1. 10

    On lobsters I’d rather see a technical deep dive explaining how all these features are achieved than a marketing page. But I’m certainly fascinated this technology exists. One SSO platform to rule them all?

    1. 4

      Here’s a little better explanation on what Boundary is and how it works: https://www.hashicorp.com/blog/hashicorp-boundary

      1. 2

        This isn’t new, you have products like BeyondCorp from Google and Gateway from Cloudflare.

        Although, that’s the first open source implementation that I see. That said, it probably would need code audit and pen-test to get reasonable adoption.

        I’m really looking forward to the future of this piece of technology, and if it could really replace VPN.

      1. 20

        I am a big fan of having a paper notebook and a nice, hefty, metal pen. The ability to rapidly intermix text, drawings, and sketches is underrated.

        EDIT: For the record, I really like Machine Era pens. Solid metal and made in the USA, with easily refillable ink cartridges.

        1. 4

          After trying multiple systems on my laptop or smartphone, I always fall back to my notebooks and a foutain pen. The only thing that I miss is a way to easily record some url or reference. I thought about creating my own url shortener or find a mini printer to print sticker with QR code.

          Intermixing different kinds of inputs (text,drawings,sketches,ddiagrams) is the really what I miss the most when I tried any numeric system.

          1. 1

            I recently had the same idea about a link shortener and so I made one! It doesn’t have much in the way of documentation but it was literally a two hour project and it’s only 50 lines of Go so I think you should be able to get it running really quickly. It uses autoincrementing numbers so the links are always very short and easy to write down (also spell out to someone, remember etc.) I hope you find it useful! Here’s the repo: https://github.com/k2l8m11n2/s

            1. 1

              That’s nice ! What kind of input method do you use? Sending HTTP request via a web interface or CLI? I will definitely look at it longer, thanks!

              1. 1

                The interface is the simplest one I could think of: you GET (or just enter in your browser) https://shortener.example.com/https://some-cool-link.example.net/fun-link-stuff and you get back a number (starting with 1) that you use like so: https://shortener.example.com/1 which redirects you to https://some-cool-link.example.net/fun-link-stuff! I hope this example was clear enough, feel free to ask if you have any questions.

          2. 4

            I like rotring pens.

            1. 1

              Have you ever had a problem with them leaking? My partner uses those, as the line quality is beautiful but after a while, every one she has had has started to leak and needs to be cleaned out.

              1. 1

                No, I haven’t had trouble with mine leaking. I mostly use the ball point pen though. Nothing fancy.

            2. 3

              In some previous variant of a similar thread, one fellow lobster got me addicted to discbound notebooks [1] [2] [3]. I heartily recommend checking them out for anyone using paper for work notes. They’re an absolutely ingenious invention, I’m surprised they’re not better known and more popular. I mean, I don’t guarantee they’ll fix all your life problems and smooth your wrinkles, but they have many benefits with not many flaws, and I think everyone should know they exist, so that they can choose them as a tool at will.

              1. 3

                If you like hefty metal pens, but European ones, I cannot recommend enough Caran d’Ache: https://www.carandache.com/us/en/ballpoint-pen/849-popline-metallic-black-ballpoint-pen-with-holder-p-10214.htm

                This kind of pen can go a long way.

                1. 5

                  So once upon a time I spoke French reasonably well and I was trying to translate “Caran d’Ache” and now I have a headache. Turns out it’s actually a French-ish spelling of a Russian version of a Turkish word.

                  1. 4

                    Yes! Even for native French speakers, it feels very French, except Caran doesn’t mean anything (Ache could be a city or whatever).

                    Fore those wondering the meaning:

                    Caran d’Ache means pencil in Russian and has its roots in the Turkish word “kara-tash” which means black stone, in reference to graphite.

                    https://www.carandache.com/us/en/content/ch/fr/la_maison/landing/la_maison_-_histoire.cfm

                    1. 7

                      Caran d’Ache means pencil in Russian and has its roots in the Turkish word “kara-tash” which means black stone, in reference to graphite.

                      Interestingly, I come from a country where fountain pen are mandatory in school. We speak arabic, and everyone called the fountain pen “cartouch”, which means bullet or cartridge. It’s also funny because the cartridge really looks like a bullet. There’s also a close relation with lead. I thought it was an anglicism but now I’m learning it might actually comes from the ottoman era.
                      Language is fun.

                      1. 1

                        Interestingly enough, in French cartridge is also called “cartouche” which is very similar!

                        I’ve tried to find more on the source of the work, but the best I could find was:

                        Borrowed from Italian cartuccia, a diminutive of carta, from Latin charta, from Ancient Greek χάρτης (khártēs) — https://en.wiktionary.org/wiki/cartouche

                        Which is related to the paper that was used for cartridges (in firearms).

                        I wonder what’s the link with pens beside the ink cartridge…

                      2. 2

                        A “Crayon of ash” perhaps?

                      3. 2

                        Oh, right. Карандаш. But it means pencil, so it’s a little bit weird. Does French pronunciation has anything to do with the Russian one? :D

                        1. 2

                          I decided to leam the Cyrillic alphabet a while back because I noticed there are a lot of shared/borrowed French words in Russian and I was going on a visit to Russia. It was really handy. I know a little French, and no Russian, but I could actually read a lot of words on signs. I got the notion from ресторан = restaurant.

                    2. 1

                      What type of paper do you use? Ruled? Grid? Some of my physicist coworkers use a dotted grid-style that I’ve been thinking of trying out

                      1. 4

                        I use a dot-grid notebook for a daily bullet journal and all my notes. I can’t go without some horizontal true north or else I start to slant everything downwards, haha. I recommend the Leuchtturm1917 or the Rhodia Dot Web notebooks if you’re curious.

                        1. 1

                          I’ve been using ruled Moleskine notebooks also with my variant of bullet journal. I also have the same slanting problem, but I think dots would be sufficient. I’ll check those out, thanks!

                          1. 2

                            I found out that dotted paper is the more versatile and my newer notebooks all have some. For example, I can easily draw a chess board when I am working on my chess or write straight or diagram almost properly without any rulers when needed.

                            I have some grieves with the quality of paper is my moleskine that vary so much between notebooks especially with foutain pen ink. Some bleeds too easily, some feathers ans some are perfect with the same ink, foutain pen and nib.

                        2. 2

                          I prefer lined since I write more than I draw and I’m not good at writing on unruled or dotted paper.

                      1. 1

                        So recently I read Steve Jobs biography, then 21 lessons for the 21st century from YNH, and right after Principle from RD.

                        All 3 books mention meditation as a life changing thing. So I’ve decided to give it a try. I’ve selected 5 means of learning about it (apps/books/YouTube videos/…) and decided to go with apps. So I tried 5 apps and decided to go with “Waking up” from SH which wrote a book on the same topic.

                        The app doesn’t link to any religion or culture, it’s really pure feelings and almost philosophy. It has a practice section and a theory section, which reminded me “So good they can’t ignore you” from CN (thanks Bob B. For the recommendation), which mentions that you need to have both practice and theory to improve.

                        After a few weeks with the app, I feel that it’s really awesome, not in the sense that I enjoy spending time on the app, but more that I feel better after each session. I feel like a better person, a kinder and humbler version of myself.

                        I can not recommend enough to just try it for a few days. And for those of you which are skeptical about meditation, just try it 3-5 days and at least, you’ll be able to either confirm your feelings, or find that you might have been wrong!

                        1. 4

                          Not being an English native speaker, the first time I reflected about that was when reading SICP, which mentions wizards casting spells.

                          Then I though about typecast being a special spell.

                          1. 4

                            I remember reading Harry Potter in French (being a native English speaker) and reading jeter des sorts and thinking “jeter means throw and cast is just another way of saying throw in English and you cast spells and whoa…” My mind was blown. I had never thought about spells being “thrown” in English, like “cast” had a distinct meaning there.

                            1. 2

                              Haha incredible to see that even JKR can help us visualize concepts in our daily work!

                              Each time I think about throwing an error, I think about throwing something in the trash, like there’s something bad being thrown out.

                              1. 2

                                I’ve learnt so much English from learning other languages (Danish and Spanish in my case). You suddenly start seeing etymological connections everywhere.

                                I read Kidnapped by Robert Louis Stephenson a few years back and came across loads of old Scottish words I had never seen in an English book before, but recognised them all from Danish.

                                Also, I’m a big fan of Harry Potter as a language learning resource! Haven’t tackled Latin or ancient Greek yet though…

                            1. 3

                              Short answer:

                              Make sure it’s the USB logo that’s facing up

                              To me, this is clearly not enough. I have almost no usb ports that are horizontal when using them. Examples:

                              • Screens can have USB connectors in the back that are vertical.
                              • USB plugs can change orientation depending on which orientation they are plugged in.

                              Without even mentioning the ones that don’t respect the standard.

                              1. 5

                                ‘Up’ is a fairly flexible concept. It’s not up with respect to a particular gravitational field, it’s up with respect to the default orientation of some component. My NAS has the motherboad mounted vertically, but it’s on one side and so I just need to remember that ‘up’ from the perspective of the motherboard is towards the middle of the case. On my monitor (the most difficult one because I can’t see the ports at all) ‘up’ is towards the left edge of the monitor (for no reason that I understand).

                                Oh, and some cheap devices print the logo on the wrong side or don’t print it at all, just to annoy me.

                              1. 11

                                This could be painful for the BSDs. I doubt anybody wants to require rust in base.

                                1. 20

                                  Rust keeps growing, so it’s only going to get harder to ignore. The focus should be on what needs to be improved to have it in, rather than how to keep it away.

                                  1. 10

                                    It is not about ignorance and more about compatibility.

                                    “Such ecosystems come with incredible costs. For instance, rust cannot even compile itself on i386 at present time because it exhausts the address space.

                                    Consider me a skeptic – I think these compiler ecosystems face a grim bloaty future.”

                                    https://marc.info/?l=openbsd-misc&m=151233345723889

                                    1. 3

                                      I wasn’t implying. I was stating a fact. There has been no attempt to move the smallest parts of the ecosystem, to provide replacements for base POSIX utilities. As a general trend the only things being written in these new languages are new web-facing applications, quite often proprietory or customized to narrow roles. Not Unix parts.

                                      There may also be compatibility issues but, in 2017, that is a pretty ignorant thing to say about Rust when the uutils project had already existed for years. Or maybe Theo is simply sneering about GNU’s implementation of the POSIX utilities, which uutils attempts to emulate.

                                      edit: also, started in early 2017, redox-os’s BSD-compatible coreutils project.

                                      1. 3

                                        Theo buried the lede in the email. In 2017, it was his considered opinion that it was essentially impossible to include Rust in the OpenBSD base distribution because Rust couldn’t be compiled by base.

                                        It’s possible that in 2020, this situation has improved, which would mean that a necessary precondition to include Rust programs in OpenBSD base has been fulfilled. It still needs to be proven that replacing tried and true utilities written in C with ones written in Rust would result in meaningful improvements of the quality of the OpenBSD system as a whole.

                                        1. 4

                                          It may have improved for i386 (I don’t know) but there are additional platforms that OpenBSD needs to consider.

                                          Today there are platforms that use clang and some other platforms that can’t use clang and are stuck with the last gcc, but at least 99% of OpenBSD base is just C and so generally most things can compile with either clang or gcc. Bringing rust into base then escalates this “have” vs “have nots” situation and then you start to have “tier 1” (amd64, arm64, i386?) vs “tier2” (sparc64, macppc, etc). Maybe that is already happening though. I imagine NetBSD will be in a similar situation.

                                          1. 4

                                            You’re correct, I didn’t even consider the other architectures that OpenBSD supports.

                                            So to summarize

                                            1. Rust isn’t supported on all platforms
                                            2. Rust is too large and complicated to be compiled from source via OpenBSD’s base
                                            3. Rust offers dubious advantages for OpenBSD
                                            1. 1

                                              Rust offers dubious advantages for OpenBSD

                                              In the context of mesa or in OpenBSD using Rust internally?

                                              I think those are 2 different arguments. OpenBSD might not want to commit to using (or supporting) Rust, but it cannot decide if another project wants to use Rust for reasons they consider good.

                                              1. 1

                                                In the context of OpenBSD using Rust internally (as part of base).

                                            2. 3

                                              Hm, so in general, the whole thing would start with upstreaming an OpenBSD target and working with upstream to get it maintained and then getting support in for things they need. i386 is a hard case though, because LLVM support may be lacking (I have no assessment of that).

                                              The hard reality here is that all project need to find maintainers for those things and they are few and far between.

                                              On the Rust side in general, I’m happy to see that OpenBSD currently maintains their own patches. I tried to encourage OpenBSD folks I met to upstream, but have yet so see that happening. We’re generally happy to accept them given bandwidth and maintenance commitment (bandwidth is a regular issue, but we’re always working to improve that).

                                              https://github.com/openbsd/ports/tree/master/lang/rust/patches

                                              1. 1

                                                Speaking for illumos, for which support ought to appear natively in the next Rust stable release, upstreaming has been a generally pleasant experience. It all took way longer than I expected, at least in part due to the long pipeline from master to stable, but everybody with whom I interacted along the way has been polite and helpful!

                                                1. 2

                                                  Thanks for letting me know! BTW, this is the first time I got the pipeline from master to stable described as “long”, but I can understand where you are coming from!

                                                  I’m happy to hear that the interaction was pleasant. That’s a good baseline to get the contribution speed up!

                                          2. 1

                                            I think should understand the other aspects of it. Rust, at the time, not being able to compile on i386.

                                    1. 2

                                      Great article. Feels like a DBA working in a monitoring team!

                                      I really like the idea where you use something already present in the stack and makes it do more things to gain in incidence response.

                                      1. 1

                                        Thanks ;) Glad you liked it.

                                        Feels like a DBA working in a monitoring team!

                                        I am a DBA, but just one working with some flaky third party services…

                                      1. 4

                                        This video was VERY informative to me. I really loved to see the process of how this got tested and explained, and the conclusion is really interesting!

                                        1. 1

                                          Yes, I think it took a while to get going but I really enjoyed this video. I still don’t fully understand how the machine was able to cut away a part of the die, but watching it work was amazing!

                                        1. 4

                                          One thing spoke to me in this as someone who’s relearned Rust several times over the years as I’ve had the continual misfortune of projects using it catching the ax with a year or more between projects using it. My first Rust version was 0.11 and the last I consciously used was 1.26, I think. I’m starting on another project using it and a major dependency requires nightly, so that’s a new adventure for me who’s only ever used stable.

                                          In Kotlin, you write class Foo(val bar: Bar), and proceed with solving your business problem. In Rust, there are choices to be made, some important enough to have dedicated syntax.

                                          I feel this pain every time I delve back in. Last time, I had to dig into Rc for something for the first time and it has some unexpected gotchas. I don’t remember what they were now; this was 3 years ago.

                                          Perhaps I’ve been spoiled by using Ruby, Scala, and Java for most of my professional career. When I go look at Rust, I understand what’s in use but I’m not sure why it’s in use and how someone (re)learning might come across the correct tool. I love the Rust compiler’s helpful warning messages; does it suggest the more advanced memory management things like Arc and Box now?

                                          1. 2

                                            Perhaps I’ve been spoiled by using Ruby, Scala, and Java for most of my professional career. When I go look at Rust, I understand what’s in use but I’m not sure why it’s in use and how someone (re)learning might come across the correct tool. I love the Rust compiler’s helpful warning messages; does it suggest the more advanced memory management things like Arc and Box now?

                                            Each time that I fiddle in Rust, those are my biggest questions. I’d be happy to get linked to documentation/guides where I could learn how to make the best out of those.

                                            Most of the time I read either “easy, just use lifetime annotations everywhere” or “you don’t need lifetime because since 2018 …”.

                                            1. 2

                                              In Kotlin, you write class Foo(val bar: Bar), and proceed with solving your business problem. In Rust, there are choices to be made, some important enough to have dedicated syntax.

                                              This is exactly the point, though, right? It’s the same thing with C. You can just make the lazy choices if you want to just Get Shit Done when it doesn’t matter (in rust this means a lot of calling .clone()) or you can make the choices a compiler cannot make for you and get that control. Lots of GC’d languages with no knobs exist, and that’s great, but we didn’t need Yet Another of those, we have a lot. If Kotlin works for you, great! But if you want to have the control of the low-level and the performance it can sometimes give you, that’s why Rust. And if you love Rust enough to write purely high-level stuff in it where you use .clone() everywhere, that will also work.

                                              1. 1

                                                if you’re using rustup a nightly install / update is as easy as stable, cargo stuff is then cargo +nightly <build/foo>

                                                I feel your pain for the “time to MVP” stuff and prototyping around. On the other side I’m really glad I took some more time to prototype for some of my server side projects. Where in kotlin my classes feel like a bloaty dependency mess. And sometimes it can help to just use owned Strings and clone + unwrap your way to an MVP, leaving the performance optimization for later.

                                              1. 8

                                                As mentioned in the first line, this is a clickbait article, but the rest of the article is really cool.

                                                1. 4

                                                  Yes, indeed. I hesitated for a long time whether to change the autogenerated title or not, but I decided to keep the original.

                                                  1. 2

                                                    Should have changed it.

                                                    1. 1

                                                      Titles can be changed from the original if the meaning is unclear…

                                                1. 2

                                                  I found this post on the orange site, but I wanted to post here to ask if anyone understands what the author means by “functional programming” in relation to security vulnerabilities? I thought all his points were well made but I didn’t quite understand why he mentioned functional programming specifically.

                                                  1. 4

                                                    I assume you’re referring to these two sentences:

                                                    Potentially we will see a resurgence of “compile-to” functional programming with mainstream language targets to sidestep the issue. I suppose though that the extra build complexity and problems debugging will prevent this from ever being mainstream, not to mention that the vulnerability tools look for specific patterns and likely won’t behave well on generated code.

                                                    That seems pretty straightforward to me, although I’m not sure whether I agree. Hardcore functional programmers love to generate code for the more conventional “imperative” languages that they find distasteful to write in directly. Examples of “compile-to-JS” languages include PureScript, Reason ML, GHCJS, Elm, and many others. There are other target languages besides JS, but that’s the most popular target, because browsers.

                                                    The usual argument for a “compile-to” language is that you can generate more correct code by leveraging the source language semantics – mostly meaning type checkers, but a sophisticated type system can do an awful lot for correctness. The author’s concern seems to be “but what about target-level tooling and vulnerabilities”? Which, if substantiated, would undermine the argument. This is all pretty hand-wavy without some concrete examples to gawk at.

                                                    1. 1

                                                      I thought that this quote meant that, vulnerability checkers that analyses JS code to help code audits, would be less efficient on generated code, and at the same time, there would be no checker implemented yet for all those « compile to » languages.

                                                      For example, it’d be much harder to analyse generated JavaScript from ReasonML, and there would be no tool to analyse ReasonML.

                                                      Most of those tools, as far as I know, mostly flag code for review and find patterns that lead to vulnerabilities.

                                                      1. 1

                                                        Thank you for the explanation.

                                                      2. 3

                                                        I think functional programming is a red herring in this context. The arguments in the article work just as well if you substitute it for “relatively obscure programming languages”; it’s just that most “fun” relatively obscure languages happen to be functional.

                                                        On a broader note, we use vulnerability scanning tools on our dependencies at work with a Clojure codebase, and they are very nearly useless. Most of the reports are things like “the grpc dependency has a buffer overflow” which results from the Java grpc library we use getting mis-classified as the C implementation. Sometimes they find legitimate vulnerabilities in dependencies we do actually pull in but do not use. (looking at you, jackson databind!) I can count on one hand the number of legitimate potential problems they’ve caught. But none of those problems are Clojure-specific; you would see them with any JVM language.

                                                        Edit: note that “these tools do not work” is not intended as a refutation of the logic of the original post; I think their effectiveness has nothing to do with whether they will be rolled out and used in decision making processes.

                                                      1. 2

                                                        Loved it. I wonder how it’s possible to get this f-up while developing a remote control.

                                                        1. 4

                                                          So good to see new ideas in the desktop space!

                                                          1. 2

                                                            A grid of non-overlappable windows was a “feature” of MS Windows 1.0, back in 1985.

                                                            I can’t comment on what this shell looks like because, oddly, the page has no screenshots of it. Or is it supposed to and they just don’t load in my browser (Safari) for some reason?

                                                            1. 2

                                                              There’s a video that shows those features.

                                                              1. 1

                                                                I have the same issue. They load on the repo page though.

                                                            1. 16

                                                              I fully expect by 2027 that Windows will either be Open Source or will have swapped out the NT kernel for Linux, and Microsoft’s primary products will be cloud-based distributions of Office, a gaming-centric desktop operating system, the Xbox, SQL Server, and cloud services.

                                                              You heard it here first, folks.

                                                              1. 4

                                                                Microsoft’s primary products will be cloud-based distributions of Office

                                                                Isn’t this already the case with O365?

                                                                1. 2

                                                                  Right but my implication was that you wouldn’t even be able to buy standalone Office anymore. Maybe that’s already come to pass; I don’t keep tabs on that too much.

                                                                  1. 2

                                                                    Maybe that’s already come to pass

                                                                    Not yet; you can still buy standalone Office 2019 for both Windows and Mac. But yes they clearly are moving away from it. The product page introduces it somewhat condescendingly as a product for “customers who aren’t ready for the cloud”.

                                                                2. 2

                                                                  After hearing Brian Cantrill rant about the Linux kernel a billion times, something makes me wonder if we’re missing out by having the Linux kernel be the “winner” here, compared to some more featureful OS kernels.

                                                                  Granted he probably has many opinons on this

                                                                  1. 2

                                                                    I, for one, await the return of glorious Solaris and Solaris Zones

                                                                    1. 2

                                                                      Linux is generally more featureful than other options. That’s a result of thousands of people banging on it and adding the warts they want for their use cases.

                                                                      The downside is that it feels to me like Linux is built out of warts, glued together with workarounds. It’s not a fun codebase to interact with.

                                                                    2. 1

                                                                      I agree. It is clear that we will, at long last, win the war of Linux vs Windows - but we need to make sure that our victory is not a pyrrhic one.

                                                                      1. 13

                                                                        but we need to make sure that our victory is not a pyrrhic one.

                                                                        Too late!

                                                                        The massive footprint of FOSS code, and its centrality to the computing ecosystem as a whole, has arrived largely as a function of its utility to megacorp-scale business in service of utterly defeating the very things that made open code and software freedom attractive and vital propositions to so many of us in the first place. There’re few clearer examples of this than the general role of the Linux kernel and friends in the current software economy.

                                                                        We lost by winning, or won by losing, or however you want to frame it. At any rate, ca. 2020 the bad guys are in charge and the end user / subject of computational systems is in the general case basically fucked.

                                                                        1. 3

                                                                          I don’t know if the end user is any more fu$%^& by the corporations than in the 90s early 00s. We mostly won on the war on the code being readable and modifiable by anyone. We lost it on the system’s architecture and the data.

                                                                          But the main thing is that we as users let ourselves get fu%^&* by the corporations by not treating technology as a useful tool but more and more as an integral part of our lives.

                                                                        2. 8

                                                                          “Meet the new boss, same as the old boss”

                                                                          Some context to digest while you mash that unkind or troll flag button: I’ve used Linux, off and on, for 20 years or so now. I’ve never really used Windows, especially not professionally. At this point it’s been a few years since I’ve used MacOS, even at home, but that’s OK since I doubt I’ll ever go back. But at this point, I’d have to say that Linux is my Windows. I don’t use it because I love it, I use it because it works well enough, is very compatible with all the stuff I need to work with, and I’m already familiar with it. I’m much more fond of the BSDs, and even more enamored of relatively obscure and impractical systems like Genode or Haiku or Redox or even Oberon; things that I don’t really have time to play with at this point in my life. So that’s where I’m coming from.

                                                                          But even back when I was more zealous, framing the choice of OS as a “war” seemed wrong to me. There are so many different use cases, so many different needs, and the whole field is so young still. Why does it have to be winner-take-all? Why does it have to be a monoculture? Do all you opinionated expert technical people really desire that level of violence in pursuit of homogeneity, or is it just clumsy rhetoric wielded in ignorance of what war is really like?

                                                                          Now, I’d be the first to point out that “Linux” is hardly just one thing. There are so many distros and desktops and init systems and so on; even Android is Linux if you squint at it right. But the fact remains, the Linux kernel (and more broadly, POSIX) is a paved cowpath that’s become a fenced-off megahighway. It makes some choices fast and efficient while making others nearly impossible, or at least highly dangerous. It’s not a stream you can cross, and it is very much driven by its corporate sponsorship. It’s a big improvement over Windows or MacOS in that anyone can read the code, at least in theory. But the number of people in the world who can actually do anything significant with that seething mass of exceedingly complex “open source” systems software is vanishingly small, and the number of people who actually contribute even smaller. If we’re just talking about the kernel, it’s a tiny cadre of highly disciplined corporate engineers who live and die by a code of backwards compatibility. Is it a big improvement that instead of just one company developing the OS and its APIs, it’s a loose hegemony of mutually distrustful competitors? I don’t know. Maybe, but it sure enforces technological lock-in, and that’s not necessarily a good thing.

                                                                          In a networked world, compatibility should be driven by protocols and specs with independent implementations. What we have instead, too often, is arbitrary de-facto standards. Linux might be less of an offender than MS in this regard, but it’s still quite culpable. You won’t catch me cheering for the new boss.

                                                                          1. 9

                                                                            Linux doesn’t have >30 years of crushing opposing services and removing business threats.

                                                                            Microsoft has been practicing Embrace, Extend, Extinguish for over 30 years. It has been practicing Fear, Uncertainty, Doubt for over 30 years.

                                                                            In fact, they intended to do it in relation to Linux, as of the late 90s (As the Halloween Memos show

                                                                            In discussing ways of competing with open source, Document I suggests that one reason that open source projects had been able to enter the server market is the market’s use of standardized protocols. The document then suggests that this can be stopped by “extending these protocols and developing new protocols” and “de-commoditiz[ing] protocols & applications”.

                                                                            They also channeled large amounts of money to SCO in the hope that the copyright lawsuit would be won by them:

                                                                            The document describes, among other points, Microsoft’s channeling of $86 million (equivalent to $116 million in 2019) to SCO.

                                                                            For decades, they have deliberately hampered the market and new technologies to maintain an upper hand.

                                                                            I do not think anyone with the full history can consider The Linux Foundation to be “slightly less bad” than Microsoft

                                                                            1. 2

                                                                              That’s not my argument, though. My argument is, monocultures are bad. War is bad. The relative badness of Party A and Party B is irrelevant.

                                                                            2. 8

                                                                              While I agree with a lot of what you’ve said, I’d like to point out that for me personally its not been a war o as in “Linux is better, Windows should diaf”. For me it’s been about not rewarding the bully and the absolutely horrible behavior.

                                                                        1. 3

                                                                          I like those and are by far best than nothing. but I find they lack to highlight trade offs and the alternatives. Knowing why something was discarded or a branch of the decisions tree has been dropped is a good thing to keep around. I mean afaict those keep only the good nodes in the traversal.

                                                                          Imho the search for the optimal architecture of a system is a parameter optimization problem, and keeping all solution space and decision functions available helps to be less greedy and have a more holistic solution.

                                                                          1. 2

                                                                            I think this is solved in ADR with 2 mechanisms:

                                                                            1. You can have an ADR with several possible solutions, and therefore, you’d write in it the different options their pro/cons and finally decide on something.
                                                                            2. Even you decide not to have this selection process written in the ADR, you can still have ADRs that are proposed, and then a few days later refused with the ADR mentioning why. As long as you have a way to quickly sort the refused ones, that’s not too annoying.
                                                                          1. 9

                                                                            Really cool, thanks for sharing! Some unsolicited css feedback: there’s no margin on the left or right so it’s a bit hard to read on my phone..

                                                                            1. 2

                                                                              I had to take out my phone to figure out what the issue is so to spare others the effort:

                                                                              No margin means on screens with a bevel some of the letters fall of the edge. How did we manage to make our screens so stupid? Are websites now supposed to detect the screen size including what the shape is to make sure the content displays properly?

                                                                              1. 3

                                                                                No margin means on screens with a bevel some of the letters fall of the edge. How did we manage to make our screens so stupid? Are websites now supposed to detect the screen size including what the shape is to make sure the content displays properly?

                                                                                Text is always more readable with margins. Best example to me: Books also have margins, and you’d probably complain if there wasn’t.

                                                                                1. 1

                                                                                  Haha; thanks. I had it set to margin auto, which for some reason made me think it would just do the right thing–silly assumption to make, I know. Pushed out a fix.

                                                                                1. 21

                                                                                  Nothing particularly surprising here, but a good read. The lack of anything to show for in the blockchain sphere after 12 years except for Bitcoin itself (and even there it’s unclear to me whether that has proven itself, or is just hanging on fueled by money laundering and as support for the shitcoin investment fraud scene).

                                                                                  I agree with others that it seems barely on topic here. Certainly Stephen Diehl’s Haskell/Crypto criticism from a couple weeks back seemed far more relevant to the site, and that was moderated, presumably because it was deemed off-topic…

                                                                                  1. 9

                                                                                    I think the problem is you’re not aware of the developments coming out of the crypto space. Saying that there’s nothing to show for is incorrect, in my opinion.

                                                                                    1. 7

                                                                                      The original article makes that point pretty convincingly; you might want read it and argue against that, instead.

                                                                                      (Are you invested in the crypto space by any chance?)

                                                                                      1. 9

                                                                                        I come from a country that has experienced severe inflation and the consequences of incompetent politicians in control of the central bank. You bet I’m invested in the crypto space. You might be too sooner than you think.

                                                                                        1. 11

                                                                                          I come from a country that has experienced severe inflation and the consequences of incompetent politicians in control of the central bank.

                                                                                          So what developments in the crypto-space has solved this problem? (Referring your original post)

                                                                                          1. 7

                                                                                            Widespread adoption of a currency that can’t be controlled by any government solves this.

                                                                                            Bitcoin in theory solves this, but it’s not scalable, fees become expensive and the consensus algorithm based on PoW is subject to too much systemic risk in my opinion. Some people are concerned about the environmental harm that BTC mining may cause. Promising alternatives to Bitcoin exist that are much more scalable, clean and that seem fit for the purpose of p2p digital cash, however, these technologies need to be stress tested as they make fundamental changes to the traditional BTC protocol. In order to stress test them you need people to use them, but it’s so easy to create a new cryptocurrencies that now there are thousands of them. Many are scams. So legitimate projects need to compete for the trust and attention of people.

                                                                                            All this only pertains to those aiming at becoming p2p digital cash, which is my main area of interest, then you have smart contracts which are a whole other world. New developments are coming out all the time and it’s hard to keep up. Extremely interesting experiments and ideas get implemented all the time. You can rest assured that cryptocurrencies are here to stay. Buckle up!

                                                                                            1. 3

                                                                                              Which brings us full circle: These “better” digital currencies have been touted for 5, 10 years. If these truly were a viable improvement, a successful bitcoin successor could be expected to have emerged, with all the effort that’s been going into the field. By now it seems reasonable to suspect that there’s nothing viable there, and the research busywork machine is just kept rolling (consciously or not) because of the investment fraud incentives.

                                                                                              1. 3

                                                                                                There ar successful Bitcoin successors, see Monero and the like. Maybe not as successful as anyone would like, but it doesn’t stop them being viable replacements.

                                                                                                1. 1

                                                                                                  Well, we’ll see how things pan out.

                                                                                            2. 10

                                                                                              You can’t solve a social/political problems with technical solutions.

                                                                                              Incompetent politicians will just make cryptocurrencies illegal if the adoption is ever high. They will blame pedo-rings, money laundering, terrorism, drug dealers etc.

                                                                                              Technically competent people need to stop thinking the technological space exists in a separate plane from the rest of humanity.

                                                                                              1. 3

                                                                                                Only because something is made illegal it doesn’t mean that people will comply.

                                                                                                1. 4

                                                                                                  If this is your solution, then why even have crypto-currency? Just don’t comply with the central bank’s monopoly on the money supply.

                                                                                                  1. 1

                                                                                                    In most places it hasn’t gotten bad enough yet for the opportunity costs to be too high not to use them.

                                                                                                    1. 1

                                                                                                      So the people are not willing to not comply now but they will start not complying once the crypto new world order is implemented?

                                                                                                      1. 1

                                                                                                        I had a long answer to your question but my browser crashed. People will do what is best for them. Cryptocurrencies are not immoral and people around the world are starting to adopt them. If this continues and good results are shown, it’d be hard for a liberal (in the freedom, not political sense) government to forbid their use by people. There’s a good case to make that the USD’s time as a reserve currency is coming to an end. Something else will have to take its place.

                                                                                                        I recommend you watch this very short video: https://youtu.be/1tHO3cylCRM

                                                                                                        1. 2

                                                                                                          There’s a good case to make that the USD’s time as a reserve currency is coming to an end.

                                                                                                          This was said 10 years ago.

                                                                                                          At the end of the day, no cryptocurrency is backed by 10 aircraft carriers, 1000s nukes and millions of people willing too die to keep it afloat.

                                                                                                          If this continues and good results are shown, it’d be hard for a liberal (in the freedom, not political sense) government to forbid their use by people.

                                                                                                          It would be very easy. Governments have banned private currency before i.e. liberty dollar. The ability to control the money supply is fundamental to a nation’s sovereignty.

                                                                                                          Also note that nobody will use a currency that fluctuates in value by 10% daily seriously. That is simply not workable.

                                                                                                          1. 1

                                                                                                            This was said 10 years ago.

                                                                                                            Things change my friend. The dynamics of central banking are structured so that politicians have an incentive to print money in order to make the constituency happy in the short-term, with dire consequences. To see how things have changed, just check this out: https://www.federalreserve.gov/monetarypolicy/bst_recenttrends.htm.

                                                                                                            Regarding cryptocurrency, 10 years ago all we had was a whitepaper and an initial implementation. Now you have a whole new asset class, a field full with people working on new projects and ideas. Give it more time.

                                                                                                            At the end of the day, no cryptocurrency is backed by 10 aircraft carriers, 1000s nukes and millions of people willing too die to keep it afloat.

                                                                                                            None of this matters when you have the central bank controlling that currency printing it without proper regard to monetary phenomena. If people see their money being devalued, they’ll start using something else. It’s as simple as that, even if you try to coerce them not to, they’ll do it. Take my word for this, because I’ve seen it many times.

                                                                                                            It would be very easy. Governments have banned private currency before i.e. liberty dollar. The ability to control the money supply is fundamental to a nation’s sovereignty.

                                                                                                            This is false. Nations were sovereign before central banks. The problem is that governments like to have power and they get tons of it through controlling the currency. This has to stop, and it’ll stop eventually.

                                                                                                            Also note that nobody will use a currency that fluctuates in value by 10% daily seriously. That is simply not workable.

                                                                                                            They will if the volatility is better than the impact of holding a devaluing currency is lessened. Also this problem will solve itself once it gains wider adoption. Volatility is caused by a small market cap. People still speculate on fiat money (forex) and even the USD can be subject to quick losses of value. Just look at the USD’s worth over this year, it’s going to shit.

                                                                                              2. 3

                                                                                                A fair question is: could something apart from a blockchain-based solution work? Some kind of gold or its facsimile?

                                                                                                And out of curiosity: how ok are these crappy governments with their crappy central banks with the use of crypto cash? Is it widespread enough to matter to the government?

                                                                                                The EU has put in enough regulation to make it for traditional intents and purposes illegal, unless you do bureaucracy, when it becomes (by my understanding) more trustworthy when dealing on exchanges.

                                                                                                Sometimes bitcoin feels like the most overkill solution imaginable, especially now that the “fun” has been sucked out of it; you file it in your taxes or you’re a criminal.

                                                                                                1. 3

                                                                                                  A fair question is: could something apart from a blockchain-based solution work? Some kind of gold or its facsimile?

                                                                                                  Well, we already used gold as currency before and then central banks were established, probably by a combination of reasonable arguments and force. Why go back to something we had before? Gold is not so easy to handle.

                                                                                                  And out of curiosity: how ok are these crappy governments with their crappy central banks with the use of crypto cash? Is it widespread enough to matter to the government?

                                                                                                  I invite you to discover your independence and your right as an individual to transact with your fellow men and women in whatever means you desire. If anyone tries to coerce you to do otherwise, fight back.

                                                                                                  The EU has put in enough regulation to make it for traditional intents and purposes illegal, unless you do bureaucracy, when it becomes (by my understanding) more trustworthy when dealing on exchanges.

                                                                                                  Regulation can change.

                                                                                                  Sometimes bitcoin feels like the most overkill solution imaginable, especially now that the “fun” has been sucked out of it; you file it in your taxes or you’re a criminal.

                                                                                                  BTC is a dinosaur. It’s the original cryptocurrency and much is owed to it. But I personally would like it to be less relevant and let new projects get tested in the world arena. Cryptocurrency is software. Software changes and evolves/

                                                                                                2. 2

                                                                                                  With all due respect, cryptocurrencies are not exactly well known for their stability.

                                                                                                  An unregulated currency used mostly by speculators and subject to price manipulation is not what I regard as a suitable replacement for fiat.

                                                                                                  1. 2

                                                                                                    Well, we’ll see how things pan out.

                                                                                                  2. 3

                                                                                                    Companies that are using blockchain technology for their services aren’t always advertising it. Even if you could question the use of blockchain in some projects, it doesn’t change the fact that, as in any other technology choices like nosql vs sql, some people pick blockchain for reasons that are legit or perceived to be.

                                                                                                    1. 10

                                                                                                      “Companies picking blockchain” generally means someone gave a fat stack of cash to consultants who know what a merkle tree is. This is useful, but it’s not new or interesting in any way. Calling that “blockchain” is just riding the hype from public trustless cryptocurrencies, which are actually infamous for burning massive amounts of power to fuel extortion/ransomware, all kinds of fraud, and speculation.

                                                                                                    2. 2

                                                                                                      Do you hold any fiat currency investments, savings or pensions?

                                                                                                      Might that bias you against crypto mayhaps?

                                                                                                      ;-)

                                                                                                  3. 4

                                                                                                    The classic Nick Weaver talk is still the best general criticism.

                                                                                                    1. 1

                                                                                                      Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.

                                                                                                    1. 5

                                                                                                      I can see many many use cases where a third party is expensive and not required by law, and where parties want a distributed record of things that has strong guarantees on non-repudiation and verifications.

                                                                                                      Many use cases are simply dumb, but that doesn’t mean the core ideas is dumb and useless.

                                                                                                      1. 6

                                                                                                        That’s the “almost nothing” part of the article.

                                                                                                        It’s easy to get nerd-sniped by the cleverness of the solution to a seemingly-impossible problem of a truly trustless ledger, but lots of real-world problems don’t really require that. As soon as you can place a little bit of trust in some party, everything becomes much much simpler.

                                                                                                        And as the article mentions, blockchain’s lack of trust and centralization is more of a theoretical property than a practical one. In practice the blockchain is a database managed by a few people with the cheapest electricity. In the end it all holds together due to economic incentives.

                                                                                                      1. 17

                                                                                                        FWIW, this blog post is not saying “Rust does not have a stable ABI”, it’s more of a response to it.

                                                                                                        1. 6

                                                                                                          This is where I think sometimes the post headline should be amended…

                                                                                                          Very interesting post.

                                                                                                        1. 1

                                                                                                          You might be tempted to reinvent the wheel rather than contributing to an existing project. When does it become interesting to contribute?

                                                                                                          1. 7

                                                                                                            I’ve heard several people say that they won’t start a business if the idea is taken. But if one person earns money with a hotdog stand, it does not make it a bad idea to start another?

                                                                                                            Similarly, there is ample room for multiple open source projects. Having several types of one application can be a strength, since over time, one of them may become the most useful or popular one.

                                                                                                            I believe there is always room for not only innovation, but also twists on existing ideas.

                                                                                                            If there ever is to be a better wheel, people should allow themselves to experiment with wheel reinventions.

                                                                                                            1. 2

                                                                                                              I think it boils down to 2 things:

                                                                                                              1. There’s no way competition isn’t accepted. Even gmail has competition. As long as you can take a slice of the market that is enough for you, you’re good to go.

                                                                                                              2. There’s actually very little chance your value proposition is 100% the same as your said competition. You might be offering a very similar service, but not targeting the same population, or having a slightly different set of features, or even different Terms and Conditions.

                                                                                                              This, as you point out, applied to open source is actually even better, because most people aren’t reaching for a market, they do what they thinks is best and the barrier of entry is very low.

                                                                                                              In open source, I like to believe it’s no competition, it’s challenging peer projects :)

                                                                                                            2. 5

                                                                                                              When reinventing the wheel is too difficult and would take ages.

                                                                                                              I was excited to reinvent my own Wayland compositor, spent some time writing Rust bindings to libweston, got a little demo working, realized that I would probably never get to something full-featured with all the bells and whistles, and went on to discover Wayfire and join its development :)