-
I have a half-formed idea in my head, based on reading this and a lot of other things, so I might as well post:
You can’t run a society with only nice people. Not that you need to be not-nice to run a society, although that might also be the case, but that there’s no consistent set of nice people in the world, both as society changes and what was nice becomes not-nice and vice-versa, and, more importantly, as people exist and are people and bounce off each other and leave bruises in that bouncing. Nobody’s perceived as nice all the time, regardless of their intentions, and the Fundamental Attribution Error (“I did that because I had a bad day, they did that because they’re fundamentally shitty people we must now shun forever.”) fundamentally guarantees that good faith will not always be assumed.
You might be able to hold organizations to higher standards, if you realize that organizations don’t have morals, they have interests, which might not always align with yours. Not understanding that leads you into errors like thinking the ACLU is fundamentally opposed to Christians: They’ve defended Christians in the past, and will do so in the future, but they’ve also not taken the side of Christians. The ACLU’s stance is very consistent, but if you view the world in terms of Christian/Anti-Christian or Nice/Not-Nice or any other single axis, and won’t budge, it seems either random or evil.
All the echo chambers are open. The center cannot hold, and mere Not-Niceness is loosed upon the world.
-
-
Painting in broad strokes and without acknowledgment of context and history is not a good way to have a conversation.
-
-
-
I disagree, because that will only lead to a morass of incompatible software. You refuse for your software to be run by law enforcement, he refuses for his software to be run by drug dealers, I refuse for my software to be run by Yankees — where does it all end?
It’s a profoundly illiberal attitude, and the end result will be that everyone would have to build his own software stack from scratch.
-
-
“It’s a great way to make sure proprietary software is always well funded and had congress/parliment in their corner.” (TaylorSpokeApe)
-
-
I don’t buy the slippery slope argument. There are published codes of ethics for professional software people by e.g. the BCS or ACM, that may make good templates of what constitutes ethical activity within which to use software.
But by all means, if you want to give stuff to the drug dealing Yankee cop when someone else refuses to, please do so.
-
Using one of those codes would be one angle to go for ethical consensus, but precisely because they’re attempts at ethical consensus in fairly broad populations, they mostly don’t do what many of the people wanting restrictions on types of usage would want. One of the more common desires for field-of-usage restriction is, basically, “ban the US/UK military from using my stuff”. But the ACM/BCS ethics codes, and perhaps even more their bodies’ enforcement practices, are pretty much designed so that US/UK military / DARPA / CDE activity doesn’t violate them, since it would be impossible to get broad enough consensus to pass an ACM code of ethics that banned DARPA activity (which funds many ACM members’ work).
It seems even worse if you want an international software license. Even given the ACM or BCS text as written, you would get completely different answers about what violates it or doesn’t, if you went to five different countries with different cultures and legal traditions. The ACM code, at least, has a specific enforcement mechanism defined, which includes mainly US-based people. Is that a viable basis for a worldwide license, Americans deciding on ethics for everyone else? Or do you take the text excluding the enforcement mechanism, and let each country decide what things violate the text as written or not? Then you get very different answers in different places. Do we need some kind of international ethics court under UN auspices instead, to come up with a global verdict?
-
-
-
-
-
When you’re posting information publicly in a social network, the trust of your server operator, besides moderation tasks, is really just tantamount to “person I know who will serve my information to others, and others to me.” And when the biggest issues are to cut costs of usage (utilize existing web server infrastructure) and interaction (delegating what would otherwise be massively time-consuming fully distributed self-moderation to operator-led moderation) the best course of action then is to essentially create a system of public forums that can exchange information between one another. And since these are the actual concerns of most users, I don’t really think these users would see much of a reason to fragment their social spaces further.
On a public social network, distributed or centralized, can’t anyone who’s spent enough time scraping trivially derive social graphs? Didn’t a lot of users migrate to Mastodon because they considered the ability of instances to block instances they’d prefer to not interact with desirable?
-
-
Since the last thread I sold my Ergodox. It was just too large for me, and when I mouse I often use my left hand to type on the right side of the keyboard.
I replaced it with an OLKB Planck also with mx browns. It’s a small columnar keyboard running the versatile and well-documented qmk firmware. I still use the Norman Layout mapped like this. I’ve set the modifiers (shift/ctrl/alt/super/raise/lower - last are the color-coded up/down arrows) to be one-shot keys because I found my most common typo was holding them a just a hair too long (though that had a bug along the way).
I think a Let’s Split with qmk would be an improvement over the Planck. Unless I’m careful about posture, I find my wrists unhappy about being turned out after an hour or two. Fingers crossed there’s a group buy for a kit soon (from someone other than Massdrop; they badly mishandled the Planck run).
-
Let’s Split’s are actually stocked now by online stores since they’re so inexpensive to produce. Last I checked I saw a different store months ago but just with a cursory search I see this one’s stocking them currently. From personal experience the more expensive part of building a let’s split would likely be the plate if you care to have a metal one. I haven’t found anyone stocking plates for this configuration (even though it’s relatively simple and now kind of common) and group buys that include a laser cutting service are rare. I paid $80 (!!!!) through like lasergist or something for the stainless steel plates on a full let’s split, and deciding whether or not to press buy was like a kick in the gut…
EDIT: like I said if you don’t care about a metal plate specifically, you should be able to procure an acrylic plate sandwich set fairly easy and inexpensively. The website I linked actually sells them.
-
-
technomancy’s atreus, handwired. Will build another one and a split atreus too.
-
I’m working on a weird prototype to turn my Atreus into a pi-powered laptop with a shoulder strap: https://www.flickr.com/photos/technomancy/tags/atreusdeck
Turns out powering a Pi with a battery is harder than you’d think.
-
-
About 15 minutes with the battery I’m currently using and a Pi 2. (The Pi 3 draws like twice as much current.)
Needs a lot of work.
-
-
I ended up ditching the Pi because the battery and screen stuff was just too fiddly for a mobile device. My most recent prototype uses an Android device instead. The battery setup is much simpler, and the screen is much higher resolution. I’ve been using it with Termux as an SSH client, and it works pretty well for that; much better than I was expecting.
-
-
You can type while standing, but it’s more that you can easily move around from one sitting position to another and easily take it with you.
-
-
-
-
-
-
-
-
-
-
- Gon’s NerD 60 (+bluetooth, Sentraq steel plate) with 35g lubed Milk Gats and /dev/tty caps on an acrylic case
- Let’s Split (custom order laser cut steel plate) with lubed Matias Quiet Clicks (+62g Zealio for a Jelly Key Pink Oasis escape key) and original AEKII caps on a custom wood case
The Gon’s keyboard uses his firmware to program the keyboard but I’ve left it working about the way he set it out of the box. The Let’s Split still needs some kinks worked out (halves won’t mate, I’m going to try a fresh pair of Pro Micros since they’re so cheap) but it runs off of a custom QMK configuration of mine (based off the existing let’s split configuration but not left was much of it after I was done writing mine) that gets flashed onto the Pro Micro that I soldered onto each board.
-
trousers
1 month ago
|
link
| on:
Lennart Poettering explains why "binary logs" isn't a big problem in systemd (2014)
Given how many times over the years I had journald completely hose itself and freeze apps running on production systems [1] , I don’t find his arguments exceptionally compelling. Far more problems with journald/journalctl than I ever did with various syslog implementations. Yes you can still install syslog, but journald still gets the logs first, and then forwards/duplicates the data to syslog.
Maybe journald is better now? Been a couple of years since I had to deal with it on high volume log systems. At the time we ended up using a program wrapper (something similar to logexec) that sent the logs directly to syslog, and avoided systemd/journald log handling entirely.
[1]: app outputting some log data, journald stops accepting app output, app stdout buffer fills, app freezes blocking on write to stdout
-
-
Maybe our idea of the “web” is what’s too small! Web Assembly is more than appropriately named in my opinion for how well it works for the transfer and immediate evaluation of procedures over networks, but the imagination of many for the idea of the web is lost beyond the horizon of their web browser. There’s a lot of our thinking that could use a bit of Imagination Fuel
-
I’m very much on that team. I’m giving a full conference talk about it in Barcelona next week. Different framing work well for different people, so I picked this one for this post, as I wanted it to be short, and this framing is shorter.
-
-
-
Friday: https://jscamp.tech/schedule/
It says TBD but it’s a wasm talk.
-
-
I believe so! I’d like it to be; the last time I gave this talk it wasn’t recorded.
-
-
-
-
-
Yeah I think we browsers have become too big, monolithic, and homogeneous. I would like to see more diversity in web clients. Those clients could use WebAssembly outside the context of the browser.
The browser has a very specific and brittle set of security policies, and WebAssembly doesn’t change that. It will inherit the same problems that JavaScript has.
-
Sort of! You know, at parse time, every function a wasm program could call. This is extremely useful in a security context.
-
-
Imagination Fuel
Love It. The captures a lot of meetings I have been trying to have with folks at work. They are thinking low level performance fixes for things, while necessary, they are having a huge problem jumping up a couple abstraction levels and thinking transformatively.
-
-
I have been thinking similar thoughts since I read this article.
Why would you use WebAssembly? There are various similar technologies. For example, the JVM certainly has a more mature ecosystem.
Some have compared WebAssembly to Java applets; in some ways, they’re very right, but in some ways, they’re very wrong. Eventually I’ll write a post about the wrong
I’m waiting for that post.
-
From following the development of the wasm standard, one of its greatest strengths over using existing “virtual machine bytecode”s would be a focus on compressibility and fast parsing+type checking+JIT transformation. These design constraints weren’t really primary or even secondary concerns in the development of those existing bytecodes, which started more as an intermediate step in the black box of a compiler
-
-
No, it’s vector multiplication in disguise as a markov chain.
-
That seems like a category mistake the me, whereas the title of the article doesn’t.
A Markov chain may be a specific pattern of vector multiplications, but that pattern makes all the difference. Markov chains and vector multiplications are on a different level. On the other hand ‘deep learning’ and ‘Markov chain’ are terms for alternative patterns of vector multiplications, one a lot more involved than the other.
-
There’s a video on YT somewhere of a talk by a physicist (IIRC) on why deep learning is so ridiculously effective - it pretty much boils down to the same reason that mathematics is so unreasonably effective in describing physical systems in general, i.e. (handwaving extremely wildly from memory) that physical systems tend to be simple functions of their inputs (albeit with many, many inputs!) where causality is preserved. This is what makes it possible for RNNs and the like to approximate physical systems in various ways, because the nature of said physical systems is exactly what permits approximations of the information content of the system to be at least partially valid instead of being a total loss.
(I tried to find the video, but there are too many terrible ones on the same topic these days. I’ll have another look later.)
-
-
-
-
He assumes that machine learning will not also change mathematics. This is baseless.
-
-
God these people are unbearable. It’s like reading the exchanges of children in a playground.
-
-
-
-
-
-
-
I think there may be a misunderstanding here.
I created almost all of the 9front propaganda. I’m not a Nazi, racist, sexist, homophobe, or antisemitic. Most of it is intended to deflate the pomposity of authority, particularly with regards to the software industry. Much of it is self-deprecating (example: http://9front.org/img/9frontsystem03.png). None of it is intended to promote fascist, racist, sexist, or any other form of discriminatory ideology, except where it comes to discriminating between quality and trash software.
Anecdote: One time a guy quoted Monty Python in the body of a message critical of 9front’s use of images of politicians, explaining that it’s never okay to make fun of Nazis because someone may think that you’re promoting them. While his advice seems in retrospect to be prophetic, it still confused me because Monty Python made a career of mocking Nazis.
I realize nobody cares about facts.
-
-
-
-
-
-
-
-
-
It’s also developer-friendly because of its excellent wiki.
I learned Linux doing everything by hand on a Slackware system, then moved to Ubuntu after ~8 years when I realized I’d stopped learning new things. Then a couple years ago I realized I didn’t understand how a bunch of things worked anymore (systemd, pulseaudio, Xorg, more). I looked at various distros and went with Arch because its wiki had helped me almost every time I’d had an issue.
Speaking of distros, I’m currently learning Nix and NixOS. It’s very nice so far. If I can learn to build packages I’ll probably replace lobsters-ansible with it (the recent issues/PRs/commits tell a tale of my escalating frustration at design limitations). Maybe also my personal laptop: I can experiment first with using nix to try xmonad first because it’s mostly configured by editing + recompiling) and deal with python packaging, which has never worked for me, then move completely to NixOS if that goes well.
-
-
The Arch wiki actually seems to be the only good documentation for using the advanced functionality of newer freedesktop components like pulseaudio, or much older software like Xorg.
But I’ve noticed it’s documentation for enterprise software like ZFS is usually hot garbage. Not surprising given the community. The recommendations are frequently hokey nonsense: imaginary micro-optimizations or blatantly incorrect feature descriptions.
What do you find better about nix for making packages than, say, making an rpm or deb? I’ve found those package systems valuable for large scale application deployment. Capistrano has also been nice for smaller scale, with its ability to deploy directly from a repo and roll back deployments with a simple symlink swap. And integration libraries are usually small enough that I’m comfortable just importing the source into my project and customizing them, which relieves so many minor tooling frustrations overall.
Of course in the end the best deployment system is the one you’ll actually use, so if you’re excited about packaging and deploying with nix, and will thus devote more time and energy to getting it just right, then that’s de facto the best option.
-
What do you find better about nix for making packages than, say, making an rpm or deb?
I don’t, yet. The “If I can learn to build packages” sentence links to an issue I’ve filed. I was unable to learn how to do so from the official documentation. I’ve almost exclusively been working in languages (PHP, Python, Ruby, JavaScript) that rpm/deb have not had good support for, prompting those languages to each implement their own package management systems that interface poorly or not at all with system packaging.
I’ve used Capistrano, Chef, Puppet, and currently use Ansible for deployment. Capistrano and Ansible at least try to be small and don’t have a pretensions to being something other than an imperative scripting tool, but I’ve seen all of them break servers on deployment, let servers drift out of sync with the config, or fail to be able to produce new deployments that match the existing one. Nix/NixOS/NixOps approach the problem from a different direction; it looks like they started from what the idea of system configuration is instead of scripting the manual steps of maintaining one. Unfortunately nix replicates the misfeature of templating config files and providing its own config file on top of them instead of checking complete config files into a repo. Hopefully this won’t be too bad in practice, though it’s not a good sign that they implemented a programming language.
I appreciate your closing sentiment, but I’m not really trying to reach new heights of system configuration. I’m trying to avoid losing time to misconfiguration caused by services that fundamentally misunderstand the problem, leading to booby traps in common usage. I see almost all of my experience with packaging + deployment tools as a loss to be minimized in the hopes that they waste less time than hand-managing the global variables of public mutable state that is a running server.
-
Hmmm. I don’t think the problems you listed are 100% avoidable with any tool, just easier in some rather than others.
I like Puppet and Capistrano well enough. But I also think packaging a Rails application as a pre-built system package is definitely the way to go, with all gems installed and assets compiled at build time. That at least makes the app deployment reproducible, though it does nothing for things like database migrations.
-
-
What do you find better about nix for making packages than, say, making an rpm or deb?
Let me show you a minimal nix package:
pkgs.writeScriptBin "greeter" "echo Hello $1!"Et voila! You have a fine nix package of a utility called
greeterthat you can let other nix packages depend on, install to your environment as a user or make available innix-shell. Here’s a function that returns a package:greeting: pkgs.writeScriptBin "greeter" "echo ${greeting} $1!"What you have here is a lambda expression, that accepts something that you can splice into a string and returns a package! Nix packages in
nixpkgsare typically functions, and they offer an a great amount of customizability without much effort (for both the author and the user).At work, we build, package and deploy with nix (on the cloud and on premises), and we probably have ~1000 nix packages of our own. Nobody is counting though, since writing packages doesn’t feel like a thing you do with nix. Do you count the number of curly braces in your code, for instance? If you’re used to purely functional programming,
nixis very natural and expressive. So much so that you could actually write your application in the language if it’s IO system were designed for it.It also helps a lot that nix can seamlessly be installed on any Linux distro (and macOS) without getting in the way of its host.
-
-
-
If I can learn to build packages I’ll probably replace lobsters-ansible with it
Exactly. I don’t have much experience with Nix (none, actually). But in theory it seems like it can be a really nice OS-level replacement for tools like Ansible, SaltStack, etc.
-
This is exactly what NixOps does! See here.
-
Thanks for the video. I’ll watch it over the weekend!
Curious - are you also running NixOS on your personal machine(s)? I’ve been running Arch for a long time now but considering switching to Nix just because it makes so much more sense. But the Arch documentation and the amount of packages available (if you count the AUR in) is something that’s difficult to leave.
-
Yes, I’m using it on my personal machine :). I wouldn’t recommend switching to NixOS all at once, what worked for me was to install the Nix package manager, use it for package management and creating development environments, and then only switch once I was fully convinced that NixOS could do everything I wanted from my Ubuntu install. This took me about a year, even with me using it for everything at work. Another approach would be to get a separate laptop and put NixOS on that to see how you like it.
-
Interesting. I’ll try it out for some time on a VM to get a hang of it. Thanks for the info!
-
-
-
-
-
Even as a Ubuntu user, I’ve frequently found the detailed documentation on the Arch wiki really helpful.
-
I really want to use Nix but I tried installing it last month and it doesn’t seem to have great support for Wayland yet which is a deal breaker for me as I use multiple HiDPI screens and Wayland makes that experience much better. Anyone managed to get Nix working with Wayland?
-
Arch’s wiki explaining how to do everything piecemeal really seems strange given its philosophy is assuming their users should be able to meaningfully help fix whatever problems cause their system to self-destruct on upgrade. It’s obviously appreciated, but still…confusing, given how many Arch users I’ve met who know nothing about their system except what the wiki’s told them.
-
-
I’m happy to help if I can! I’m on the DevOps team at work, where use it extensively, and I did a presentation demonstrating usage at linux.conf.au this year. All my Linux laptops run NixOS and I’m very happy with it as an operating system. My configuration lives here.
-
-
I made a small change to the example to get it to build, and I’ve added it as a comment to your issue.
-
-
-
-
a toy type system, hopefully getting things solved to get back on track with college and life after a hard couple months
-
-
This. I have a good amount of experience writing C code and maintaining larger C applications, and C can be a real pain to deal with. Not to mention that it exposes a whole host of nasty security vulnerabilities. Finally, it seems a bit too low-level for these kinds of applications. I’m very confused by the choice of C here.
-
I’m guessing it’s because C is the main API for SQLite? I do I agree that C is an interesting choice here, maybe something more like Lua?
-
-
-
you can pledge your way out of it,
You can’t. Their kernel and firmware still processes network-facing data. It might still do damage. How much is an unknown until the setup gets the kind of rigorous pentesting we see on Windows, Chrome, the SFI schemes, and recently x86 CPU’s. It does have a nice security by obscurity benefit on top of methods that provably increase work for attackers.
-
-
There’s no string manipulation in HTTP servers, right?
Right?
-
-
hopefully this will get a bunch of FOSS projects off github. they should never have been on there in the first place.
-
-
I used to host everything on Gitorious. It was around since slightly before GitHub, but then got aquired by GitLab and shut down. It looks like everything was migrated over to GitLab some time later, but by then I was happily self-hosting bare clones with a static file server.
-
-
-
Who are you to tell open source maintainers where they “should” be?
If you believe it’s important that open source projects need to use open source tools, you need to start by making the open source tools great, not by lecturing people for using effective tooling to advance their projects.
-
maintainers of free software should use free tools to support the free software ecosystem, and so that others don’t have to give away their freedom in order to participate. you seem to be implying that the only valid criterion for using a tool is how “effective” it is in the short term; i don’t agree with that.
-
-
-
-
This link is more useful: https://blog.twitter.com/official/en_us/topics/company/2018/keeping-your-account-secure.html
By all accounts, Twitter did the right thing here. They’ve owned up to it are advising people to change their passwords. They seem pretty open about the whole thing so far. This looks like an “honest bug.”
@tptacek even agrees with Dan Kaminsky about it: https://twitter.com/tqbf/status/992202949018431491
-
I mean sure lets say it’s an honest bug. How was this even a possible bug?
-
lots of frameworks will go ahead and log the entire request params hash by default, and while many will automatically filter fields with “password” in the name, not all do! Who knows if this is it, but there are certainly a bunch of ways with infinite middleware layers, dozens of intermediary proxies handling request data, etc.
-
-
I hope that they provide some insight into that.
-
-
-
This was a neat experiment by DARPA with a quick summary here. The site with the games is here. I couldn’t play them for some reason the few times I tried. kel has motivated me to try again to fire up some games in the name of secure software. :)
They’re not working. CPU fan is. (sighs) Screw it. Still cool paper and project. Least there’s a YouTube channel so we can try to see footage of the games. Found a video of this game. Enjoy! :)
-
-
-
Tell me about it lol. I just semi-revived my old laptop in case a mix of CPU-heavy dev tools and web pages kills my current one prematurely. I wish I was joking but I think a Celeron with fan raging on web pages whose games aren’t running just isnt sustainable. ;)
-
-
This doesn’t feel like a review as much as if feels like Intel bashing and AMD advertising. I’d like to see more data from actually using the device.
Everything in this article could be assumed from just reading the specs, I think.
when clicking through to the pages after the first, there are benchmark results: https://www.phoronix.com/scan.php?page=article&item=amd-linux-2990wx&num=4
Ooooh, that makes more sense… Not sure if that doesn’t show up on mobile or if maybe I thought it was links to comments?
Apparently not, considering that the same CPU has a 50% performance penalty on Windows.
Well, that’s a strawman if I’ve ever seen one.
This is a problem with posting product reviews (read: hardware news, which is news) here.
As someone writing an article, I guess it’s difficult to know where to stop the details or not as well. Like, that’s probably a difficult line to draw? Either way, though, I think there’s probably an easy way to tell that I just don’t 100% know how to explain objectively.