Threads for mr_dad
-
so amp is like putting a mini rocket on a elephant
-
ralish
edited
6 years ago
|
link
| on:
What do you normally install on your servers to monitor, debug and secure them
For the Windows admins (hello? Bueller?):
-
Sysinternals Suite
Utterly essential. Every Windows system I admin has these. -
Message Analyzer
For packet capture & network diagnostics. Wireshark is also excellent. In general, I find MA has better protocol decoders for Microsoft specific stuff while Wireshark has much broader protocol support. -
Debugging Tools for Windows
Installed on an as needed basis as for crash dump analysis just perform the analysis on the client. There are some scenarios though where having them on the affected system is either required or just makes life easier. Included with the Windows SDK versus a discrete download, but the download optionally includes MSI redistributables. -
Windows Performance Toolkit
Installed as needed like the above and available via the Windows SDK with optional redistributables. If you’re diagnosing performance problems on a system, especially at the OS level, these are frequently invaluable. The actual analysis can be done on the client.
For all of the above except Message Analyzer you really want to configure symbols. The Debugging Tools effectively need them to be useful in most scenarios, while the WPT tools and many Sysinternals tools are much more useful with them (e.g. viewing a call stack for a thread in Process Explorer).
-
Sysinternals Suite
-
I don’t know about Chrome, but modern Safari will actually pause unused tabs, or throw them out of memory, and won’t reload all your previously open tabs when restoring a session either.
-
-
uh oh we just added these hot 4 features, better bump up the major version!
-
Well, it’s not like Firefox follows SemVer.
Firefox used to adhere to a strict 6-week train model of promoting features to release. Now they publish a 6-to-8 week schedule for the year, for the same process. It’s actually quite cool, I’d recommend checking out the first link if you’re not familiar with the train model.
See also:
- Announcement of rust’s train model
- A recent lobsters submission about deploying an app on a train release schedule
-
-
Indeed they changed their model after Chrome sped up the release process. As I understand, they did it to match the rate of evolution in the web. Firefox’s release model before then was probably too long, too slow to keep up with the rate of change in Javascript APIs, etc. Hurray?
-
-
-
-
I’ve already given my 2 cents on the matter in an older post, but I’d also like to add something else:
Why would you expect people not to use downvotes as a convenient shorthand for “I disagree with this”? It’s much easier to click on a button than to form an argument or even just ignore something you don’t like. People are just like that.
And seriously, the graying out is moronic, stop it. I will mention this every time the topic gets brought up.
-
-
-
The absolute madman…he actually did it.
-
Thanks for doing this! How would you feel to add now a “report” button for patently abusive comments?
Anyway, I think we can at least experiment and see what happens for a couple of weeks. If things get out of hand we can always roll back, but hey, at least we tried!
-
I think it’s easy to find and message a mod in those cases (it has happened before even with downvoting).
I’m not against adding a formal “report” action but if it’s too easy to tap it anytime someone’s jimmies are rustled, we (the moderators) are going to have more stuff to wade through and investigate every time we just want to read the site like everyone else. The nice thing about comment downvoting is that the users did all the work and if the comment was bad enough, it was grayed out and collapsed, effectively doing the same thing a moderator would have to by removing it.
-
I think it might be a good idea to handle comments like stories: have a “flag” button that is basically a downvote button, but has different connotations. Also show the flag reasons above the flagged comment for visibility (I also think this will promote discussion, I know it does with stories).
This way the community still has a channel to self-moderate without the tendency for abuse that the downvote button had.
-
-
-
This kind of democratic action, transparency, & good faith efforts in community and admins is why I like this site so much. The content, too, obviously. I cant wait to see what effect it has on the comment quality!
-
-
A member of the community wanted a change to the status quo. Many people weighed in. Most convincing arguments were in favor of eliminating downvotes. jcs eliminated downvotes.
Now, compare that to how most forums or admins handle a “change the site” thread. This thread’s results looks more democratic in comparison.
-
-
But…. that’s still not democracy.
(I’m not saying it’s bad that lobsters isn’t a democracy, I’m just saying it isn’t.)
-
As Transmetropolitan points out, democracy can be overrated.
-
-
-
-
-
Next we need to consider removing comment upvotes. Otherwise there’s potentially too much positive encouragement for short bite-sized comments that lack substenance and don’t really contribute to the discussion but which happen to have “popular appeal” for other reasons.
Anyway it’s nice to watch how this plays out. Downvotes can be quite frustrating.
-
-
Because we probably don’t want to see the comment section full of bite sized chunks that lack substenance and don’t contribute to a discussion. Yet people love such things. At least sites with mainstream appeal are rampant with such comments. Repeating memes, calling for hillary/trump/putin/obama to be shot, making fun of $bigcorp, bashing people’s software choices, etc. etc.
There’s so much crap (even on-topic) one could post and there’s probably always an audience that agrees and will upvote just because they agree or find it funny or whatever. Downvotes are essentially community moderation that in my view has done a great job keeping such bull to a minimum on HN and here (not so much on reddit, I wonder why?). If downvotes were only used for this purpose, I don’t think anyone would object. The problem is when they are used to suppress, discourage and frustrate perfectly legitimate posters.
-
Agreed. The front page right now contains at least a few posts that have comments that I’d normally down-vote. Some of those comments have even bubbled to the top, despite the fact that they are silly content free quips that I expect to see at the top of a reddit post, but not here.
-
-
-
-
-
-
upvoted this :)
-
maybe in their place you can add some thread coloring to note that certain problematic people are participating in the discussion? I’m sure the list for everyone is different, but I’d love some warning before even looking at a thread where $USER is arguing in bad faith using discredited arguments because they’re a callow and thoughtless young person.
-
-
thanks!
-
-
I like the way it’s handled for posts; there’s an upvote, and there’s a flag button. Flags are essentially downvotes, but because they’re treated differently they don’t “feel” like downvotes. I don’t think people are flagging article submissions that they disagree with.
-
My suggestion is that downvotes should be accompanied by a reason, and then “downvote” can be “upvoted” to show agreement. I don’t have the knowledge/time/energy to implement this and offer a PR, unfortunately. I do try to offer a reason I’m downvoting a post, unless it’s a troll.
-
-
-
-
Right now if I click on a downvote arrow, I need to specify the reason. Thus, if the reason is not listed, that means the comment shouldn’t be downvoted.
The current options are:
- Off topic
- Incorrect (to which I wouldn’t personally downvote, but rather reply with the “correct” answer)
- Me-too
- Troll
- Spam
Some communities solve this problem by eliminating completely the downvote and replacing it with a “report” button, which has different connotations.
If we’re going to stick with up & downvotes, there’s little we can do. Sites like Slashdot have been experimenting with alternative methods to control moderation quality, and I think there is no perfect system.
However, and this is 100% my personal opinion, my favorite method is the upvote + report button. I don’t mind “dumb” or “incorrect” comments sitting with 1 point at the bottom of the page. We all can be mistaken sometimes or write a comment which is just too snarky or misinterpretable, and receiving a downvote for them is infuriating and solves nothing.
Edit: I replied to you instead of OP by mistake, however I think the discussion is still relevant
-
-
I’d love if the disagree button grayed out the post for the local user but did nothing on the backend.
-
-
-
i use my laptop
-
mr_dad
6 years ago
|
link
| on:
Mozilla’s proposed conclusion regarding the matter of WoSign and StartCom
some corporations work hard at providing free high quality services other corporations work hard at high quality bans on free services
-
cool
-
language inside a language inside a language? what would possibly be faster?
-
-
I was disappointed to see the 2011 project is now dead after reading the authors' descriptions in the reddit ama.
It isn’t entirely clear to me if the ‘generic programming’ and ‘type propagation’ of Clay2011 is spiritually different from, say, the type inference system in Haskell. Is one more expressive? Is one more concise? Any insight? Different implementations with an equivalent result?
If the two are different, are there other languages with an approach like Clay2011?
-
I was disappointed to see the 2011 project is now dead after reading the authors' descriptions in the reddit ama.
Yeah, I used it a bit. It was good. It ran into a bunch of problems - AIUI primarily lack of funding/time to develop it. The primary author has made some promising noises about wanting to resume the project and looking for funding to do so, but I don’t know what the status of that is.
It isn’t entirely clear to me if the ‘generic programming’ and ‘type propagation’ of Clay2011 is spiritually different from, say, the type inference system in Haskell. Is one more expressive? Is one more concise? Any insight?
Clay’s generic programming can be better thought of as a rationalisation and improvement on C++ style compile time metaprogramming, only not terrible like that makes it sound. It’s much more ad hoc than the Haskell system, but also much more flexible. It’s quite pleasant to use, although does suffer a bit from the problem of it not always being very obvious what went wrong when it doesn’t work IIRC.
-
I’m not sure why they need funding given they spun it off into a business with interesting projects:
Maybe just not enough revenue coming in for sparing development time? One thing I suggest for situations like these is making, marketing, and licensing at least one app whose profits cover the cost of at least one developer (i.e. the inventor) to continue working on Clay with majority of time. More as sales increase. Ideally, the app could be written in Clay taking advantage of its features. Then, it and other projects later become success stories that promote the language. If uptake starts, then they can sell support for it directly.
I haven’t done an analysis to prove this model or anything. It just combines two, proven ones in a way that should imply the combo would work to sponsor a given project. In this case, developing the language. I’ll also add they should use one of the compiler or DSL frameworks that make this stuff easy to avoid compiler development being a time-sink of drudgery. I think that as default would help many new languages develop at least in prototyping phase where their features are in flux and they have stuff to prove.
-
I’m not sure why they need funding given they spun it off into a business with interesting projects: http://claylabs.com/portfolio
AIUI it’s the other way around. The language came out of the labs, and most of their projects are not using it. I don’t really have any inside knowledge on the situation though so may have the details entirely wrong.
-
Yeah, they built it. I’m not implying they’re doing the stuff in Clay. I’m just saying the Clay team has a business bringing in income on high-performance, server apps. Both could benefit it or from it in some way. They must just not have a lot of money coming in. Likely, they’re charging for their time instead of I.P.. Often does it.
-
-
-
-
The author gave a great, brief description of it here:
https://www.reddit.com/r/programming/comments/ctmxx/the_clay_programming_language/c0v6o0r
That and sub-thread with Felicia may give you what you need to do the comparison.
-
-
-
instead of creating your own programming languages, improve existing ones
-
This is non-constructive… Which language do you thing Zig overlap with? The closer that come to mind would be Rust, but Zig definitely seems to intend to be lower level than Rust and the C compatibility seems to be one of the drive of the project (Unlike Rust where many C concept doesn’t translate as well to Rust and require a bit more of glue code (Which is totally fine, but not as convenient)).
-
I’m with you here. I can totally understand the frustration with new programming languages coming out every day, but really, WHY? Those that attract an audience will prosper, and those that don’t will barely make a ripple in the overall computing pond.
Why fling poo? If you think it’s pointless, just ignore it and let it die unloved.
-
Maybe it’s non-constructive, but I can’t really see anything actually interesting or unique about Zig. It just seems to be adding syntax to things … because.
And maybe that’s more just that the front page is not terribly informative on how the language works, and instead just throws you in the deep end, but it really just looks like someone said “you know what, I think C needs to look more like Ruby, and totally incomprehensible to everyone else”
-
It could be said that most langage are just adding syntax to thing that could boil down to more C boilerplate, especially system programming langage. I see Zig as a nice attempt to modernize C. Sane error handling, Maybe instead of Null, generics, explicit integer overflow wrapping, sane preprocessor instead of #ifdef/#endif hell, C header “module” that just end up exploding the compile time, etc.
I don’t see where you get the Ruby feeling from this. Zig doesn’t look like implicit magic all over the place, and rather remove some of the magic/undefined behaviour seen with C.
-
I think you’re conflating Ruby and Rails, I feel like the language on its own doesn’t have that much magic involved, but a lot of the community, and any Rails project, has a whole lot of magic in certain things.
Where I see the similarities with Ruby are mainly that Zig uses a pipe character for seemingly indecipherable things to people who are new to the language, and there seems to be some magic in when you use the percent symbol. In general, based on the code samples, it also looks like it’s a big fan of just throwing special characters into lots of places to create syntax, like Ruby.
-
-
-
-
If people followed your advice, there would only be one programming language, which would probably be LISP, which would then contradict your advice because LISP is already perfect and can not be improved.
-
-
The point of this language is to enable incremental migrations from C to a language that is significantly safer than C, yet comparably performant. It seems to me that there are no still-living languages that are as easy to migrate incrementally without either carting over all the sharp edges and undefined behaviors of C or changing the performance profile of your program substantially.
-
-
-
They are still doing it? Huh.
To elaborate: it’s stopping to matter what client system you use. Even games target multiple platforms nowadays.
-
To me, that’s a reason for projects like ReactOS and Haiku to continue rather than shut down. We’ve reached a point wherein as long as you can get a web browser to build even esoteric operating systems can be useful. This opens the door for all sorts of interesting concepts and experiments to get real-world use. Even the sort of renaissance that the BSDs seem to be enjoying (at least in certain circles) owes something to this phenomenon. On the commercial side, ChromeOS is in a similar position.
-
I see it as important for archival. What if I want to be able to use some older software, like games, that simply doesn’t run on the Windows version of today and tomorrow and don’t have source or commercial support available to make them work in perpetuity? ReactOS will presently or eventually let me play some things that are available for purchase today that simply do not run well on Windows 7/8/10.
-
-
-
-
It’s possible the Russian government is interested, but the predominance of Russian developers in itself doesn’t surprise me, since Russians have long been very prominent in the Windows hacker scene (“hacker” in the jargon-file sense here, although it also overlaps with the warez/cracker subculture). Most Americans and Europeans of that disposition seem to eventually end up as Unix enthusiasts instead, but a lot of Russians for some set of reasons stick to Windows.
-
-
I’ll inform the House Un-American Activities Committee.
-
-
-
Auto fsck when you plug in a device?… this is going to make forensics a nightmare.
-
-
I don’t think it’s a stretch to suggest that for most people, most of the time they’re plugging in a disk in order to transfer data to/from it. In that case, automounting the drive is a natural expected behavior that saves time and work for the end user.
While there certainly are users such as yourself who may frequently be making use of fdisk/dd/etc, I suspect it’s a relatively uncommon case in general. I can see how it doesn’t work for you, but I’ve never seen an automount configuration that couldn’t be disabled by an informed user.
Given that, “enraged” seems a bit of an extreme response to such tools.
-
It’s even one of the common jokes I remember people liked to use 10 years ago re: Linux on the desktop. USB drive on windows: plug it in, it shows up. USB drive on OSX: plug it in, it shows up. USB drive on Linux: [consult dmesg to find device names, issue cryptic series of command-line operations, probably after su'ing to root]
-
-
-
-
-
-
I KNEW IT
-
TL;DR no vulnerabilities
-
but once an attacker has administrative rights on a machine it’s nearly impossible to stop them from grabbing the information they want from the target. With a few PowerShell one-liners and some WMI, we can quickly enumerate KeePass configurations and set monitors to grab necessary key files
To be fair, with admin access you could also just monitor the clipboard. Or check their browser’s saved passwords. Aside from physical access, admin access is practically cheating.
-
-
eeh, I like CMake better
-
Then you’re really missing out. If you can’t use debuggers, using prints to output variable values IS debugging. Also, article is a bit misleading on Linus “I don’t use a debugger” part, he did not say that he doesn’t use debugger at all.
fake, comcast would never do that
I’ve heard Comcast is a competent evil; compared to most of their competitors who are an inept evil.