1. 4

    It is very nice that people are trying to compare imperative and functional languages under measurements that mostly people are interested: lines of code and performance.

    I just skimmed through the text and found some downsides, namely:

    • use of infinite list comprehension to replace a loop mutating three variables. Given that a list is a linked list, I tend to believe they’re comparing algorithms with different orders ( O(1) vs. O(n) ), although GHC possibly optimises it;
    • they do not provide the source code of the programs.

    Still, I’m glad to see an effort to compare the implementations from a “standard programmer”.

    1. 1

      It isn’t a problem if the structure has O(n) random access if you don’t access it randomly, i.e. recursion over a linked list is the same as looping.

      1. 1

        Yeah I couldn’t tell how they implemented the haskell algorithms, so it was hard to deduce if the haskell was slower due to using improper constructs or not. It can be really easy to make things slow in haskell if you don’t understand the transformations behind things. Also hard to tell why its slow without a dump of the assembly.

        I’m not a fan of papers that don’t provide source, doesn’t make any findings all that useful. Just looks like a filler paper if I can’t poke around.

      1. 13

        There’s two really nice things here:

        1. The “number of versions” is a fantastic metric and Microsoft Research observed something similar spending a little more time on this point. If you’re changing a module many times, perhaps you (the programmer) don’t know what it is supposed to do?
        2. The “size” is another good metric, but I think the authors don’t go far enough: Lines of code and number of statements are nowhere near as good as “source code bytes”. Arthur is supposed to have said only a short program has any chance of being correct, but really it’s scrolling that is getting you into trouble: When data is produced and consumed out of view of each other you literally cannot see the opportunity for the bug.

        But maybe something not so nice: testing has a negative correlation with defects, but not very much. This is consistent with a lot of other empirical examinations on the subject that had a lot less data, but it still sounds bonkers. People who swear by test driven development know it’s helping them write better code, but the numbers don’t lie, so what is it?

        My theory is that when you tell someone they need to write tests, they write crappy tests, but if they want to write tests even when they’re not required, then it’s because they want a second way to look at their problem and understand it better. And that’s what we’re striving for.

        1. 4

          when you tell someone they need to write tests, they write crappy tests, but if they want to write tests even when they’re not required, then it’s because they want a second way to look at their problem and understand it better.

          This rings very true to me, for what it’s worth.

          1. 2

            Yes, I wrote something similar on Stack Exchange a while back:

            Testing follows a common pattern in software engineering: testing is claimed to make software better/more “agile”/less buggy/etc., but it’s not really the testing which does this. Rather, good developers make software better/more “agile”/less buggy/etc. and testing is something that good developers tend to do.

            In other words, performing some ritual like unit testing for its own sake will not make your code better. Yet understanding why many people do unit testing will make you a better developer, and being a better developer will make your code better, whether it has unit tests or not.

          2. 3

            If you’re changing a module many times, perhaps you (the programmer) don’t know what it is supposed to do?

            That or the people asking for the change don’t know what they’re doing and keep changing the requirements. >.<

            1. 1

              That can generate new modules rather than changes to existing ones.

          1. 7

            This is something that has been concerning me for a while. Tech companies abusing weaknesses in human behaviour to build addictions and shape emotions. One of the best things you can do for yourself is disable all notifications that aren’t urgent for you to act on right now. Stops you getting drawn away from the task you were doing every few minutes

            1. 4

              Agreed, I have turned off as many notifications as I can so my phone never does anything with them. Anything important I push to my watch which just vibrates. To be sure, this is me mostly trying to give the stupid “smart” watch something to do that makes me not regret buying one.

              That and having firewall rules to ban me from browsing the web for a while at a time. Or for the work laptop I use this: https://selfcontrolapp.com

              To keep me from habitually clicking on sites like this one…. at least for a set duration.

              1. 1

                I’ve set facebook.com to localhost in my host files and on my home-run dnsmasq instance. Turns out the other thing I check often is this. I don’t often participate in discussions, almost never post a thing, and have gone to page two once in what I think it’s months. Granted, the site does send me on a lot of wild goose chases, but the content quality is much higher than on Facebook (duh). I still go to Facebook every once in a while to see if my wife posted things, preferably pictures of my kids or dogs or herself (which is stalky, and a whole ’nother can of worms). I could do more complex stuff but I found that this keeps my digital demons at bay, most of the time.

            1. 0

              The fact that this recurs should cause one to question the value of being in the loop in the first place.

              1. 1

                Are you arguing that we shouldn’t understand basic concepts instead? Or that we should not point out an incorrect understanding of them? If you’re asking the question, what is your answer to your own hypothetical?

                I don’t see this as any different than common misunderstandings of the Heisenberg Uncertainty Principle. A lot of people do not understand it, often times with really bad understanding of it. I don’t see why that should mean we should consider quantum mechanics as not having value.

                1. 3

                  I’m arguing that these fundamentals are too important to be learned in a flavor-of-the-day, 280 character thought leader tweet. Reducing such beautiful concepts to sound bites is intellectual violence in my eyes. It may broaden the immediate reach of an idea but I’m not sure if that is worth the intellectual damage done by such reductionism. Monads are not just pipes, though that can be a place to start. I think there are more effective ways to learn, especially if you look at it in terms of efficacy/time spent. And if people are serious about learning this stuff, they need to dig in.

                  In other words, there’s no shortcut to wisdom or insight.

                  Because of this, I may get annoyed at partial/incomplete understandings of various topics, but I rarely feel the need to step in and correct them.

                  1. 1

                    I do collect descriptions of them for when I have gime to dig in. After I do that, I usually go back to look at my stash of links to try finding the minimum set to teach a topic. So, what do you have that teaches monads more like you prefer?

                    1. 3

                      My personal opinion, is go straight to the source of Monads in Haskell, Philip Wadler: http://homepages.inf.ed.ac.uk/wadler/papers/marktoberdorf/baastad.pdf http://homepages.inf.ed.ac.uk/wadler/papers/monads/monads.ps http://homepages.inf.ed.ac.uk/wadler/papers/essence/essence.ps

                      Until I read through the original papers I felt like I had a gap with everyone elses explanations. These papers really helped me learn them from their first principles. That and a TON of practicing by trying to break the laws to see what happens when I tried making “almost monads” in Haskell.

                      More here: http://homepages.inf.ed.ac.uk/wadler/topics/monads.html

                      1. 1

                        Thanks for the links. I agree on general principle of breaking the rules to help understand or validate them. I was doing that with some formal stuff recently. :)

                        1. 2

                          Its definitely fun! In my opinion nothing replaces doing things wrong to better understand how something works. I never really learn by doing things right, I have to fail before I understand.

                      2. 2

                        I think it is hard to beat the systematic approach taken by Haskell Programming from First Principles, which builds up conceptually to monads. I say this because I have tried both the “use in violence” method by fighting the compiler until it typechecks, and the “harder” way of studying.

                        If I had actually just studied it upfront, I probably would have saved myself a great deal of time and agony versus letting GHC teach me via compile errors.

                        When people talk of monads just being pipes/promises/burritos/whatever, they’re usually giving you one instance of them. Right now, if I showed you how just the Maybe monad operated, you’d probably say, “huh, so what?” Confusing this instance with the concept itself truncates the idea and trivializes it, making it substantially less beautiful. This is the violence I was referring to! So, while I wouldn’t dissuade people from perusing monad tutorials, I really think it needs a more rigorous study in order to truly be appreciated.

                        1. 1

                          I see what you’re saying. Maybe when I finally attempt Haskell Ill get it more. Then again, I might be able to approximate that by comparing a foundational work like mitchy’s links to instance-oriented tutorials. The pattern might start to click. Im saying that for the case I want to learn them before Haskell.

                      3. 1

                        Ah cool, thanks, I was worried you were arguing for the opposite there.

                        In other words, there’s no shortcut to wisdom or insight.

                        We’re in total agreement then.

                  1. 23

                    While I agree that the article is probably true, the biggest problem with Electron, and a lot of modern software development, is that “Developer happiness” and “Developer Efficiency” are both arguments for electron, but “user happiness” and “user efficiency” aren’t.

                    Electron developers are incentivized to develop applications that make users happy in the small- they want something that looks nice, has lots of features, is engaging. The problem is that in their myopic pursuit of this one-and-only goal too many apps (and electron is a vanguard of this trend, but not the only culpable technology by far) forget that a user want’s to do things other than constantly interact with that one single application for their entire computing existence.

                    That’s where electron as a model breaks down. Electron apps are performant enough, and don’t use too much memory, when they are used by themselves on a desktop or powerful docked laptop- but I shouldn’t have to be killing slack and zoom every time I unplug my laptop from a power source because I know they’ll cut my battery life in half. I shouldn’t have to ration which slack teams I join lest I find other important processes swapping or getting oom-killed.

                    Even without those concerns, Electron apps selfishly break the consistency of visual design and metaphors used in a desktop experience, calling attention to themselves with unidiomatic designs.

                    We do need easier and better ways of developing cross-platform desktop applications. Qt seems to be the furthest along in this regard, but for reasons not entirely clear to me it’s never seemed to enter the wider developer consciousness - perhaps because of the licensing model, or perhaps because far fewer people talk about it than actually use it and so it’s never been the “new hotness”.

                    1. 7

                      the author specifically calls out what the problem with QT is.

                      Native cross-platform solution like Qt tend to consider themselves more a library, less a platform, and have little to offer when it comes to creating auto-updating software, installers, and App Store packages.

                      Don’t be so dismissive of peoples choices with the ‘new hotness’ criticism.

                      1. 5

                        I think you misunderstand what I’m saying. My claim isn’t that Qt would solve every problem that people are looking to electron to solve if only it were more popular. My claim is merely that of the cross-platform native toolkits, Qt seems to be both the furthest along in terms of capability, and also seems to be one of the less recognized tools in that space (compared to Wx, GTK, Mono, Unity, heck I’ve seen seen more about TK and FLTK than Qt lately). I suspect that Qt could grow and support more of what people want if it got more attention, but for whatever reason of the cross-platform native toolkits it seems to be less discussed.

                        1. 3

                          Especially with QML, Qt feels just like the javascript+bindings world of the web

                          1. 2

                            Just to be clear, this is the workflow I have currently if I’m targeting Electron. Can you show me something comparable with Qt?

                      2. 7

                        This is an overly simplistic argument that misses the point. Desktop app development has not changed significantly in the past five years, and without Electron we would simply not have many of the Electron-powered cross-platform apps that are popular and used by many today. You can’t talk about “not optimizing for user happiness” when the alternative is these apps just not existing.

                        I don’t like the Slack app, it’s bloated and slow. I wouldn’t call myself a JavaScript developer, and I think a lot of stuff in that world is too ruled by fashion. But this posturing and whining by people who are “too cool for Electron” is just downright silly.

                        Make a better alternative. It’s not like making an Electron app is morally worse than making a desktop app. When you say “we need to make desktop app development better” you can’t impose an obligation on anyone but yourself.

                        1. 6

                          without Electron we would simply not have many of the Electron-powered cross-platform apps that are popular and used by many today.

                          I don’t really remember having a problem finding desktop applications before Electron. There seems to be relatively little evidence for this statement.

                          1. 2

                            Please do not straw man. If you read what you quoted, you will see I did not say no desktop apps existed before Electron. That’s absurd. You also conveniently ignored the part of my sentence where I say “cross-platform”.

                            Obviously we can’t turn back the clock and rewrite history, so what evidence would suffice for you? Maybe it would be the developers of cross-platform apps like Slack, Atom, and VS Code writing about how Electron was a boon for them. Or it could be the fact that the primary cross-platform text editors we had before Electron were Vim and Emacs. Be reasonable (and more importantly, civil.)

                            1. 4

                              I think Vim and Emacs, traditional tools of UNIX folks, propped up as examples of what Slack or VS Code replaced is also a fallacy you’re using to justify a need for Electron. Maybe better comparisons would be Xchat/HexChat/Pidgin, UltraEdit or SlickEdit for editor, and NetBeans or IntelliJ IDEA for IDE. So, those products sucked compared to Electron apps for reasons due to cross-platform technology used vs other factors? Or do they suck at all?

                              Nah, if anything, they show these other projects couldve been built without Electron. Whether they should or not depends on developers’ skills, constraints, preferences, etc on top of markets. Maybe Electron brings justifiable advantages there. Electron isnt making more sophisticated apps than cross-platform native that Ive seen, though.

                              1. 2

                                I think you and the other poster are not making it very clear what your criterion for evidence is. You’ve set up a non-falsifiable claim that simply depends on too many counterfactuals.

                                In the timeline we live in, there exist many successful apps written in Electron. I don’t like many of them, as I’ve stated. I certainly would prefer native apps in many cases.

                                All we need to do is consider the fact that these apps are written in Electron and that their authors have explicitly stated that they chose Electron over desktop app frameworks. If you also believe that these apps are at all useful then this implies that Electron has made it easier for developers to make useful cross-platform apps. I’m really not sure why we are debating about whether a implies b and b implies c means a implies c.

                                You point out the examples of IntelliJ and XChat. I think these are great applications. But you are arguing against a point no one is making.

                                “Electron is just fashion, Slack and VS Code aren’t really useful to me so there aren’t any useful Electron apps” is not a productive belief and not a reasonable one. I don’t like Slack and I don’t particularly like VS Code. But denying that they are evidence that Electron is letting developers create cross-platform apps that might not have existed otherwise and that are useful to many people requires a lot of mental gymnastics.

                                1. 5

                                  “You point out the examples of IntelliJ and XChat. I think these are great applications. But you are arguing against a point no one is making.”

                                  You argued something about Electron vs cross-platform native by giving examples of modern, widely-used apps in Electron but ancient or simplistic ones for native. I thought that set up cross-platform native to fail. So, I brought up the kind of modern, widely-used native apps you should’ve compared to. The comparison then appeared to be meaningless given Electron conveyed no obvious benefits over those cross-platform, native apps. One of the native apps even supported more platforms far as I know.

                                  “All we need to do is consider the fact that these apps are written in Electron and that their authors have explicitly stated that they chose Electron over desktop app frameworks. If you also believe that these apps are at all useful then this implies that Electron has made it easier for developers to make useful cross-platform apps. “

                                  It actually doesn’t unless you similarly believe we should be writing business apps in COBOL on mainframes. Visual Basic 6, or keeping the logic in Excel spreadsheets because those developers or analysts were doing it saying it was easiest, most-effective option. I doubt you’ve been pushing those to replace business applications in (favorite language here). You see, I believe that people using Electron to build these apps means it can be done. I also think something grounded in web tech would be easier to pick up for people from web background with no training in other programming like cross-platform native. This much evidence behind that as a general principle and for Electron specifically. The logic chain ends right here though:

                                  “then this implies that Electron has made it easier for developers to make useful cross-platform apps.”

                                  It does not imply that in general case. What it implies is the group believed it was true. That’s it. All the fads that happen in IT which the industry regretted later on tells me what people believe was good and what objectively was are two different things with sadly little overlap. I’d have to assess things like what their background was, were they biased in favor of or against certain languages, whether they were following people’s writing who told them to use Electron or avoid cross-platform native, whether they personally or via the business were given constraints that excluded better solutions, and so on. For example, conversations I’ve had and watched with people using Electron have showed me most of them didn’t actually know much about the cross-platform native solutions. The information about what would be easy or difficult had not even gotten to them. So, it would’ve been impossible for them to objectively assess whether they were better or worse than Electron. It was simply based on what was familiar, which is an objective strength, to that set of developers. Another set of developers might have not found it familiar, though.

                                  So, Electron is objectively good for people how already know web development looking for a solution with good tooling for cross-platform apps to use right now without learning anything else in programming. That’s a much narrower claim than it being better or easier in general for cross-platform development, though. We need more data. Personally, I’d like to see experiments conducted with people using Electron vs specific cross-platform native tooling to see what’s more productive with what weaknesses. Then, address the weaknesses for each if possible. Since Electron is already popular, I’m also strongly in favor of people with the right skills digging into it to make it more efficient, secure, etc by default. That will definitely benefit lots of users of Electron apps that developers will keep cranking out.

                                  1. 2

                                    Hey, I appreciate you trying to have a civilized discussion here and in your other comments, but at this point I think we are just talking past each other. I still don’t see how you can disagree with the simple logical inference I made in my previous comment, and despite spending some effort I don’t see how it at all ties into your hypothetical about COBOL. It’s not even a hypothetical or a morality or efficacy argument, just transitivity, so I’m at a loss as to how to continue.

                                    At this point I am agreeing with everything you are saying except on those things I’ve already said, and I’m not even sure if you disagree with me on those areas, as you seem to think you do. I’m sorry I couldn’t convince you on those specifics, which I think are very important (and on which other commenters have strongly disagreed with me), but I’ve already spent more time than I’d have preferred to defending a technology I don’t even like.

                                    On the other hand, I honestly didn’t mind reading your comments, they definitely brought up some worthwhile and interesting points. Hope you have a good weekend.

                                    1. 2

                                      Yeah, we probably should tie this one up. I thank you for noticing the effort I put into being civil about it and asking others to do the same in other comments. Like in other threads, I am collecting all the points in Electron’s favor along with the negatives in case I spot anyone wanting to work on improvements to anything we’re discussing. I got to learn some new stuff.

                                      And I wish you a good weakend, too, Sir. :)

                              2. 3

                                Please do not straw man. If you read what you quoted, you will see I did not say no desktop apps existed before Electron

                                And if you read what I said, I did not claim that you believed there were no desktop apps before Electron. If you’re going to complain about straw men, please do not engage in them yourself.

                                My claim was that there was no shortage of native applications, regardless of the existence of electron. This includes cross platform ones like xchat, abiword, most KDE programs, and many, many others. They didn’t always feel entirely native on all platforms, but the one thing that Electron seems to have done in order to make cross platform easy is giving up on fitting in with all the quirks of the native platform anyways – so, that’s a moot point.

                                Your claim, I suppose, /is/ tautologically true – without electron, there would be no cross platform electron based apps. However, when the clock was rolled back to before electron existed and look at history, there were plenty of people writing enough native apps for many platforms. Electron, historically, was not necessary for that.

                                It does let web developers develop web applications that launch like native apps, and access the file system outside of the browser, without learning new skills. For quickly getting a program out the door, that’s a benefit.

                                1. 1

                                  No one is saying there was a “shortage” of desktop applications; I’m not sure how one could even ascribe that belief to someone else without thinking they were completely off their rocker. No one is even claiming that without Electron none of these apps would exist (read my comment carefully). My claim is also not the weird tautology you propose, and again I’m not sure why you would ascribe it to someone else if you didn’t think they were insane or dumb. This is a tactic even worse than straw manning, so I’m really not sure you why you are so eager to double down on this.

                                  Maybe abstracting this will help you understand. Suppose we live in a world where method A doesn’t exist. One day method A does exist, and although it has lots of problems, some people use method A to achieve things B that are useful to other people, and they publicly state that they deliberately chose method A over older methods.

                                  Now. Assuming other people are rational and that they are not lying [1], we can conclude that method A helped people achieve things B in the sense that it would have been more difficult had method A not existed. Otherwise these people are not being rational, for they chose a more difficult method for no reason, or they are lying, and they chose method A for some secret reason.

                                  This much is simple logic. I really am not interested in discussing this if you are going to argue about that, because seriously I already suspect you are being argumentative and posturing for no rational reason.

                                  So, if method A made it easier for these people to achieve things B, then, all else equal, given that people can perform a finite amount of work, again assuming they are rational, we can conclude that unless the difference in effort really was below the threshold where it would cause any group of people to have decided to do something else [2], if method A had not existed, then some of the things B would not exist.

                                  This is again seriously simple logic.

                                  I get it that it’s cool to say that modern web development is bloated. For the tenth time, I agree that Electron apps are bloated. As I’ve stated, I don’t even like Slack, although it’s ridiculous that I have to say that. But don’t try to pass off posturing as actual argument.

                                  [1]: If you don’t want to assume that at least some of the people who made popular Electron apps are acting intelligently in their own best interests, you really need to take a long hard look at yourself. I enjoy making fun of fashion-driven development too, but to take it to such an extreme would be frankly disturbing.

                                  [2]: If you think the delta is really so small, then why did the people who created these Electron apps not do so before Electron existed? Perhaps the world changed significantly in the meantime, and there was no need for these applications before, and some need coincidentally arrived precisely at the same time as Electron. If you had made this argument, I would be a lot more happy to discuss this. But you didn’t, and frankly, this is too coincidental to be a convincing explanation.

                                  1. 2

                                    then why did the people who created these Electron apps not do so before Electron existed?


                                    Apps with equivalent functionality did exist. The “Electron-equivalent” apps were a time a dozen, but built on different technologies. People creating these kinds of applications clearly did exist. Electron apps did not exist before electron, for what I hope are obvious reasons.

                                    And, if you’re trying to ask why web developers who were familiar with a web toolkit running inside a browser, and unfamiliar with desktop toolkits didn’t start writing things that looked like desktop applications until they could write them inside a web browser… It’s easier to do something when you don’t have to learn new things.

                                    There is one other thing that Electron did that makes it easier to develop cross platform apps, though. It dropped the idea of adhering fully to native look and feel. Subtle things like, for example, the way that inspector panels on OSX follow your selection, while properties dialogs on Windows do not – getting all that right takes effort.

                                    At this point, I don’t really see a point in continuing, since you seem to consistently be misunderstanding and aor misinterpreting everything that’s been said in this entire thread, in replies to both me and others. I’m not particularly interested in talking to someone who is more interested in accusing me of posturing than in discussing.

                                    Thank you for your time.

                                    1. -1

                                      I am perplexed how you claim to be the misunderstood one when I have literally been clarifying and re-clarifying my original comment only to see you shift the goalposts closer and closer to what I’ve been saying all along. Did you even read my last comment? Your entire comment is literally elaborating on one of my points, and your disagreement is literally what I spent my entire comment discussing.

                                      I’m glad you thanked me for my time, because then at least one of us gained something from this conversation. I honestly don’t know what your motives could be.

                                2. 0

                                  I find it strange that you somehow read

                                  I don’t really remember having a problem finding desktop applications before Electron

                                  as implying that you’d said

                                  no desktop apps existed before Electron

                                  @orib was simply saying that there was no shortage of desktop apps before Electron. That’s much different.

                                  …That’s absurd… Obviously we can’t turn back the clock and rewrite history… …Be reasonable (and more importantly, civil.)

                                  You should take your own advice. @orib’s comment read as completely anodyne to me.

                                  1. 0

                                    I find it strange that you’re leaving out parts of my comment, again. Not sure why you had to derail this thread.

                                    1. 0

                                      You seem to be confusing me with somebody else.

                                      1. 0

                                        Please, please stop continuing to derail this conversation. I am now replying to your contentless post which itself was a continuation of your other contentless post which was a reply to my reply to orib’s post, which at least had some claims that could be true and could be argued against.

                                        I’m not sure what your intentions are here, but it’s very clear to me now that you’re not arguing from a position of good faith. I regret having engaged with you and having thus lowered the level of discourse.

                                        1. 1

                                          Please, please stop continuing to derail this conversation… I regret having engaged with you and having thus lowered the level of discourse.

                                          Yeah, I wouldn’t want to derail this very important conversation in which @jyc saves the Electron ecosystem with his next-level discourse.

                                          My intention was to call you out for being rude and uncivil and the words you’ve written since then only bolster my case.

                                          1. 0

                                            What is even your motive? Your latest comment really shows you think this whole thing is some sort of sophistic parlor game. I have spent too much time trying to point out that there may even exist some contribution from a technology I don’t even like. I honestly hope you find something better to do with your time than start bad faith arguments with internet strangers for fun.

                              3. 8

                                I’m not sure sure that it’s necessarily true that the existence of these apps is necessarily better than the alternative. For a technical audience, sure. I can choose to, grudgingly, use some bloated application that I know is going to affect my performance, and I’m technical enough to know the tradeoffs and how to mitigate the costs (close all electron apps when I’m running on battery, or doing something that will benefit from more available memory). The problem is for a non-technical audience who doesn’t understand these costs, or how to manage their resources, the net result is a degraded computing experience- and it affects the entire computing ecosystem. Resource hog applications are essentially replaying the tragedy of the commons on every single device they are running on, and even as the year-over-year gains in performance are slowing the underlying problem seems to be getting worse.

                                And when I say “we” should do better, I’m acknowledging that the onus to fix this mess is going to be in large part on those of us who have started to realize there’s a problem. I’m not sure we’ll succeed as javascript continues to eat the world, but I’ll take at least partial ownership over the lack of any viable contenders from the native application world.

                                1. 2

                                  I’m not sure sure that it’s necessarily true that the existence of these apps is necessarily better than the alternative.

                                  I think this and your references to a “tragedy of the commons” and degrading computing experiences are overblowing the situation a bit. You may not like Slack or VS Code or any Electron app at all, but clearly many non-technical and technical people do like these apps and find them very useful.

                                  I agree 100% that developers should be more cautious about using user’s resources. But statements like the above seem to me to be much more like posturing than productive criticism.

                                  Electron apps are making people’s lives strictly worse by using up their RAM—seriously? I don’t like Electron hogging my RAM as much as you, but to argue that it has actually made people’s lives worse than if it didn’t exist is overdramatic. (If you have separate concerns about always-on chat apps, I probably share many of them, but that’s a separate discussion).

                                  1. 5

                                    but clearly many non-technical and technical people do like these apps and find them very useful.

                                    If you heard the number of CS folks I’ve heard complain about Slack clients destroying their productivity on their computers by lagging and breaking things, you’d probably view this differently.

                                    1. 2

                                      If you also heard the number of CS folks I’ve heard suggest you buy a better laptop and throwing you a metaphorical nickel after you complain about Slack, you’d probably view it as futile to complain about sluggish Web apps again.

                                      1. 1

                                        Dude, seriously, the posturing is not cool or funny at this point. I myself complain about Slack being bloated, and IIRC I even complained about this in my other post. Every group I’ve been that has used Slack I’ve also heard complaints about it from both technical and non-technical people.

                                        I’ll leave it as an exercise for you to consider how this is not at all a contradiction with what you quoted. My God, the only thing I am more annoyed by at this point than Electron hipsterism is the anti-Electron hipsterism.

                                        1. 3

                                          Not posturing–this is a legitimate problem.

                                          Dismissing the very real pain points of people using software that they’re forced into using because Slack is killing alternatives is really obnoxious.

                                          People aren’t complaining just to be hipsters.

                                          1. -1

                                            Dude, at this point I suspect you and others in this thread are trying to imagine me as some personification of Electron/Slack so that you can vent all your unrelated complaints about them to me. For the last time, I don’t even like Electron and Slack that much. What is obnoxious is the fact that you are just ignoring the content of my comments and using them as a springboard for your complaints about Slack which I literally share.

                                            You seriously call this account @friendlysock?

                                            Your latest comment doesn’t add anything at all. Many users, perhaps even a majority of users, find Slack and other Electron software useful. I don’t and you don’t. I don’t like Slack’s business practices and you don’t either. Seriously, read the damn text of my comment and think about how you are barking up the entirely wrong tree.

                                  2. 4

                                    “and without Electron we would simply not have many of the Electron-powered cross-platform apps that are popular and used by many today. “

                                    What that’s actually saying is that people who envision and build cross-platform apps for their own satisfaction, fame, or fortune would stop doing that if Electron didnt exist. I think the evidence we have is they’d build one or more of a non-portable app (maybe your claim), cross-platform app natively, or a web app. That’s what most were doing before Electron when they had the motivations above. Usually web, too, instead of non-portable.

                                    We didnt need Electron for these apps. Quite a few would even be portable either immediately or later with more use/funds. The developers just wanted to use it for whatever reasons which might vary considerably among them. Clearly, it’s something many from a web background find approachable, though. That’s plus development time savings is my theory.

                                    1. 1

                                      I agree that many people might have ended up building desktop apps instead that could have been made even better over time. I also agree with your theory about why writing Electron apps is popular. Finally, I agree that Electron is not “needed”.

                                      I’m going to preemptively request that we keep “hur dur, JavaScript developers, rational?” comments out of this—let’s be adults: assuming the developers of these apps are rational, clearly they thought Electron was the best choice for them. Anyone “sufficiently motivated” would be willing to write apps in assembler; that doesn’t mean we should be lamenting the existence of bloated compilers.

                                      Is saying developers should think about writing apps to use less resources productive? Yes. Is saying Electron tends to create bloated apps productive? Definitely. Is saying Electron makes the world a strictly worse place productive or even rational? Not at all.

                                      1. 3

                                        “I’m going to preemptively request that we keep “hur dur, JavaScript developers, rational?” comments out of this—let’s be adults”

                                        Maybe that was meant for a different commenter. I haven’t done any JS bashing in this thread that I’m aware of. I even said Electron is good for them due to familiarity.

                                        “ Is saying Electron makes the world a strictly worse place productive or even rational? Not at all.”

                                        Maybe that claim was also meant for a different commenter. I’d not argue it at all since those using Electron built some good software with it.

                                        I’ve strictly countered false positives in favor of Electron in this thread rather than saying it’s all bad. Others are countering false negatives about it. Filtering the wheat from the chaff gets us down to the real arguments for or against it. I identified one, familiarity, in another comment. Two others brought up some tooling benefits such as easier support for a web UI and performance profiling. These are things one can make an objective comparison with.

                                  3. 4

                                    forget that a user want’s to do things other than constantly interact with that one single application for their entire computing existence.

                                    Quoted for truth.

                                    Always assume that your software is sitting between your user and what they actually want to do. Write interactions accordingly.

                                    We don’t pay for software because we like doing the things it does, we pay so we don’t have to keep doing those things.

                                    1. 3

                                      perhaps because of the licensing model

                                      I also think so. It’s fine for open source applications, but the licensing situation for proprietary applications is tricky. Everyone who says you can use Qt under LGPL and just have to dynamically link to Qt, also says “but I’m not a lawyer so please consult one”. As a solo developer working on building something that may or may not sell at some point, it’s not an ideal situation to be in.

                                      1. 4

                                        I think the big caveat to this is that for a great many of the applications I see that have electron-based desktop apps, they are frontends for SAAS applications. They could make money off a GPL application just as easily as a proprietary one, especially since a lot of these services publish most of the APIs anyway.

                                        Granted, I’d love to see a world where software moved away from unnecessary rent-seeking and back to actually selling deliverable applications, but as long as we’re in a SAAS-first world the decision to release a decent GPL-ed frontend doesn’t seem like it should be that hard.

                                        1. 4

                                          I have been responsible for third party IP at a company that did exactly that with Qt; it’s fine.

                                        2. 3

                                          The situation is more nuanced than that. Because Electron provides developers with a better workflow and a lower barrier to entry that results in applications and features that simply wouldn’t exist otherwise. The apps built with Electron might not be as nice as native ones, but they often solve real problems as indicated by the vast amount of people using them. This is especially important if you’re running Linux where apps like Slack likely wouldn’t even exist in the first place, and then you’d be stuck having to try running them via Wine hoping for the best.

                                          While Qt is probably one of the better alternatives, it breaks down if you need to have a web UI. I’d also argue that the workflow you get with Electron is far superior.

                                          I really don’t see any viable alternatives to Electron at the moment, and it’s like here to stay for the foreseeable future. It would be far more productive to focus on how Electron could be improved in terms of performance and resource usage than to keep complaining about it.

                                          1. 1

                                            I never claimed that it doesn’t make life easier for some developers, or even that every electron app would have been written with some other cross-platform toolkit. Clearly for anyone who uses Javascript as their primary (or, in many cases, only) language, and works with web technology day in and day out, something like electron is going to be the nearest to hand and the fastest thing for them to get started with.

                                            The problem I see is that what’s near to hand for developers, and good for the individual applications, ends up polluting the ecosystem by proliferating grossly, irresponsibly inefficient applications. The problem of inefficiency and the subsequent negative affect it has on the entire computing ecosystem is compounded by the fact that most users aren’t savvy enough to understand the implications of the developers technology choices, or even capable of looking at the impact that a given application is having on their system. Additionally, software as an industry is woefully prone to adopting local maxima solutions- even if something better did come along, we’re starting to hit an inflection point of critical mass where electron will continue to gain popularity. Competitors might stand a chance if developers seemed to value efficiency, and respect the resources of their users devices, but if they did we wouldn’t be in this situation in the first place.

                                            1. 2

                                              Saying that developers use Electron simply because don’t value efficiency is absurd. Developers only have so much time in a day. Maintaining the kinds of applications built with Electron using alternatives is simply beyond the resources available to most development teams.

                                              Again, as I already pointed out, the way to address the problem is to look for ways to improve Electron as opposed to complaining that it exists in the first place. If Electron runtime improves, all the applications built on top of it automatically get better. It’s really easy to complain that something is bloated and inefficient, it’s a lot harder to do something productive about it.

                                          2. 2

                                            but I shouldn’t have to be killing slack and zoom every time I unplug my laptop

                                            Yes, you shouldn’t. But that is not Electron’s fault.

                                            I’ve worked on pgManage, and even though ii is based on Electron for the front-end, we managed to get it work just fine and use very little CPU/Memory*. Granted, that’s not a chat application, but I also run Riot.im all day everyday and it show 0% CPU and 114M of memory (about twice as much as pgManage).

                                            Slack is the worst offender that I know of, but it’s because the people who developed it were obviously used to “memory safe” programming. We had memory issues in the beginning with the GC not knowing what to do when we were doing perfectly reason able things. But we put the effort in and made it better.

                                            We have a strong background in fast C programs, and we applied that knowledge to the JS portion of pgManage and cut down the idle memory usage to 58M. For this reason, I’m convinced that C must never die.

                                            * https://github.com/pgManage/pgManage/blob/master/Facts_About_Electron_Performance.md (Note: the version numbers referred to in this article are for Postage, which was later re-branded pgManage)

                                            *Edit for spelling*

                                            1. 5

                                              “But that is not Electron’s fault.”

                                              It happens by default with a lot of Electron apps. It doesnt so much with native ones. That might mean it’s a side effect of Electron’s design. Of course, Id like to see more data on different use-cases in case it happens dor some things but not others. In your case, did you have to really work hard at keeping the memory down?

                                              Edit: The Github link has some good info. Thanks.

                                              1. 2

                                                It happens by default with a lot of Electron apps.

                                                I see where your coming from, and you’re right, but if more JS devs had C experience (or any other non-memory-managed language), we would all be better for it. The GC spoils, and it doesn’t always work.

                                                It doesnt so much with native ones.

                                                Yes, but I think that greatly depends on the language, and how good the GC is.

                                                That might mean it’s a side effect of Electron’s design.

                                                Maybe, but if pgManage can do it (a small project with 5 people working on it), than I see absolutely no reason why Slack would have any difficulty doing it.

                                                In your case, did you have to really work hard at keeping the memory down?

                                                Yes and no. Yes it took time (a few days at most), but no because Electron, and Chrome, have great profiling tools and we were able to find most issues fairly quickly (think Valgrind). IIRC the biggest problem we had at the time was that event listeners weren’t being removed before an element was destroyed (or something like that).

                                                1. 1

                                                  One thing I’ll note, look at the ipc ratio of electron apps versus other native apps. You’ll notice a lot of tlb misses and other such problems meaning that the electron apps are mostly sitting there forcing the cpu to behave in ways it really isn’t good at optimizing.

                                                  In the end, the electron apps just end up using a lot of power spinning the cpu around compared to the rest. This is technically also true of web browsers.

                                                  You may use perf on linux or tiptop to read the cpu counters (for general ipc eyeballing i’d use tiptop): http://tiptop.gforge.inria.fr

                                          1. 17

                                            Knowing german, I read this way differently than the title is trying to convey initially.

                                            1. 8

                                              For the non-german folks here, du is the german personal-pronoun for you so the title reads: Like you but more intuitive :)

                                              1. 2

                                                It’s a bit more complex than that: German retained the T-V distinction, which means it has two forms of singular second person pronoun, one for people you’re close to and one for people you’re not close to. Sie is the pronoun for people you’re not close to, du is the one for people you are close to. It also has two forms of the second-person plural pronoun, ihr for people you’re close to and, again, Sie for people you’re not close to.

                                                1. 2

                                                  Still it translates to the same and I don’t know of any way to preserve that intent in English.

                                                  I always thought the du/Sie distinction makes German very formal but it also seems very ingrained in the culture. The distinction was also in Swedish but it disappeared and is so rare in Denmark I can’t remember when I saw it last. Something I couldn’t imagine happening in Germany.

                                                  1. 3

                                                    Sweden is such a small country that a reform of this type, made in the heady days of the 60s, got traction very easily.

                                                    As a bank cashier in the late 80s I’d sometimes refer to customers using “ni” and occasionally get pushback from people of the “68 generation”.

                                              2. 5

                                                Also “dust” means dork or idiot in Norwegian.

                                              1. 9

                                                If you just want to understand dependent types without so much syntax-and-usability struggle, you might be interested in this:


                                                Should be available in August.

                                                1. 1

                                                  Out of curiosity, as someone that always hated schemes and lisps in general, but seems to have found Haskell and Idris super fun/useful to learn, what strikes you as the issue in Idris?

                                                  And have you read that book at all? Is it beta downloadable prior to release like the idris book was? I’m skeptical that my first try at a lisp should be with dependent types but willing to be proven wrong yet again in life.

                                                  1. 2

                                                    If you’re already familiar with Haskell syntax, I imagine that Idris should be easy to learn. In any case, it’s much more of a “real” language, unlike this Little Typer thing which is Racket-based and optimized for being simple and learnable for beginners.

                                                    If you don’t like Scheme, I doubt that the Little Typer book will do much for you. It’s probably not the best “Little” book in the series to start with! I’m fond of Scheme myself and find the simplicity of the syntax makes it easier to concentrate on the ideas, but of course that’s a matter of taste.

                                                    I have a colleague who’s one of the authors. The source is online somewhere, but I doubt it’s very useful without the book. I have glanced through a preprint, but am looking forward to buying my own copy when it comes out. I’m sure I’ll eventually get around to reading the Idris book too!

                                                    1. 1

                                                      Yep Idris was cake coming from Haskell syntax wise. The irony that Haskell actually descends from the lisp family is not lost on me however. I’m just a fan of not having to need so many parens.

                                                      I’ll add those to the list of things to read, but that list only grows longer. I do use emacs though so perhaps elisp is the source of my “this language is freaking weird”. But I never really got scheme in school either, activated my uncanny valley I suppose, but I agree its all subjective. Thanks for the link though!

                                                1. 19

                                                  The best way to combat this is to not answer the questions for password reset at all. Use a password manager, and when a company asks something like “what was the name of your favorite teacher” give an answer like “zod the destroyer 7899” and never mention or tell anyone about this. Even if someone knows your favorite teacher, it won’t help them.

                                                  1. 3

                                                    I generate all the answers with my password manager too - and don’t re-use them between systems. It’s a bit of a pain to generate them but they’re not often asked for and I don’t want to have to inform my mother her maiden name is part of a data breach.

                                                    1. 3

                                                      Unfortunately you do need to be a bit careful with this. It’s possible (however dumb) that these answers are stored in plaintext and then presented to the user either as-is (multiple choice) or partially obscured (complete this name).

                                                      If an attacker is trying to get through the reset process and are confronted with “What’s your mother’s maiden name? a) Jones, b) Smith or c) F32djsb/.$%” they might have better than 1-in-3 odds :-)

                                                      1. 2

                                                        I’m partial to being born somewhere like: Earth Sol System Orion Minor Galactic Arm Milky Way Galaxy

                                                        And my favorite pet sometimes has ended up being something like: Leeloominai ekatariba tchai ekbat de sebat

                                                        And favorite colors being Steve.

                                                        I just plug all that crap into my password manager so that all my random “copy something from an open webpage” answers don’t go away.

                                                        1. 1

                                                          I do this (except the answers are randomly generated) and it turns out it mostly doesn’t matter. I’ve had to call services that use them and talk to customer service representatives. They’ve asked me the questions, along with other identifying information, and I told them that I didn’t know the answer. All I said was that it was probably random junk. They just ignored it and continued to deal with my problem.

                                                          What’s even more interesting is that rep on the phone would admonish me for forgetting the answer, telling me that they ask these things for my own security. It didn’t seem to register, even after I mentioned it, that it obviously doesn’t since I just bypassed them.

                                                          1. 1

                                                            A number of sites now do “identity verification” through (I believe) the credit agencies, where they’ll ask you questions about previous addresses based on the records those agencies have–not based on answers you provided yourself at any point.

                                                            1. 2

                                                              Yeah but that costs money and it still doesn’t fix the problem because your previous addresses can be know by the attacker.

                                                              1. 2

                                                                Right, my point was that it’s not enough to use fake answers to security questions, because the real answers (at least regarding previous addresses) are still useful to attackers against these identity verification systems.

                                                              2. 1

                                                                Not that you nor I can do anything about it here and now, but that practice should be heavily discouraged. The whole point of security questions is to answer stuff only I know. Which also makes 90% of the currently available choices (“Mother’s maiden name”, “First pet”, etc.) really poor choices. Allow me to make my own question and answer, and it should improve handily for some people, whereas people who fall back to the default questions are no worse off.

                                                            1. 45

                                                              Your original 600MB tracking pixel was a pain in the ass, I’m sure everybody who accessed the website using limited cellular data is very fond of you.

                                                              1. 17

                                                                Especially during a weekend where many (at least Europeans) were traveling.

                                                                Also keep in mind that a lot of people outside the US (i.e. Europe) are on 500MB/1GB plans, so you burn through that with LTE very quickly. And not everyone can afford to buy extra data. This is extremely rude.

                                                                1. 4

                                                                  Well even as an american, I accessed this site and that page over my cellular connection. Sigh, even with a 10GiB monthly cap that probably used up a ton of data pointlessly.

                                                                2. 3

                                                                  … I was wondering how I ran out of data 4 days early this month.

                                                                  1. 4

                                                                    I, well, believe it should count as part of the experience.

                                                                    1. 2

                                                                      You don’t RSS your mobile feeds?

                                                                      1. 3

                                                                        I haven’t used RSS since like 2009.

                                                                        1. 6

                                                                          But it was 2002, atleast according to the post dates!

                                                                          1. 4

                                                                            We have https, too, to make sure those dates weren’t tampered with in transit.

                                                                    1. [Comment removed by author]

                                                                      1. 3

                                                                        Now that, is a forum sig. Even with the stick figure fight gif. Its like 2001 all over again.

                                                                      1. 8

                                                                        You see, one of the biggest problems with a Linux distro or any large system is bootstrapping. At some point you get to the point where you need a previous version of your tooling to build the current version. This is not really desirable as it ultimately can become a very difficult to break build loop. Because of this, xbps-src is in fact not a binary, it is a collection of very intricate shell scripts that use standard tooling available on almost any Linux distribution to bootstrap a compiler, build chroot, and XBPS itself.

                                                                        It’s cool that their build system is a bunch of shell scripts that will run on any Linux distro. I wrote about some related stuff here in January [1]:

                                                                        • Alpine’s abuild script is also a pure shell script – a pure busybox ash script! But it doesn’t run on anything besides Alpine.
                                                                        • Debootstrap is a shell script that also only runs on Debian (as far as I know). I believe building Debian packages (as opposed to the base image) requires a lot of native / non-shell tools.
                                                                        • Aboriginal Linux is a bunch of pure shell scripts as well.

                                                                        So it sounds like I should download xbps-src and try it out with Oil :)

                                                                        However, I also don’t think the bootstrapping issue is as big a deal as he thinks? Because you want/need some kind of isolation anyway. You don’t want your build platform leaking into your binaries, i.e. a Void package built under Debian or Alpine should not be different than a Void package built under Void.

                                                                        The usual solution for Alpine is to download an Alpine image and build packages there; likewise for Debian you download a Debian image. And this image can generally be a chroot – i.e. you don’t need a dedicated piece of hardware (or a VM, or a Docker container). (However I wish that Alpine would make the chroot story more straightforward. It doesn’t feel “first class”.)

                                                                        Without the chroot or similar to pin down the versions of your build toolchain, I think it’s hard to solve the “reproducibility” issue. I don’t know exactly how Void Linux does it, but I am a bit confused by the description. You still need two stages to build, and it’s natural to use your own distro as the first stage, rather than some other distro.

                                                                        Linux From Scratch has the steps “preparing the host system”, “constructing a temporary system”, and “building LFS”.


                                                                        [1] Success with Aboriginal, Alpine, and Debian http://www.oilshell.org/blog/2018/01/15.html

                                                                        1. 6

                                                                          Void’s build system uses isolation to build packages. From readme [1]:

                                                                          xbps-src requires an utility to chroot and bind mount existing directories into a masterdir that is used as its main chroot directory. xbps-src supports multiple utilities to accomplish this task:

                                                                          • xbps-uunshare(1) - XBPS utility that uses user_namespaces(7) (part of xbps, default).
                                                                          • xbps-uchroot(1) - XBPS utility that uses namespaces and must be setgid (part of xbps).
                                                                          • proot(1) - utility that implements chroot/bind mounts in user space, see https://proot-me.github.io/.

                                                                          NOTE: you don’t need to be root to use xbps-src, use your preferred chroot style as explained below.

                                                                          I’m very slowly developing a Linux distribution using xbps-src. I can build a (still quite useless) squashfs image without root privileges [2].

                                                                          [1] https://github.com/voidlinux/void-packages/blob/master/README.md

                                                                          [2] https://github.com/hadrianw/tomatoaster

                                                                          1. 4

                                                                            Wow totally unrelated but “an utility” sounds so wrong. I didn’t realize there were words starting with vowels that don’t use “an.” Apparently it’s words starting with vowel sounds that get an “an.” Utility, as well as words like user and euphemism, phonetically start with a y sound and therefore don’t use “an.” Crazy that I knew that intuitively, but until I read “an utility” just now I would have said “an” goes before words starting with vowels. I had thought “an hour” and a few other h words were the only exceptions. Weird.

                                                                          2. 5

                                                                            The bootstrap process is done by building a meta-package base-chroot (https://github.com/voidlinux/void-packages/blob/master/srcpkgs/base-chroot/template) and its dependencies using the tools available on the host. After the bootstrap xbps-src uses base-chroot to create clean/void environment which can be used to build all the packages available.

                                                                            1. 1

                                                                              OK thanks for the info. I guess my point is that this is very much like other Linux distros, including Alpine, and even Debian.

                                                                              At least this is true in theory – I don’t see that Void necessarily has a unique take on bootstrapping. But in practice it might be better, because with the distros I’ve tried this area feels a little like undocumented black magic that only the core devs know about.

                                                                              I have used: https://github.com/alpinelinux/alpine-chroot-install

                                                                              But I haven’t yet rebuild a lot of packages under it.

                                                                              1. 2

                                                                                Voids take reminds me more of netbsd here, which isn’t a huge surprise given who started it.

                                                                            2. 3

                                                                              Also if anyone is interested in trying Void build scripts with OSH let me know :-)


                                                                              I’m not familiar with Void Linux, but it sounds BSD-ish and interesting.

                                                                              1. 2

                                                                                I’ve actually been using fpm to do a lot of my packing as of late, rather then dealing with deb scripts and RPM spec files. fpm does things amazingly well for most use cases.

                                                                              1. 5

                                                                                This a fascinating case. It’s very unfortunate that the cyclist had to die for it to come before us. However, had the car been driven by a human, nobody would be talking about it!

                                                                                That said, the law does not currently hold autonomous vehicles to a higher standard than human drivers, even though it probably could do so given the much greater perceptiveness of LIDAR. But is there any precedent for doing something like this (having a higher bar for autonomous technology than humans)?

                                                                                1. 13

                                                                                  Autonomous technology is not an entity in law, and if we are lucky, it never will be. Legal entities designed or licensed the technology, and those are the ones the law finds responsible. This is similar to the argument that some tech companies have made that “it’s not us, it’s the algorithm.” The law does not care. It will find a responsible legal entity.

                                                                                  This is a particularly tough thing for many of us in tech to understand.

                                                                                  1. 25

                                                                                    It’s hard for me to understand why people in tech find it so hard to understand. Someone wrote the algorithm. Even in ML systems where we have no real way of explaining its decision process, someone designed it the system, someone implemented it, and someone made the decision to deploy it in a given circumstance.

                                                                                    1. 11

                                                                                      Not only that, but one other huge aspect of things nobody is probably thinking about. This incident is going to probably start the ball rolling on certification and liability for software.

                                                                                      Move fast and break things is probably not going to fly in the faces of too many deaths to autonomous cars. Even if they’re safer than humans, there is going to be repercussions.

                                                                                      1. 8

                                                                                        Even if they’re safer than humans, there is going to be repercussions.

                                                                                        Even if they are safer than humans, a human must be held accountable of the deaths they will cause.

                                                                                        1. 2

                                                                                          Indeed, and I believe those humans will be the programmers.

                                                                                          1. 4

                                                                                            Well… it depends.

                                                                                            When a bridge breaks down and kills people due to bad construction practices, do you put in jail the bricklayers?

                                                                                            And what about a free software that you get from me “without warranty”?

                                                                                            1. 4

                                                                                              No - but they do take the company that build the bridge to court.

                                                                                              1. 5

                                                                                                Indeed. The same would work for software.

                                                                                                At the end of the day, who is accountable for the company’s products is accountable for the deaths that such products cause.

                                                                                              2. 2

                                                                                                Somewhat relevant article that raised an interesting point RE:VW cheating emissions tests. I think we should ask ourselves if there is a meaningful difference between these two cases that would require us to shift responsibility.

                                                                                                1. 2

                                                                                                  Very interesting read.

                                                                                                  I agree that the AI experts’ troupe share a moral responsibility about this death, just like the developers at Volkswagen of America shared a moral responsibility about the fraud.

                                                                                                  But, at the end of the day, software developers and statisticians were working for a company that is accountable for the whole artifact they sell. So the legal accountability must be assigned at the company’s board of directors/CEO/stock holders… whoever is accountable for the activities of the company.

                                                                                                2. 2

                                                                                                  What I’m saying is this is a case where those “without warranty” provisions may be deemed invalid due to situations like this.

                                                                                                3. 1

                                                                                                  I don’t think it’ll ever be the programmers. It would be negligence either on the part of QA or management. Programmers just satisfy specs and pass QA standards.

                                                                                            2. 2

                                                                                              It’s hard to take reponsability for something evolving in a such dynamic environment, with potentially used for billions of hours everyday, for the next X years. I mean, knowing that, you would expect to have a 99,99% of cases tested, but here it’s impossible.

                                                                                              1. 1

                                                                                                It’s expensive, not impossible.

                                                                                                It’s a business cost and an entrepreneurial risk.

                                                                                                If you can take the risks an pay the costs, that business it not for you.

                                                                                          2. 4

                                                                                            It’s only a higher bar if you look at it from the perspective of “some entity replacing a human.” If you look at it from the perspective of a tool created by a company, the focus should be ok whether there was negligence in the implementation of the system.

                                                                                            It might be acceptable and understandable for the average human to not be able to react that fast. It would not be acceptable and understandable for the engineers on a self-driving car project to write a system that can’t detect an unobstructed object straight ahead, for the management to sign off on testing, etc.

                                                                                          1. 10

                                                                                            “In hindsight it seems reasonable, but I had no idea there was a filesystem bit that marked a program to be run as it’s owner. It’s a really cool mechanism!”

                                                                                            From a security standpoint, setuidroot bit was a bad idea: hackers went straight for those programs trying to get malicious code in via either the filesystem or the running program.

                                                                                            TIS solved the filesystem part in Trusted Xenix: a B2-class UNIX designed for privilege reduction among other things. The OS automatically cleared the setuid bit any time an executable file was written to. The administrator had to manually reset the bit. The thought was that the only legitimate writes would be updates by administrator. The other UNIX’s required people to constantly watch out for these kinds of programs. It took time before they got the problem under control.

                                                                                            1. 2

                                                                                              I’m running Gentoo and I’m surprised sudo still has a setuid bit. I know a lot of other programs on Gentoo use filecap extended attributes instead (like for example, ping and ping6, which use to need a setuid bit).

                                                                                              The chk_passwd command for the pam module is also another thing that uses filecaps (if you use an old Gentoo image, possible an Arch image too, and rsync it to a machine without copying extended attributes, there a good chance screen unlocking and ping won’t work).

                                                                                              Are filecaps not powerful enough to work for the sudo binary?

                                                                                              1. 1

                                                                                                IIRC (been a while now for me) but isn’t setuid programs something you need to look for with PCI compliance for that very reason? I vaguely recall having to account/audit for all setuid programs and justify their having setuid. That said solaris didn’t behave too well changing some of those programs setuid bits so we always got dinged for things we couldn’t change.

                                                                                                After using openbsd’s doas, I have to say its miles less of a pain than sudo setup is. Not seen TIS though thanks for the link! Is it far off from solaris acls/rbac? (I’ve not yet read the link so exuse the possibly stupid question)

                                                                                                While setting up trusted solaris stuff could be a pain, it was rather nice compared to most of the stuff I’ve seen in linux land.

                                                                                                1. 3

                                                                                                  I can’t recall if it’s in PCI compliance but account/audit for all of them was standard practice. That is, standard practice avoided with a better design like in Trusted Xenix. The TCSEC was the first standard for security certification that mandated specific features and assurance activities in systems including mandatory access controls (not bypassable by users), least privilege, and plugging leaks. This work is an easy description of the security kernel concept with two exemplar OS’s whose designs were certified as high assurance (B3 or A1). The B1-B2 systems only use some features or techniques of B3/A1 systems like mandatory access control. Less-rigorous design/implementation means more vulnerabilities, though. The tradeoff is made to have more features, lower cost, backward compatibility, and other usual reasons for less security. Trusted Xenix (1990) was maybe the third secure UNIX but the first deployed in the commercial sector vs an academic prototype.

                                                                                                  Interestingly, I think OpenBSD was started either the last year or just after of Trusted Xenix. I think it ended in 1994 when NSA was sabotaging the TCSEC on top of market not willing to sacrifice features or higher pricing for better security. Regarding doas, though, what did you find about it that was easier than sudo? I’m on Linux so curious.

                                                                                                  1. 3

                                                                                                    Interesting info on Xenix, bit before my time in Unix land. I think I started on around sunos 2.5.1 so might have missed all that jazz. I need to have a refresher where solaris rbac fits into all that work, I vaguely recall it being based off of some government work at the time. But my memory is crap and its not too big of a deal where it fits in.

                                                                                                    As for doas, the config format is blindingly simple compared to sudoers, I was never a huge fan of sudoers config format. Excerpt from my firewall setup:

                                                                                                    permit nopass mitch cmd systat args rules
                                                                                                    permit nopass mitch cmd systat args states
                                                                                                    permit nopass mitch cmd systat args queues

                                                                                                    General format is permit|deny [nopass] user cmd /full/path/to/executable args allowed args.

                                                                                                    Reminds me more of firewall white/black lists to be honest compared to the sudoers setup. I can NEVER remember how to setup sudoers with the nopassword option, doas its beyond easy to recall as I don’t need to worry about any host alias stuff or whatnot.

                                                                                                    Essentially, its just way more KISS compared to sudo, which leads me to think its probably more secure in general as there is a lot less parsing to get wrong.

                                                                                                    env setup looks simple too but i’ve not yet needed that for any of my needs: https://man.openbsd.org/doas.conf

                                                                                                    1. 1

                                                                                                      Since I dont use Solaris, I couldnt be more helpful in comparison. Key difference is MAC vs discretionary models like users, groups, and roles. MAC is strict. Trusted Solaris was the one with that stuff. SELinux does same thing but with different model (type enforcement).

                                                                                                      Thanks for description of doas. Gives me the idea that making the language for stuff like it match firewall language might help beginners learn faster. Could also try to use an access/authorization language for most or all such things for consistency. Many exist.

                                                                                                      1. 2

                                                                                                        No worries, from a quick glance rbac does appear to be related to the mac setups you’ve linked to.

                                                                                                        A quick overview of how roles/rbac work(ed) on solaris: http://www.oracle.com/technetwork/systems/security/custom-roles-rbac-jsp-140865.html

                                                                                                        It basically worked like a separate user you could switch to to do certain work. Was a bit of a pain to setup but once there it was pretty easy to use.

                                                                                                        I never thought about the impact of the config language as to simplicity for beginners. But not having to try to expand out aliases/variables does make parsing the config file by eye way easier.

                                                                                                        1. 1

                                                                                                          I know the later versions of these kinds of products often had RBAC due to market demand. Trusted Xenix may have been too early for it. XTS-500 had it. That was STOP’s successor.

                                                                                                          1. 2

                                                                                                            That could be, rbac/solaris were a while back for me now so I can’t recall if AIX or HP/UX had their own RBAC implementations.

                                                                                                            In either case the irony for RBAC/solaris was that most places I did stuff at moved away from RBAC to sudo as most people never remembered to su - rolethatletthemdostuff instead of sudo do stuff.

                                                                                              1. 11

                                                                                                This problem is largely solved by “Jump To” in an IDE (or fancy editor). This sort of thing is why I no longer do real work in languages without these niceties. I just don’t have the patience for it any more.

                                                                                                1. 5

                                                                                                  Code reviews and online examples can suffer though - I have a very hard time reading unfamiliar Haskell and Agda code on Github where definitions aren’t either explicitly imported in an import list or given a qualified name. But perhaps that’s an argument for better online tooling…

                                                                                                  1. 2

                                                                                                    That’s a good point, although I agree that better tooling is probably the answer, particularly since fully-qualified imports still mean you’re stuck tracking down docs and such in code review with most of the existing tools.

                                                                                                    1. 1

                                                                                                      I have to admit, I fully agree with brendan here. Fully qualified imports really do increase readability to any new, or even old code.

                                                                                                      I don’t think better tooling is the best approach, I find explicit versus implicit generally explicit ends up being clearer.

                                                                                                      A possible middle ground is allow ONE unqualified import only as (if i remember right, only skimmed docs) purescript does. That would at least remove ambiguity as to where something could be coming from.

                                                                                                    2. 1

                                                                                                      Haskell’s Haddock supports hyperlinked source and so does Agda.

                                                                                                    3. 4

                                                                                                      you don’t even need that much; I find vim’s split-window feature is perfectly usable if I want to read the code where something is defined, or look at both the current code and the top of a file simultaneously. whereas on the flip side I know if no good way to eliminate the visual clutter caused by fully qualified names everywhere.

                                                                                                      1. 4

                                                                                                        You also can generate ctags and use them in vim ;)

                                                                                                        1. 1

                                                                                                          true :) I used to do that more often in my c++ days; somehow I lost the habit now that I’m doing python at work and ocaml at home, even though ctags would probably help with both of those.

                                                                                                        2. 3

                                                                                                          this doesn’t solve the “import all names” problem that you hit in languages like Python where some people do import * or you are importing something that was already re-exported from another location. You end up with busy work that an IDE could handle with a name lookup

                                                                                                          Though I agree that once you find the definition, split windows is a pretty nice way to operate

                                                                                                          1. 1

                                                                                                            I too find the result to be cluttered. But I also find new programming languages/syntaxes to be strange and chaotic in the same way. Once I use the language long enough, I am no longer overwhelmed. My hypothesis is that the eye will adapt to fully qualified names everywhere in the same way.

                                                                                                          2. 1

                                                                                                            I came here to say just this: with a sufficiently smart editor (vim, ide, or otherwise) this problem goes away almost entirely.

                                                                                                            That said, I think there are some arguments to be made for always-qualified imports

                                                                                                            1. 6

                                                                                                              I think it can be a cultural thing as well. I never enjoy typing datetime.datetime but don’t mind collections.namedtuple. itertools.ifilter is annoying though. Redundant words or information looks and reads bad.

                                                                                                              When the culture is to assume qualified imports, then the library will always be used to provide context, and that can be quite nice.

                                                                                                              When resolving a qualified name is the same syntax as a method call, that can look bad quickly. Python very much suffers from this problem. Think of Clojure stylebanespace syntax as an alternative.

                                                                                                            2. 1

                                                                                                              Does “Jump To” actually jump you to the import declaration or the function definition? I’ve never used an IDE. My guess is that an IDE would largely eliminate manual identification of the function’s origin. So that’s useful! But I’m not convinced that this would be faster than reading the module name inline in plain text. No keystroke or mouse click required to get the information. I guess the argument for using an IDE to solve this problem is something like the IDE places the information close at hand while also enabling a less verbose code style. That’s a reasonable argument. At some point the conversation becomes purely a debate about the pros and cons of IDEs. Then I would say that it’s nice to have code that doesn’t incur a dependency on a code editor.

                                                                                                              1. 2

                                                                                                                You can jump to the declaration in most IDEs (provided there is support for the language). In many you can also view the documentation for a symbol inline, no need to go searching in most cases. I agree with you that this really just changes the debate to one about tooling. However, since many people (myself included) prefer the readability of unqualified imports, tooling support is important to at least think about. For example, I work in Dart a lot at work, the Dart community tends toward unqualified imports because, at least in part, I think, pretty much everyone who writes Dart code uses either an IDE or an editor plugin with IDE-like features.

                                                                                                            1. 16

                                                                                                              I fucking hate reCaptcha, partly because the problems seem to be getting harder over time. Sometimes I literally can’t spot the cars in all the tiles.

                                                                                                              1. 19

                                                                                                                It’s also very effective at keeping Tor out. ReCATPCHA will, more often than not, refuse to even serve a CAPTCHA (or serve an unsolveable one) to Tor users. Then remember that a lot of websites are behind CloudFlare and CloudFlare uses ReCAPTCHA to check users.


                                                                                                                1. 2

                                                                                                                  For the Cloudflare issue you can install Cloudflare’s Privacy Pass extension that maintains anonymity, but still greatly reduces or removes the amount of reCaptchas Cloudflare shows you if you’re coming from an IP with bad reputation, such as a lot of the Tor exit nodes.

                                                                                                                  (Disclaimer: I work at Cloudflare but in an unrelated department)

                                                                                                                  1. 2

                                                                                                                    Luckily, CloudFlare makes it easy for site owners to whitelist Tor so Tor users don’t get checked.

                                                                                                                    1. 9

                                                                                                                      Realistically, how many site owners do that, though?

                                                                                                                  2. 16

                                                                                                                    I don’t hate it because it’s hard. I hate it because I think Google lost its moral compass. So, the last thing that I want to do is to be a free annotator for their ML efforts. Unfortunately, I have to be a free annotator anyway, because some non-Google sites use reCaptcha.

                                                                                                                    1. 7

                                                                                                                      Indeed, also annoying is you have to guess at what the stupid thing is trying to indicate as “cars”. Is it a full image of the car or not? Does the “car” span multiple tiles? Is it obscured in one tile and not in another? Which of those “count” if so? Should I include all the tiles if say the front bumper is in one tile or not? (my experiments have indicated not).

                                                                                                                      Or the store fronts, some don’t have any signage, they could be store fronts, or not, literally unknowable by a human or an AI with that limited of information.

                                                                                                                      I’m sick of being used as a training set for AI data, this is even more annoying than trying to guess if the text in question was using Fraktur and the ligature in question is what google thinks is an f, or an s. I love getting told I’m wrong by a majority of people not being able to read Fraktur and distinguish an f from an s from say an italic i or l. Now I get to be told I can’t distinguish a “car” by an image training algorithm.

                                                                                                                      1. 4

                                                                                                                        At some point, only machines will be able to spot the cars.

                                                                                                                      1. 8

                                                                                                                        Sort of an aside discussion, but the author’s choice to distribute the code as a Docker image: is that becoming a thing now?

                                                                                                                        I’m notorious among my peers for installing and trying everything under the sun, and usually having to blow out and reinstall my computer about once a year (usually coinciding with Apple’s release of an updated MacOS). Maybe I’m late to the party, but Docker images are a much cleaner way of distributing projects in a working environment, are they not?

                                                                                                                        1. 13

                                                                                                                          This feels like the kind of thing I’d be grumpy about if I were any older; software distribution is one of our oldest and therefore most-studied problems. Java tried to solve it with a universal runtime. Package managers try to solve it with an army of maintainers who manage dependencies. Giving up on all that and bundling the entirety of latex and all its dependencies (one of the intermediate images is 3 point 23 fucking gigs!) just to distribute a 279 line style file and make it easier to use feels… kind of excessive?

                                                                                                                          That said, I’m not old and grumpy and this is awesome. I kind of hope that this becomes a thing, it’s easy to install and easy to remove (and know that you’ve left no traces on your system) and this image will presumably be usable for a very long time.

                                                                                                                          EDIT: I wrote the above comment while I was waiting for the image to finish downloading. It’s now finished and the final image takes up 5.63GB of my disk space. I don’t mind for this one-off package but would certainly mind if this method of distribution started catching on. Maybe we should just all use nix?

                                                                                                                          1. 3

                                                                                                                            I wrote the above comment while I was waiting for the image to finish downloading. It’s now finished and the final image takes up 5.63GB of my disk space. I don’t mind for this one-off package but would certainly mind if this method of distribution started catching on. Maybe we should just all use nix?

                                                                                                                            Docker has some mechanisms for sharing significant parts of those images… at least if they’re created from the same base. The problem obviously is that people are free to do whatever, so that sharing is far from optimal.

                                                                                                                            1. 1

                                                                                                                              Agreed, I assumed this was going to be something like a 200 python script with maybe 2 or 3 dependencies.

                                                                                                                            2. 4

                                                                                                                              A docker image is the new curl|sh install method.

                                                                                                                              Basically ignore any concerns about security, updates, ‘I want this shit now Ma.’

                                                                                                                              1. 4

                                                                                                                                A random docker image is less likely to fuck up your home dir, though.

                                                                                                                                1. 2

                                                                                                                                  I’ve spent a lot more time working with the shell than Docker. I find this Docker image a lot easier to understand and verify than various things I’ve been told to curl | sh.

                                                                                                                                  1. 1

                                                                                                                                    Couldn’t you just download and verify a script with curl -o filename.sh http://domain.name/filename.sh? How does a random Docker image end up being easier to verify? With a script you can just read through it, and verify what it does. With a Docker image you basically have to trust an image from 2014 of an entire operating system.

                                                                                                                                    This honestly looks like one of the worst candidates for a Docker image. You have a tiny plaintext file which is all this is installing, and you are being told to download a multi gigabyte blob. I can understand why some people recommend using Docker for development, and running things and places you might not have control of the entire system, it here just seems unnecessary here.

                                                                                                                                    1. 1

                                                                                                                                      I don’t see how it’s installing just a style. It’s installing TeX, which is a big hairy package.

                                                                                                                                      When I pull down the install for rustup, I end up with a 360 line shell script, which isn’t super easy to verify. For haskell’s stack, it’s 720. I swear I’ve seen 1500 before.

                                                                                                                                  2. 1

                                                                                                                                    Agree re security (you could get hacked) but at least it won’t accidentally wipe your hard drive while trying to uninstall (as has happened a few timed I’m aware of).

                                                                                                                                  3. 3

                                                                                                                                    In this case especially, as the instructions to install and configure are pretty painful:


                                                                                                                                    Oh, there are none. But there is this:


                                                                                                                                    As an aside, the Docker image has a couple of features I’m quite proud of (in a small way).

                                                                                                                                    1. The default command of the container outputs help text.

                                                                                                                                    2. If the convert_images.sh script spots a Makefile, it runs it, eg:


                                                                                                                                    which reduces build time significantly if you have a lot of images.

                                                                                                                                    1. 4

                                                                                                                                      Just scrolling through that second link gives me anxiety; oh my god this is going to go wrong in fifty different ways. Getting it all together in a configured package (docker image) was pretty smart.

                                                                                                                                      1. 3

                                                                                                                                        I don’t know… Looking at the second link, the install instructions are actually fairly simple if you have TeX and the dependencies installed. Even if you don’t, like it’s just a LaTeX distribution, the tikz package, and the xcolor-solarized package.

                                                                                                                                        In which case the instructions are only:

                                                                                                                                        $ cd ${LATEX_ROOT}/texmf/tex/latex && git clone https://github.com/Jubobs/gitdags.git
                                                                                                                                        $ kpsewhich gitdags.sty   # Check to see if gitdags.sty can be seen by TeX

                                                                                                                                        I feel like an entire Docker container is a little overkill. Might be an OK way to try the software, especially if you don’t have a TeX distribution installed, but it wouldn’t be a good way to actually use it.

                                                                                                                                        1. 1

                                                                                                                                          From the link:

                                                                                                                                          ‘First, do NOT use apt-get to install. The best is to install TexLive from the Tex Users Groug (TUG).’

                                                                                                                                          1. 1

                                                                                                                                            Yeah like I said, the instructions are fairly simple if you have a TeX distribution Installed. If that version does happened to be from a distribution, I’m sure it works anyways - he did say the best way.

                                                                                                                                            If you don’t happen to have TeX installed, it’s not that complicated to install it from manually from TUG anyways.

                                                                                                                                          2. 1

                                                                                                                                            Looking at the second link, the install instructions are actually fairly simple if you have TeX and the dependencies installed

                                                                                                                                            Yeah, I already have TeX on my system, so I don’t really see what the problem is.

                                                                                                                                          3. 1

                                                                                                                                            The default command of the container outputs help text.

                                                                                                                                            I haven’t seen that before; for a “packaging” container (rather than an “app deployment” container) it’s a nice touch I’ll be copying, thanks :-)

                                                                                                                                          4. 2

                                                                                                                                            I’ve used this very package with nix on OS X, I think a docker image is… a bit over the top personally. It wasn’t that bad to install and setup compared to any other latex package.

                                                                                                                                          1. 4

                                                                                                                                            I would love to see this book completed. I think it’d be a great service to the Haskell community.

                                                                                                                                            1. 6

                                                                                                                                              Having spent the last 2 years starting a (Haskell) company, my time for open source is not abundant. If things go well I’ll certainly pick it up again though.

                                                                                                                                              1. 3

                                                                                                                                                I’m with him on this, I’ve just read the first 4 or 5 chapters, but I’m planning to eventually sit down and follow it through, implementing everything. If there is anything we can do (as a community I mean) to help with it, say so! At the very least I can help reporting typos :]

                                                                                                                                                1. 2

                                                                                                                                                  That’s completely understandable. I hope the company’s doing well.

                                                                                                                                                  1. 2

                                                                                                                                                    No rush, we can wait :)

                                                                                                                                                    I actually binge-read/reproduced write you a haskell for the last three days.

                                                                                                                                                    I really enjoyed it, thanks for writing it!

                                                                                                                                                    1. 2

                                                                                                                                                      Wonderful, makes me happy to hear people get some value out of the first manuscript.

                                                                                                                                                      1. 1

                                                                                                                                                        Yep, its quite cool, I learnt a lot. Just being selfish in saying it would be great to have it completed. But I also understand you starting a business and having commitments. So no worries, thanks for all the fish so far!

                                                                                                                                                1. 4

                                                                                                                                                  There are a few reasons for me clinging to MacOS for work (I’m a network engineer, and I code a bit too). The overshadowing first reason is called Microsoft Office. I wish I didn’t have to use it, but I have so far not been able to properly dodge it and my current employer is entangled beyond belief in the whole Microsoft ecosystem with OneDrive, Teams, Yammer, OneNote et. al. that I’m aware of nice cross-platform replacements for, but stuck with.

                                                                                                                                                  Similarly, I’m depending on OmniGraffle to display and create visio (compatible) drawings.

                                                                                                                                                  So why not just run Windows? Well, I had a go at that although not by personal choice when I started my current employment half a year ago, where I was handed a mediocre HP laptop while waiting for my Macbook Pro to be available, and it was quite terrible to work with. It became bearable when I had my emacs setup tuned, and I could sort of live inside emacs, but it was a poor substitute for the terminals and unix tools I’ve come to depend on.

                                                                                                                                                  Another reason, and that may just me being scared from previous experience running Linux for work, and that’s the whole multiple display thing. I have multiple displays at my home office at different rotations, and a widescreen monitor at work. Switching between multiple displays was never painless when I ran Linux, but that may have improved since then Still the point about different DPIs have been raised elsewhere here, so I believe it at least partly still applies.

                                                                                                                                                  And then there’s stability. It is entirely possible to have a stable Linux environment, but not perpetually. Something will break between releases and you’re forced to tinker and be unproductive. I enjoyed that part when I was younger, and I still do for my hobby systems. But for work, I just want things to work.

                                                                                                                                                  1. 5

                                                                                                                                                    Multi monitor is definitely why I stay on OS X. Perfect it is not, but as someone that has hand edited x.org files in the past, i’ve never had a great experience with multiple monitors.

                                                                                                                                                    And osx with nix basically solves all my needs for a unix os. I get emacs and anything else out of there.

                                                                                                                                                    If I were to switch to linux on the desktop it would probably be nixos, least then I can easily move between stable islands of software at once with sane backing out of things.

                                                                                                                                                    1. 1

                                                                                                                                                      I’ve often ran multi-monitor setups on Linux, and the selection of monitors has usually been rather odd. I usually use arandr to arrange and set them up, and… it just works.

                                                                                                                                                      Just curious what sorts of issues you had?

                                                                                                                                                      1. 3

                                                                                                                                                        Mostly plugging things in and having the window layouts work sanely. Also at issue tended to be putting the laptop to sleep and unplugging the monitor and not having anything come back up until I rebooted the laptop etc…

                                                                                                                                                        In a nutshell, edge cases all over, not that osx doesn’t have its own similar problems it tends not to lose the ability to display a screen.

                                                                                                                                                    2. 2

                                                                                                                                                      Multimonitor support is 90% of why I’m planning to test drive moving away from OSX back to windows :)

                                                                                                                                                      1. 1

                                                                                                                                                        Have you run into the bug where sleeping with a monitor attached causes everything to black screen forever? Haven’t been able to escape that :/

                                                                                                                                                        I’d want to move to Windows too, but the privacy policy creeps me out.

                                                                                                                                                        1. 1

                                                                                                                                                          Yes. It happens not very often, but just often enough to make me irritated at the best of times. (And I still get the occasional panic on plugging in or removing a monitor.)

                                                                                                                                                          1. 1

                                                                                                                                                            I get all my windows moved to one monitor 95% of the time the displays come back on, and there’s a bug in the video card driver (Mac Pro Toob) that crashes everything on-screen (except the mouse pointer) and also crashes displayport audio, but leaves every application running as if everything were peachy. That one gets me every few weeks or so.

                                                                                                                                                            Also, I used to run 2 * UHD displays at 60hz, a third at 30hz. But now I can only run one at 60hz, both others run at 30. It’s fucked and it shits me to tears. When I bought it this was the top-shelf you could get, and while I cheaped out on core count, I went for the higher-end video option.

                                                                                                                                                      1. 1

                                                                                                                                                        So how long till we see a benchmark between the different implementations of “true”?

                                                                                                                                                        1. 5

                                                                                                                                                          Putting on my “very definitely not a scientist” hat:

                                                                                                                                                          $ time for i in `seq 1000`; do true; done
                                                                                                                                                          real	0m0.010s
                                                                                                                                                          user	0m0.004s
                                                                                                                                                          sys	0m0.004s
                                                                                                                                                          $ time for i in `seq 1000`; do /bin/true; done
                                                                                                                                                          real	0m1.280s
                                                                                                                                                          user	0m0.112s
                                                                                                                                                          sys	0m0.320s
                                                                                                                                                          $ time for i in `seq 1000`; do sh -c ''; done
                                                                                                                                                          real	0m1.552s
                                                                                                                                                          user	0m0.172s
                                                                                                                                                          sys	0m0.292s
                                                                                                                                                          $ lsb_release -d
                                                                                                                                                          Description:	Debian GNU/Linux 8.10 (jessie)
                                                                                                                                                          1. 1

                                                                                                                                                            Beware of constructs like this if you write production code and intend it to be portable.

                                                                                                                                                            $ time for i in `seq 1000`; do true; done
                                                                                                                                                            Syntax error: "do" unexpected

                                                                                                                                                            Also: true is not guaranteed to be a builtin, : is.

                                                                                                                                                            1. 1

                                                                                                                                                              The “very definitely not a scientist” hat has a tag on the inside saying in big red letters “very definitely not for production use”. =) You would indeed need to subshell or something using /bin/time instead of bash’s builtin time, and I made no effort whatsoever to be portable (or to ensure caches were filled or the processor unburdened with background tasks).

                                                                                                                                                              As another possibly amusing case:

                                                                                                                                                              $ readlink /bin/sh
                                                                                                                                                              $ time for i in `seq 1000`; do bash -c ''; done
                                                                                                                                                              real	0m2.488s
                                                                                                                                                              user	0m0.180s
                                                                                                                                                              sys	0m0.332s

                                                                                                                                                              Anybody want to try with zsh? ;)

                                                                                                                                                              1. 2

                                                                                                                                                                Sure, i’ll do a few more for comparison on a SLOW arm box, that’ll make this all the more pronounced. :)

                                                                                                                                                                $ for x in ash bash mksh zsh; do
                                                                                                                                                                time (for i in `seq 1000`; do ${x} -c ''; done)
                                                                                                                                                                ( for i in `seq 1000`; do; ${x} -c ''; done; )  0.39s user 0.39s system 2% cpu 35.974 total
                                                                                                                                                                ( for i in `seq 1000`; do; ${x} -c ''; done; )  0.08s user 0.71s system 1% cpu 46.198 total
                                                                                                                                                                ( for i in `seq 1000`; do; ${x} -c ''; done; )  0.20s user 0.58s system 2% cpu 36.801 total
                                                                                                                                                                ( for i in `seq 1000`; do; ${x} -c ''; done; )  0.21s user 0.61s system 1% cpu 44.066 total
                                                                                                                                                                $ time (for i in `seq 1000`; do /bin/true; done)
                                                                                                                                                                ( for i in `seq 1000`; do; /bin/true; done; )  0.74s user 0.00s system 2% cpu 32.241 total

                                                                                                                                                                Lets compare that to a fully static minimal true (no ld.so shenanigans) note, this is a musl libc system not glibc:

                                                                                                                                                                $ echo 'int main(){}' > /tmp/true.c
                                                                                                                                                                $ make CC=clang CFLAGS=-Oz LDFLAGS=-static /tmp/true
                                                                                                                                                                clang -Oz  -static  /tmp/true.c   -o /tmp/true
                                                                                                                                                                $ objdump -p /tmp/true | grep NEEDED
                                                                                                                                                                $ time (for i in `seq 1000`; do /tmp/true; done)
                                                                                                                                                                ( for i in `seq 1000`; do; /tmp/true; done; )  0.74s user 0.00s system 2% cpu 36.887 total

                                                                                                                                                                Well that was ostensibly worse, go figure. Lets strip it too to be sure.

                                                                                                                                                                $ strip /tmp/true
                                                                                                                                                                $ time (for i in `seq 1000`; do /tmp/true; done)
                                                                                                                                                                ( for i in `seq 1000`; do; /tmp/true; done; )  0.74s user 0.00s system 2% cpu 36.406 total

                                                                                                                                                                I would’ve guessed that minimal true would be the fastest of the bunch, but guess not, GO FIGURE. YMMV this is all not scientific at all.

                                                                                                                                                          2. 2

                                                                                                                                                            Any slowness in the script version could probably be linked to some other bloat in that program.

                                                                                                                                                            1. 0

                                                                                                                                                              Careful, the troll police is hawk-eyed and doesn’t appreciate truths like that.

                                                                                                                                                          1. 3

                                                                                                                                                            I like being aware of this. Sometimes people try to improve things that are perfectly ok already and when you examine why, it’s usually because they feel that they need to do something. It happens outside of software and engineering too,

                                                                                                                                                            1. 3

                                                                                                                                                              Isn’t it better though to have an ELF binary which just returns 0, rather than having to start a shell interpreter every time you want to invoke /bin/true? Also, when every other part of a collection of tools (in this case GNU coreutils) follows a convention (i.e that --version prints version information and --help prints usage information), is it really better that /bin/true is the one binary which doesn’t follow that convention?

                                                                                                                                                              This seems like a classic case of making the world a little bit better.

                                                                                                                                                              1. 3

                                                                                                                                                                Isn’t it better though to have an ELF binary which just returns 0, rather than having to start a shell interpreter every time you want to invoke /bin/true?

                                                                                                                                                                I can see an alternate viewpoint where it just seems like bloat. It’s yet another chunk of source to carry around to a distribution, yet another binary to build when bootstrapping a system, and other holdovers.

                                                                                                                                                                Also the GNU coreutils implementation of true is embarrassing. https://github.com/coreutils/coreutils/blob/master/src/true.c is 65 lines of C code and accepts 2 command-line arguments, which means that the binary has to be locale aware in those situations.

                                                                                                                                                                1. 1

                                                                                                                                                                  Yep, I’d call depending on sh to deal with /bin/true bloat, if only due to the overall extra time to exec() sh in general. Times with a warm cache, not cold. Yes this is golfing to a degree, but this kind of stuff adds up. A minimal binary in my opinion is not worse, its seeing the forest over a single sh tree.

                                                                                                                                                                  $ time sh -c ''
                                                                                                                                                                  real    0m0.004s
                                                                                                                                                                  user    0m0.000s
                                                                                                                                                                  sys     0m0.003s
                                                                                                                                                                  $ time /bin/true
                                                                                                                                                                  real    0m0.001s
                                                                                                                                                                  user    0m0.000s
                                                                                                                                                                  sys     0m0.002s

                                                                                                                                                                  Even that though is gnu true, compared to a return 0 binary its also slow due to the locale etc… stuff you mention:

                                                                                                                                                                  $ time /tmp/true
                                                                                                                                                                  real    0m0.001s
                                                                                                                                                                  user    0m0.001s
                                                                                                                                                                  sys     0m0.000s