a presence on the aircraft’s systems.” It doesn’t say which systems, nor does it say if it was simply information disclosure or they were able to take control of vital aircraft systems.

                                                                  There’s a huge difference between being able to, say, see what channels are being watched on the in-flight satellite TVs, and being able to throttle down the engines.

                                                                  (Not that we shouldn’t take this sort of thing extremely seriously regardless of what they were able to do. A hole in the dike and all that…)

                                                                  1. 1

                                                                    I would be blown away if the flight control avionics weren’t isolated from all other systems on the aircraft, let alone connected to a network which could be compromised remotely (i.e. via the in-flight wi-fi, or some other means accessible to a passenger).

                                                                    1. 3

                                                                      They’re supposed to be done like in this answer:


                                                                      It was also one of main reasons for development of partitioning kernels like those below that airplane and defense companies were buying.


                                                                      Now risk has gone way up in some ways with the consolidation of more stuff onto less boxes while attackers are doing hardware attacks that break the model. If those go to airplanes, it might get bad. The older model had its own risks like piles of wiring that sometimes shorted out with the plane going splat.

                                                                      1. 1

                                                                        I would be kind of amazed if they weren’t. For starters supposedly its already happened by tapping into the in-flight entertainment center..

                                                                        Also production on these stopped in 2004. Even if there was no vulnerability in the meridade of transceivers and receivers, I would be kind of surprised if the after market retrofitting was basically akin to plugging something to the ODB2 connector.

                                                                    1. -1

                                                                      TBH, once I got into Brave, I became very sceptical of these kinds of posts.

                                                                      Most of the CPU cycles of modern browsers are given to the parasite tracking code nowadays. I don’t really care about the whole DNT movement, but when all the sites have multisecond delays, freeze your scrolling, blow out your CPU and crash your apps on decent hardware, you know something’s gotta give.

                                                                      I easily get 10x the speed in Brave compared to Chrome. All those improvements in Firefox sound nice, but I don’t see a paradigm shift of killing off background JavaScript tracking here. Until that’s done, Brave would still be much faster IRL, even if its engine is slower.

                                                                      1. 12

                                                                        Luckily ad blockers work in Firefox, I guess?

                                                                        1. 7

                                                                          You know Brave’s income model is ad-substitution. You’re not doing away with those tracking code, you’re just replacing it with another. You can opt out, but you can also install an ad-blocker on chrome or firefox (or safari, or edge).

                                                                          1. 1

                                                                            That’s the thing — I don’t care about ad substitution, or the privacy part of tracking all that much.

                                                                            I highly doubt they’d make their own ads and tracking have anywhere close to the performance impact that all the third party tracking has nowadays.

                                                                          2. 5

                                                                            You mean something like the tracking protection Firefox has had built in for some time now? It’s enabled by default too.

                                                                          1. 1

                                                                            I actually did some math like 2 years ago to see if its was viable to use ad buys to crytpo mine in the browser. At the time it was a resounding no. Even unthrottled my estimates were that it was that you could only recoup about 2-10% of what you put in selling to a mining group. I never had any interest in capitalizing on this but I thought it was an interesting idea.

                                                                            I actually think cryptojacking will be a good thing, but there are a couple of issues:

                                                                            1. Cryptojacking income is based on the price of an unstable currency, which seems like a really bad idea if the price tanks.
                                                                            2. As more CPU cycles are dedicated to mining the value of single falls.
                                                                            3. This has already been addressed by the chromium team, but it does provide a perverse incentive for companies as it kind of sliding scale between quality of service and income. Chromium is basically capping unruly sites.

                                                                            I actually think a much more interesting use case would be something like AWS’s serverless compute using JS (or WA) & homomorphic encryption.

                                                                            1. 2

                                                                              Didn’t try any betas, yet still I was poised to upgrade ASAP. Then I learned the tab groups addon won’t work, and will not be made to work.

                                                                              So I’ll have to un-poise myself for a while.

                                                                              Anyone else struggling with this? Any suggestions that don’t involve Vivaldi, or Chrome with tree-style tabs?

                                                                              1. 6

                                                                                Reimplementing Tab Groups should be quote doable once APIs for controlling tab display are in place. I know I’ll be making such a project a personal priority once it becomes possible.

                                                                                1. 5

                                                                                  The easiest way is to just use Firefox.

                                                                                  There is Firefox ESR which runs an LTS version of Firefox. Downside is that its running Firefox 52, which will breaks addons that use the Firefox container API.

                                                                                  The second way is to use a fork of Firefox. I’m currently using WaterFox. Thus far I haven’t run into any serious issues, but I don’t really trust the codebase as much as I would from Mozilla.

                                                                                  1. 5

                                                                                    There is hope in the Simplified Tab Groups extenstion. As author writes:

                                                                                    Notice to Firefox Quantum (57+) users: No, this extension is not dead but yes, it currently does not support Firefox 57. I know, I know. Please update anyway, as you’d miss out on a lot of cool stuff. The reason Simplified Tab Groups is not working with 57 is the lack of an API I need. However, heroic Firefox engineers are already working on that, and I will release a new version which will be compatible as soon as possible. Promised! If you have a GitHub account, feel free to subscribe to this issue to get notified whenever there is progress.

                                                                                    I use it now on one computer with pre-57 version. It shows promise. I like the UI better then the normal too-visual-for-me tab groups. It gets around the problem of manual placement management. There are couple of things that I miss, but hopefully it will get better. What I miss the most: changing the order of the groups and editing the name of a new group right-away.

                                                                                    I also think about giving the TreeStyle Tabs a shot.

                                                                                    I think that there are other extensions under development that intend to be more faithful to the original. However the original is not easy to implement I believe.

                                                                                  1. 7

                                                                                    I’ve seen argument a couple of times, and I don’t entirely disagree with it. It always seems to based around two primary points which seems to always be way off mark.

                                                                                    What if Slack was hacked.

                                                                                    Slack was hacked. But that’s kind of a moot point. You should treat any communication like email; insecure, and possibly a phishing attack. If you need to send secrets, do it out of bounds.

                                                                                    Everyone should host our own Mattermost/Rocket.chat/Hipchat.

                                                                                    Most certainly everyone should self not host. If its going on a server in some back closet which will ultimately be forgotten about until there is an issue you should not host it. Ops is hard, and its worst setting up one of these poorly or insecurely then not migrating.

                                                                                    There are roughly 48,000 public mongodb servers, and 4,500 public hadoop instances. And systems infrastructure doesn’t die, there are still machines infected with code read that are scanning the net. Offloading the responsibility for part of your infrastructure is not a bad thing.

                                                                                    1. 2

                                                                                      So for those wondering this was the BroadPwn attack from earlier this year. It has been fixed for iOS for a while. This is actually a pretty interesting post though.

                                                                                      PSA: BroadPwn effected the BroadCom BCM43XX chipset firmware. If you had this chipset please make sure you had installed any security upgrades related to this.


                                                                                      @tedu is totally right, this is a completely different issues. I’m not going to delete the comment to clarify this is a different issue from BroadPwn.

                                                                                      1. 3

                                                                                        Uhm, are you sure about that? The broadpwn writeup doesn’t sound anything like this bug, doesn’t mention any of the same functions, etc.


                                                                                        1. 2

                                                                                          Hmmm I’m not.

                                                                                          It was patched in the same release, found about the same time, and effected the same BroadCom chipset. Let me double check.


                                                                                          @tedu, you are totally right! Sorry about that.. I’ll correct my original comment. Thank you for correcting me.

                                                                                      1. -2

                                                                                        As long as the government isn’t banning them they have no case.

                                                                                        1. 13

                                                                                          Not quite–this is a totally reasonable anti-trust issue. Now, whether or not the US still cares about prosecuting anti-trust problems is another thing entirely.

                                                                                          1. [Comment removed by author]

                                                                                            1. 3

                                                                                              Because our politics is busted, both parties are fully funded by major corporations, and no one wants to piss off the pocketbook.

                                                                                              Seriously – US v Microsoft was before Citizens, and the latter opened up the floodgates. Much of the current insanity in our politics can be pretty easily traced back to that decision.

                                                                                            2. [Comment removed by author]

                                                                                              1. 5

                                                                                                But there’s also many other competitors still available, which I think undercuts the argument that google is doing this to cement control.

                                                                                              2. 0

                                                                                                Hmm possibly. I guess it depends on how much money Gab would get from having their app on Android. I guess not being able to sell customer information from mobile is a huge deal for them.

                                                                                                But technically nothing is stopping them from creating their very own mobile phone OS and app store ;)

                                                                                                1. 4

                                                                                                  3rd party store still exist in Android. They just have a small market share in the US.

                                                                                            1. 10

                                                                                              What a terrible name for a developer focused OS. Also, the PR page doesn’t mention anything about what it does exactly that’s different.

                                                                                              1. 2

                                                                                                Its still in beta, but it seems like they are going for the scientific linux approach which is providing a out of the box developer environment.

                                                                                                1. 8

                                                                                                  At this point it doesn’t sound like a developer focused env. It sounds like a fork of the latest Ubuntu release they has PR to try and target Systems 76’s preferred demographics. I don’t mean that as a negative thing, I think its a smart thing for them to do business wise, albeit a little vapid.

                                                                                                  I do have to take exception with part of what they say:

                                                                                                  … We’re technologists, and we felt Ubuntu drift. I agreed with the Canonical strategy of maintaining Unity 7 while developing Unity 8 separately. But time dragged on and we were stuck between waiting for our new product, which sounded constantly just around the corner, and investing in Unity 7 that was on its way out. There were no good decisions. Just hold the line. … In hindsight, we should have known [Ubuntu discontinuing Unity]. Like everyone, I wanted Ubuntu desktop to stand on its own economically. It’s only a matter of time before a company must align its investments with its paying customers, and that wasn’t the desktop for Canonical. But it is for System76.

                                                                                                  Its not that Canonical gave up on Desktop. Made the mistake of trying to be too ambitious, in a time when the ecosystem it existed in was going though a ton of changes in stops and fits.

                                                                                                  First lets go over what Canonical was building (Understand most of these things are going to be related)

                                                                                                  • Ubuntu Phone (and all of the related new stuff for that)
                                                                                                  • Better Arm Support
                                                                                                  • Ubuntu Core
                                                                                                  • Mir (Replacement for X11)
                                                                                                  • Unity 8 & Convergence
                                                                                                  • Snapd

                                                                                                  Which has be build in concert with with all of the changes in the Linux ecosystem over the last couple of years.

                                                                                                  Unity didn’t doesn’t spell the death for the Ubuntu Desktop, but the death of the Ubuntu Phone did mean the death of Unity 8.

                                                                                                  All that being said I think this could be an interesting idea for telemetry for Firmware level issues on their machines as well.

                                                                                                2. 1

                                                                                                  Dear marketing, no, you cannot have WhateverTF you characters you feel like in a name.

                                                                                                1. 2

                                                                                                  This looks pretty nice. Node.js has surprising good tooling for command line tools.

                                                                                                  There is a similar set of projects for Ruby called TTY, which I’ve used a fair bit in the past.

                                                                                                  1. 2

                                                                                                    Yes there’s quite a few good ones. However, I’ve been going through most Node.js terminal lib recently, and one issue I’ve noticed is that they often are one-man projects, and end up being unmaintained. For instance ncurses, blessed and vorpal, are all pretty much discontinued despite being large and having a lot of issues/pull requests.

                                                                                                    Terminal Kit is still active after 8 years and the author responsive, which is great, and it also has a very good documentation and tutorials.

                                                                                                  1. 7

                                                                                                    Alfred, iTerm

                                                                                                    I can never get a concrete reason why to use these over Spotlight/Terminal.app. There used to be a significant difference, but today I can’t think of a compelling reason.

                                                                                                    Edit: Ditto for flu.x

                                                                                                    1. 4

                                                                                                      Personally, I couldn’t let go of having shortcuts to switch to the nth tab. Thus, iTerm beat Terminal for me.

                                                                                                      1. 3

                                                                                                        I use Alfred primarily for various workflows that I have set up. That’s not something that can replicated with spotlight.


                                                                                                        I have a few smaller ones that I’ve designed myself.

                                                                                                        I use the Github Repos Workflow constantly: http://www.packal.org/workflow/github-repos

                                                                                                        1. 2

                                                                                                          I happily used Spotlight for years. Then, a couple OSX updates back, it stopped properly indexing applications. I never was able to fully figure out what the problem was, as there was seemingly no pattern to which applications would be excluded. At one point it stopped including Chrome in the index, and that was the straw that broke the camel’s back for me. (More specifically, I believe it still included them in the index based on testing the command line interface, but Spotlight simply stopped showing them.)

                                                                                                          I switched to Alfred, and it immediately worked “perfectly” - which is to say it performed identically to how Spotlight did before the updates. It’s been a few months now, and I have no complaints with Alfred, it does everything Spotlight did, and is much faster.

                                                                                                          1. 1

                                                                                                            Weird! In your position I think I would have done the same thing.

                                                                                                            1. 1

                                                                                                              I have the same problem and switched to Alfred for the same reason.

                                                                                                            2. 1

                                                                                                              iTerm is waaaaaaaay ahead of Terminal.app.

                                                                                                              1. 6

                                                                                                                I keep getting replies like this, but still no concrete reason.

                                                                                                                1. 8

                                                                                                                  I think it’s because there aren’t great reasons anymore. Yes, you’ve got some tmux integration and similar I guess, but e.g. tmux support requires (or at least used to require) custom-built versions of tmux that kept it from being as useful in practice as you might think. Meanwhile, Terminal itself has added tons of features that used to be iTerm-only and added some of its own (e.g. window groups), and while there’s some comments below that iTerm has smoother scroll, I have noticed that using Terminal can actually speed up programs I run if I’ve got them dumping directly to stdout (because it can get stuff on the screen faster).

                                                                                                                  I used iTerm for many years, but I’m also back to Terminal. Ditto for Alfred, similar reasons.

                                                                                                                  1. 6

                                                                                                                    Terminal.app has added

                                                                                                                    • Mouse Reporting
                                                                                                                    • Ligatures (which is still in beta for iterm)
                                                                                                                    • Vertical and horizontal character spacing
                                                                                                                    • Key macros
                                                                                                                    • Tabs
                                                                                                                    • Window groups
                                                                                                                    • Custom entry commands
                                                                                                                    • STDout Search.

                                                                                                                    The difference between iTerm and Terminal.app is becoming more superficial. At this point the largest difference is the degree of customization, and people who care about this seem to be more evangelical about it.

                                                                                                                    That being said I still use iTerm for two reasons.

                                                                                                                    1. Hotkey Quake like drop down terminal window.
                                                                                                                    2. Its what I’ve been using.
                                                                                                                    1. 1

                                                                                                                      Only things missing from Terminal.app are:

                                                                                                                      • True Color support
                                                                                                                      • Hotkey dropdown
                                                                                                                  2. 7

                                                                                                                    smoother scroll, true color support, greater tmux integration, splits.

                                                                                                                    On the other hand I think Terminal.app has the edge with better font rendering and slightly smoother performance (latest Beta version of iTerm2 is much much better in that regard, but Terminal.app has still edge on that front, but it’s locked on 30fps, so it’s not that much greater in the end).

                                                                                                                    1. 5

                                                                                                                      Btw I’m still using Terminal.app because I found it much more stable, and I’ve stopped using tmux for terminal splitting and tiling. Now I use Tmux mostly for attaching and detaching and security reasons, as tmux increases input latency which I cannot stand!

                                                                                                                      And most important of all is that I didn’t want to become addicted/attached to my personal dev environment. I have been through customization hell with Emacs and Vim, now I am back to really minimal 200 Loc configs in both, using mostly stock stuff on macOS, and some universal UNIX programs. I have around 10 applications installed on my macOS, rest is stock Apple stuff and it works really well!

                                                                                                                      1. 2

                                                                                                                        What phl said :-) also, better splitting. Better full screen mode.

                                                                                                                      2. 1

                                                                                                                        I recently tried switching back to Terminal.app, but couldn’t get the colour schemes to show correctly. Terminal does something to the colours to add more contrast, and I couldn’t figure out how to fix it. https://apple.stackexchange.com/questions/29487/is-it-possible-to-disable-terminals-automatic-tweaking-of-colors-in-lion

                                                                                                                    2. 1

                                                                                                                      To be fair to flu.x, that’s a relatively recent addition, and still allows a lot more control (at least on macOS) over the timing, degree, and transition curve to red-shifted light. The rest, I’m with you.

                                                                                                                      1. 2

                                                                                                                        To be even fairer, it’s “f.lux”, not “flu.x” ;)