1. 1

    I suspect this will motivate some legislation to require all digital cameras embed a unique cryptographic signature in their images.

    1. 1

      It’s going to be interesting to see whether governments actually catch up with this, or whether it’s left to industry to respond to “market” demand for “video and photos that we can trust”. Seems like a pretty good case for regulation, in that when these techniques get good enough that we can’t tell whether they’re genuine or not (without getting into an infinite ML-turtle regression), pretty much all legal infrastructure that could ever rely on visual recordings as evidence is going to be up for grabs until there’s a way of proving the evidence is valid.

    1. 2

      I can think of a couple of stumbling blocks that might be in your way. First, how are you getting the leads in the first place? Are they coming from personal connections and referrals or are they from job boards? Your interview experience sounds like job boards. Personal connections can give you a “warm introduction” that pre-positions you as an advancing professional before you ever walk through the door or send in a resume. Friends and mentors can be a good place to start.

      Second, your resume may be “coded” toward lower level positions. There’s a certain way of describing projects that emphasizes the strategic or large-scale work versus detailed work. Fair or not, people expect that detail work equates to entry level whereas work described in terms of its business impact equates to senior developer or architect. This also goes for “work on tech” versus “work on people.” Senior developers, tech leads, and architects spend as much time teaching, guiding, and mentoring the team as they do implementing the code.

      The truth is that every position involves a combination of detail work and high level. People and code. But how you express those positions on your resume makes a statement about where your personal focus lies.

      1. 1

        This seems like a niche begging for a product.

        1. 2

          You mean like Ubiquiti’s AmpliFi Teleport?

          1. 1

            Ubiquiti’s AmpliFi Teleport

            I hadn’t seen that before. Looks very useful.

        1. 0

          I’m a big fan of Alan Kay and the VPRI, but I always wondered why some of their most interesting projects (COLA by Ian Piumarta, for instance) never really got much traction. It seems to me that the dynamics of innovation have drastically changed since the PARC era. Now innovation seems much more social and decentralized, and new developments happen much more organically without the need for third-party funding. The open-source distributed model is actually quite effective, see the RepRap community in 3D printing. That being said, major breakthroughs or radical ideas are probably less likely to happen without proper funding, simply because they require a critical mass of people and initial time investment. However, I can’t help but see a lot of nostalgia from Alan Kay’s recent talks and writing. Maybe it’s time for other Alan Kays to emerge from the distributed innovation community?

          1. 2

            I wonder if an innovation needs a gradual shift from protected environment to public engagement. Really groundbreaking ideas can’t happen on a plan or in the spotlight. They take time away, as Alan says. But to go from breakthrough to impact on the world today takes vast investment from many people, usually under an open-source model. (Heavy funding can substitute for broadly distributed passion, of course.)

          1. 1

            This is really interesting! The author hypothesized an algorithm that may or may not be how it’s really done. But the demo video looked like it was learning the programmer’s characteristic errors.

            I’ve had alias mkae = 'make' in my .bashrc for years. I need this feature!

            1. 1

              I find this worrisome, since we still see nearly-daily browser hijacking exploits. It sounds like a cliche, but I have to clear out 3rd party “toolbar extensions” and “search enhancers” from my mother-in-law’s laptop about once a month.

              The idea that any of them could drive a payment API is troubling.

              1. 2

                It’s good to see more research into practices/testing! I do think it’s a bit strange to say that this is how unit testing “affects” codebases though - this is only looking at correlation, not causation.

                1. 1

                  I wonder if it would be possible to use version control history to see if there’s a difference between test-first and test-after codebases.

                1. 22

                  Is anybody else getting tired of this guy? It seems like he gets a pass for being an asshole because he’s been an asshole for longer than people have cared about being an asshole. This behaviour would violate the code of conduct of any sensible project.

                  1. 20

                    Yeah you can be direct without being a dick. “I won’t merge something that breaks the kernel, please find some other way.” would have worked just fine.

                    1. 18

                      And in fact, that’s how it works most of the time.

                      Linus’ reputation as an asshole is due, in part, to selection bias, and the high profile of Linux. Thousands and thousands of merges go into the kernel all the time without a problem, and without Linus going off on a rant.

                      I don’t work on the kernel, but my observation has been that the big blow ups seem to only come after people repeatedly break the rules. I won’t say Linus handles it well, but I don’t think he’s as bad as some maintainers in some smaller open source communities.

                      1. 6

                        It’s survivor bias, not selection bias. He also owes a lot of it to businesses that got his kernel out there plus make up a lot of contributions. It’s not as if him being an asshole combined with some FOSS contributors that loved that asshole equals success of Linux.

                        1. 6

                          Not that it makes a difference, but I believe I was correct in calling it selection bias. Nobody will post to Lobste.rs or write an article when Linus is being nice, so in general people only see the bitchy posts, hence the bad reputation.

                          1. 7

                            I don’t think that’s strictly true.

                            I think there are a few salient points here:

                            • If you just go by his posts that make it to lobste.rs/hacker news/reddit, you’ll get an extremely skewed view of Linus’s attitude. The vast majority of his communications are somewhere between polite and blunt. (Remember, his job basically entails reading and writing emails all day every day, and he writes something social-media worthy at most monthly.) To the best of my knowledge, he’s never exploded at a kernel newbie, only at long-time kernel hackers.
                            • That said, his attitude is still incredibly problematic. It’s been demonstrated to drive away talented developers. It drives away new developers, even if they are not themselves directly getting yelled at by Linus.
                            • Linux’s success is a complicated beast dependent on a whole host of factors, including to varying extents all of good timing (a few years later and BSD would have made it through its legal troubles), technical talent, corporate support, sheer dumb luck. Linus’s attitude certainly had an impact, but where it slots in that long list is impossible to say; I think it was a negative factor and thus, based on Linux’s evident success, had a relatively low impact, but obviously that’s pure speculation.
                            1. 2

                              Even adding in that first bullet from you and jlarocco, I think I still agree with about everything you said. It’s consistent with my position that he goes too far with the bad stuff.

                          2. 5

                            I have never ever behaved this way to my colleagues, and I suspect you haven’t either. So to call it selection bias is to ignore that he’s doing something that the vast majority of us would be fired for. It’s not okay to rarely shout down your coworkers. Sure it’s better to do it rarely than every single day, but the fact that we keep examples of this is a clear example that he has no checks and balances.

                            1. 1

                              And generally these are people who have a corporate position that makes them believe they are entitled to break the rules.

                          3. 45

                            The only thing I’m getting tired of is people pulling the odd email out of thousands and wringing hands over how mean Old Man Linus is.

                            Maybe folks should reflect on how, after 25 years of loud and blatant protestations by Linus, fucking morons keep trying to merge the same types of userspace breaking bugs.

                            Maybe, sometimes, a broader more accepting tent isn’t the answer.

                            1. 27

                              If Linus being famously mean for 25 years hasn’t produced a productive culture, perhaps it’s time to try a new approach.

                              1. 26

                                But it has produced a plenty productive culture - a culture that produces a better end product than many more professional environments, in fact.

                                1. 5

                                  Professionally “rewarding”, still toxic at the personal end. It’s mentioned in this article mentioned at the main link.

                                  1. 3

                                    Professionally “rewarding”, still toxic at the personal end. It’s mentioned in this article mentioned at the main link.

                                    And little of value was lost. This is how Sarah Sharp tried to publicly humiliate the guy with a wife and daughter - https://lwn.net/Articles/559077/ :

                                    *Snort*. Perhaps we haven’t interacted very often, but I have never seen you be nice in person at KS. Well, there was that one time you came to me and very quietly explained you had a problem with your USB 3.0 ports, but you came off as “scared to talk to a girl kernel developer” more than “I’m trying to be polite”.

                                    I disagree with labelling things and people as “toxic” in general, but I’ll choose Linus over Sarah any day: https://linux.slashdot.org/story/15/10/05/2031247/linux-kernel-dev-sarah-sharp-quits-citing-brutal-communications-style

                                    1. 12

                                      Did we read the same mail? Did you read any of the quoted parts from Linus? A guy that refuses to even consider treating people with respect is a clear-cut asshole. I’d much rather work with someone that talks about treating people with dignity than someone that refuses to consider the concept seriously.

                                      1. [Comment from banned user removed]

                                        1. 16

                                          You got it backward. Linus is the special snowflake here if he can continue to be that unnecessarily-abusive publicly with no consequences just because his work just happened to get popular in that way. Expecting people to deliver constructive criticism or not chase away good talent is the default for those managing good teams in most places. A manager/leaser simply getting off on abusing those doing work is adding nothing of value to the project in doing so.

                                          Instead of a snowflake, people just expect to be treated with decency by default with shitflakes like Linus able to get away with being exceptional jerks.

                                          1. [Comment from banned user removed]

                                            1. 2

                                              That would be a good trait if he had it. Instead, he’s still pushing monoliths in unsafe languages with limited metaprogramming. Took forever to get it reliable versus Minix 3’s a few developers in a few years. So much for his decisions being merit-based. ;)

                                              1. 3

                                                he’s still pushing monoliths in unsafe languages with limited metaprogramming

                                                Linux is modular.

                                                There was no serious alternative to C back in 1991 and, as much as I love metaprogramming, it increases the amount of surprises for the programmer.

                                                Took forever to get it reliable versus Minix 3’s a few developers in a few years.

                                                It’s easy to be reliable when your biggest deployment is on Intel’s spy chip.

                                                Minix was little more than an emulator pet for a few CS students, before that. Low on drivers, low on performance, low on functionality. You might as well compare Linux with L4…

                                                1. 4

                                                  It’s modular in kernel mode for full compromise and crash potential. There were a bunch of memory-safe languages used in other OS’s before 1991, esp from Wirth, whose safety could be selectively disabled. Worst case compile them to C to leverage compilers while dodging programmer-related problems like some projects did.

                                                  “It’s easy to be reliable when your biggest deployment is on Intel’s spy chip.”

                                                  DOD is one of Red Hat’s biggest customers and sources of funding for contributions to Linux. Lots of kernel bugs were also found by analysis and testing tools from CompSci similarly funded by US-government. I agree that helps but a company just freeloaded off Minix 3. Should’ve went with GPL.

                                                  “Minix was little more than an emulator pet for a few CS students, before that. Low on drivers, low on performance, low on functionality. “

                                                  You should’ve seen the first Linux. It was similar but crashed more. Meanwhile, several years earlier than 1991, QNX folks were building a microkernel-based UNIX that became reliable as hell, fast, and deterministic. The Playbook versus iPad comparisons were the first I got to see with multimedia after BeOS. In both, the multithreading without stalling abilities were mindboggling versus the better-funded, older competition. My Linux systems can still come to a crawl over misbehaved applications to this day. Things that the others made highly unlikely with better architecture.

                                                  You’re arguments were who used it and features that came with labor put in. Either one of those put into better architecture would’ve made an even better Linux. So, they’re neutral points. Mine was Linus wouldn’t listen anyway. If you believed him in Linus vs Tannenbaum, things like the Playbook w/ QNX and BeOS would’ve been impossible to program easily or perform well. Way wrong cuz he’s about politics and arbitrary preferences as much as merit. Like most developers.

                                2. 18

                                  It has, though?

                                  What I meant was that newcomers seem to be ignoring 25 years of norms and others being surprised when those newcomers–who are doing dumb things–are told to knock it off.

                                  1. 6

                                    Yeah, With “productive”, which seems to have been a really poor word choice, I meant one that didn’t have to teach the same thing over and over in the way you described. Sorry to you and the other responders for the confusion.

                                    1. 2

                                      Thanks for the clarification, and agreed.

                                  2. 13

                                    Linux is the most successful, widespread operating system kernel of all time. You can say the man’s rude, but you can’t say the results demonstrate unproductivity.

                                    1. 2

                                      The others from Microsoft, Apple, and IBM also were driven by assholes who were greedy on top of it. Just throwing that in there even though Im anti-Linus in this debate.

                                  3. 21

                                    There’s honestly no good reason to be hostile. It doesn’t actually help reduce the problem, evidenced by the fact that what he has done hasn’t worked. Instead they need processes for check in, code reviews, and linters. Linus should be delegating more as well if this is bothering him so much.

                                    1. 4

                                      That’s not a theory supported by the evidence.

                                      1. 3

                                        What he’s done hasn’t worked. Most contributions are from businesses. Many good talent say they avoid it. That seems to be evidence of something. Meanwhile, the Rust crowd managed to get piles of people early on for one of the hardest-to-learn languages I’ve seen in a while. They used the opposite approach. Now, two projects or even ten aren’t a lot of datapoints for an empirical assessment of which method is working. Oh, what can we do to see how much or how little damage Linus is doing to kernel in terms of lost contributions?

                                        Oh wait, it turns out researchers in universities have been doing both observational studies and surveys on large numbers of organizations and people for decades covering this very thing. A key question was which management styles have most positive impact. One thing that’s pretty consistent in the research is that people working for assholes were much more likely to half-ass their work on purpose, dodge doing work, or even sabotage that person where possible. People working for those that treated them with respect or constructive criticism did better work. That kept being a result of most studies. Crazy to ignore decades of consistency in human behavior when trying to decide how best to treat them in a FOSS project for achieving goals such as more contributors, higher-quality contributions, and so on.

                                        The theory supported by the evidence is that Linus’ style when doing what’s in the OP is unnecessarily rude and destructive. The evidence says he’ll loose a lot of talent since that talent just needs a worthwhile project to work on rather than his project. Just like he feels he doesn’t need them. Objectively, such a result is bad for the project if one wants it to improve. He might be willing to sacrifice features, QA, and so on for the personal enjoyment of those insults. That is what he’s doing. Anyone defending him shouldn’t pretend otherwise. Instead, they should shift to their actual argument of “I know we’re losing contributors that could’ve made the Linux kernel even better. The main reason is Linus’s personal preference. We think that’s a good status quo to maintain because…” That does look to be a harder position to defend, though, on either technical or moral grounds.

                                        1. 1

                                          Just to say, would be nice if you posted source of the research you’re referencing.

                                          1. 3

                                            I’m too much of an overloaded procrastinator to give it to you. I’d have to resurvey it as I bet the Web 1.0 sites are gone, new ones have formed, and I’ll have to dig through tons of noise. I do plan to either find or do another meta study on that in future since it’s so critical. For IT, I always told people to read the PeopleWare book and Dale Carnegie’s How to Win Friends and Influence People. Lots of managers hand out the latter believing it’s great advice. Implies they think blunt assholes are non-ideal. The No Asshole Rule book also cited a bunch of studies on effects of people being assholes downward or upward in an organizations recommending against it.

                                            I do need to recollect the studies, though. Plus do a new bookmarking solution I’ve been procrastinating on since Firefox is full to point it constantly looses bookmarks lol.

                                  4. 8

                                    Linux would not be what it is today if they would be “merge-first-fix-later” type code-conducted safe place for noobs to mess around in.

                                    1. 16

                                      If you’re going to be derogatory, safe space is properly mocking.

                                      There is a near infinite gap between “let the noods do whatever they want to the codebase” and “don’t degrade people’s character because they submitted a PR you dislike”.

                                      I guess some people are just more tolerant of a project leader taking their anger and frustration out on people trying to get involved?

                                      1. 20

                                        The problem isn’t that he wouldn’t merge the person’s code. The problem is the unprofessional way that he treats other people. The fact that you think the problem is that he wouldn’t merge the code is either deeply concerning or purposefully avoiding the issue.

                                        1. 7

                                          If you actually read the damn thread, you see that Linus actually explained this pretty clearly: http://lkml.iu.edu/hypermail/linux/kernel/1711.2/01357.html

                                          The person decides to ignore Linus and Linus gets angry, I really don’t see a problem here.

                                          1. 2

                                            Ok, I read the full thread. It’s more reasonable in the other parts. Kees seems to have put some work into making it acceptable. Later on, I see someone do what Linus should’ve done in the first place in giving specific details about where he’s coming from in a way that wouldn’t have bothered me as a contributor:

                                            http://lkml.iu.edu/hypermail/linux/kernel/1711.2/03732.html

                                            After seeing that, I’m more annoyed by whoever was half-assing security contributions to the kernel so much that it will be hard for worthwhile contributions to get in.

                                            1. 1

                                              Yeah, same here - I think there are just special snowflakes who think that human psychology has anything to do with whether or not the kernel is going to continue running reliably for me, the kernel user. Guess what snowflakes, nobody cares about the feelings if the product doesn’t work.

                                              Not to mention, this is only the squeaky wheel - Linus has been nice and professional and accommodating many, many times over. Many more times over, in fact. It just never makes the news ..

                                          2. [Comment removed by author]

                                            1. 3

                                              I’m not used to navigating the CVE database, is there an easy way to restrict issues to just the Linux kernel?

                                          3. 6

                                            Nope. I think he’s great. And I’m very glad that he is stewarding the Linux project to this day. Whether you think its ‘nice’ or not, his management of the Linux kernel has produced superlative results - and sometimes, in the thick of the mob, you have to be an asshole to get people to work the way they need to work to continue producing quality results.

                                            What I am sick of, is petulant snowflakes who think they know better than Linus how to manage the 1000’s of developers that want to have their fingers in the pie. The kernel doesn’t care about your feelings, and neither do 99.9999% of the kernels really important people: its users.

                                            1. 4

                                              Since when did asking to be treated with the bare minimum of basic human decency become a “special snowflake” thing? Nobody wants Linus to write “You’re so wonderful, and special, and beautiful, but I cannot accept this patch because, despite how wonderful and unique it and you are, it just won’t work with Linux’s performance requirements.”

                                              NOBODY is asking for that. So I don’t get why I keep seeing “special snowflake” thrown around. I guess it’s just a strawman? (OH WAIT I GET IT NOW!)

                                              Notice how your comment is verging on “nobody can critique the way Linus runs the project (that we all rely on in myriad ways)”. Aren’t snowflakes the ones who want to shut people down and stop discussion? Isn’t it the “snowflakes” that want to prevent people from having to hear mean things? (Like, stop taking your anger out on contributors because you’re not 7 anymore).

                                              Doesn’t it kind of seem like–and bear with me here, I know it hurts–that you’ve become the special snowflake? Stifling discussion, needing a space where someone you look up to is immune to criticism, insulting people who are just trying to have a conversation?

                                              Isn’t it your post that seems to be the petulant one here?

                                              1. 2

                                                Since when did asking to be treated with the bare minimum of basic human decency become a “special snowflake” thing?

                                                Precisely at the point where well-established ground rules, respected by the rest of us, were continually broken with no regard for the work load incurred, nor the hassle of having to deal with all the noise. Or did you miss the part where known, functional, productive policies were repeatedly ignored in the rush to get this patch included in the next release?

                                                Its one thing for a contributor to feel like they should be treated with respect as a special snowflake whose feelings are more important than the work, or in this case non-work, that they are contributing to the lives of others; its another thing to respect the very foundations of the activity from which one is attempting to derive that respect in ones own life.

                                                Perhaps you missed the part where this could have been a disaster for the Linux kernel, and a lot of time was wasted having to deal with it, since the original developer decided to ignore the policies, well-since established as being necessary to the task of managing the Kernel patch integration process?

                                                “nobody can critique the way Linus runs the project (that we all rely on in myriad ways)”

                                                Well, whether you like it or not, its the truth: Linus has guided the way through decades of these kinds of events, and we have an extraordinarily powerful tool that has revolutionised computers as a result. Perhaps you ought to consider whether the quality of your own work and contributions might improve if you harden up a little and don’t take offence so easily. Time and again, this proves to be true - in the real world and in this fantasy land we’re currently sharing as participants in this thread.

                                                The poster involved in this incident seems to have accepted that they were, in fact, violating a fundamental policy of the Linux kernel developer group, and has addressed the issue in a way that moves things forward - how, exactly, would Linux kernel development be pushed forward by your insistence at being treated like a snowflake?

                                                A mistake was made - the policy was not followed - and Linus jumped on the guy. He’ll never do it again, many many others have also learned the importance of the check-in policy (Rule #1: Don’t Break The Kernel.) and he doesn’t seem at all worse for the wear, personally, as a consequence; its really only folks such as yourself who are getting so easily upset about this, because Linus somehow doesn’t conform to your particular cultural ideal.

                                                Perhaps you haven’t been following Linux kernel development for long, or with much attention - there are many, many counter-cases of Linus having great relations with the developer group, which don’t seem to figure into your equation that “Linus is rude”. He’s precisely rude when he needs to be, and an awesome, polite, respectful individual, all the while. Please try to avail yourself of that truth before you continue ad-hoc insults and insinuations against random Internet strangers. It hurts my feelings to be challenged by an ignoramus.

                                                Doesn’t it kind of seem like–and bear with me here, I know it hurts–that you’ve become the special snowflake?

                                                Are you assuming that I wouldn’t want to be called a snowflake when appropriate? Because, I’m quite a snowflake, and often, when its appropriate or otherwise. Absolutely nothing with being called one, when you are one. Or, is there some other kind of kettle we should be boiling for tea?

                                            2. 2

                                              If a security vulnerability is introduced by design it’s still a bug. It just means the mistake was made at design time as opposed to implementation time.

                                              1. 2

                                                In all sincerity here, what would it mean for a person to say, “I’m not going to tolerate this behavior?”

                                                Linus would still own the Linux trademark. He’d still control the mainline kernel repo. The “lieutenants” that manage various areas of the kernel would still control those areas and report to him. It seems very unlikely that they would support a coup. (Anyone who had a major problem with Linus’ behavior wouldn’t have lasted long enough to get one of the top positions.)

                                                As a user, you can choose not to use or support Linux. But as a user, you don’t get to change the way the project runs.

                                                I think the most extreme option you’d have would be to fork the source code and try to attract both a large developer community and a large user base on the basis of running a more inclusive community. But there’s a chicken-and-egg problem to that approach.

                                                There’s an implicit hypothesis that says, “A more inclusive community will produce a better kernel.” Let’s assume that proves to be true. Some users would switch on that basis alone, but most will wait to see practical benefits. Since it would still take time for a fork to produce tangible benefits, you’d have to attract developers and users with the promise alone. We have a small set of cases to examine, where a major open source project was forked with the intention of creating a better community. It appears that the majority of users will hang back with a “wait and see” approach.

                                                I really don’t know what kind of negative feedback anyone could apply to Linus that would have an effect.

                                                1. 1

                                                  Working code doesn’t care about your feelings. Working code is completely orthogonal to human emotions. My computer runs whether I’m crying or not.

                                                2. 0

                                                  This behaviour would violate the code of conduct of any sensible project.

                                                  Maybe you should run a kernel made by the CoC crowd. I’ll stick with the foul-mouthed guy.

                                                  1. 5

                                                    The only one I know off top of head is Redox OS since it used Rust CoC. It’s got potential but is alpha software. All the rest that are good seem to be made with different philosophies with a range of civility.

                                                    I am interested if anyone knows of another usable OS made with all activity enforced with a CoC a la Rust/Redox. At least the basic console or GUI apps so it’s usable for some day to day stuff.

                                                      1. 1

                                                        Good catch. This one…

                                                        “There can be no place within the FreeBSD Community for discriminatory speech or action. We do not believe anyone should be treated any differently based on who they are, where they are from, where their ancestors were from, what they look like, what gender they identify as, who they choose to sleep with, how old they are, their physical capabilities or what sort of religious beliefs they may hold. What matters is the contribution they are able to make to the project, and only that.”

                                                        …is where the politically-motivated try to find a lot of wiggle room for censorship as beliefs vary. One reason I collect these is so we can look back at data in commits or on forums to see what impact they have. Note I said OS that was made with the activity enforced this way. Some could have it added as an evolution of moderation policies well after it’s a successful project that was built on a different philosophy. How long has that CoC been in FreeBSD?

                                                        1. 4

                                                          How long has that CoC been in FreeBSD?

                                                          It’s relatively new - it was announced in July 2015. Even before the CoC was added a few developers were ejected for abusive behaviour (I’m not going to dig those out, but you can find references online).

                                                          1. 2

                                                            Ok, so it’s not an example of an OS developed under the CoC. It was a highly-mature OS that probably started with really different kinds of people just because they were the norm for early days of BSD’s and Linux. With your comment, they were just using common sense of ejecting folks who were obviously abusive without anything more formal or constraining. That still leaves Redox as the only one I know that had the policy and supporters of it from the start.

                                                            The main way I think this can be tested is with frameworks or libraries that are in same language and crowd. Basically, keep the situation as close as possible so about the only strong variable is community style. Should be easier with libraries or frameworks since they’re more accessible to new contributors. People are always doing more of those.

                                                1. 7

                                                  There’s a dimension that I haven’t seen mentioned yet.

                                                  Communication norms differ wildly across cultures. For instance, people in The Netherlands speak bluntly, to the point of seeming offensive to people from the US. Contrariwise, people from the US may seem like they constantly beat around the bush and won’t just say what they mean.

                                                  Now, I don’t know of a culture where saying “you should be ashamed of this” is considered acceptable form. But a statement like, “You’re wrong. Here’s how,” can come off as rude or belittling to people from cultures like the US and Canada, where direct criticism is not used. I’ve seen the reverse too, where “That’s bollocks” was routine business comms.

                                                  1. 2

                                                    You even see this distinction within the US. I notice a lot of northeastern individuals have a more direct approach to discussion than compared to west coast people.

                                                  1. 9

                                                    This isn’t about debugging or UNIX for that matter. It’s about “normalization of deviance”, that one gets used to an incomplete, unfinished tool/feature/system, come to rely on it, and then something doesn’t work and isn’t transparent about “why”.

                                                    Reminds of Ken Thompson’s “ed” editor’s sole error message - “?”. Because you should be able to figure out why on your own.

                                                    So he’s right that UNIX is filled with the issue from the beginning, but he’s a bit obscure about the connection to the debugger. gdb is no different than ton’s of similar debuggers I’ve used for decades on systems unrelated to UNIX as well, so don’t blame it.

                                                    If something refuses to function, there needs to be a means to say “hey, this part over here needs attention”. In this case, it’s like an uncaught exception, which is shorthand for “figure it out yourself”, i.e. back to Ken Thompson’s world as above.

                                                    These things happen because someone doesn’t have the time or interest to finish the job. All kinds of software are left similarly uncompleted, because it works well enough to get the immediate job done, and the rest is quickly forgotten. Hardware examples abound, the the Pentium floating point errors, and like variants.

                                                    1. 2

                                                      I’m reminded of this presentation, aimed at language (in a very broad sense) designers about how to make better error messages.

                                                      1. 1

                                                        Thanks for that link. It is exactly what I needed at this time.

                                                    1. 29

                                                      I think one of the biggest “secret” is the debugging technique or method. It is kind of similar to scientific method (hypothesis, test, evaluation of result), but never explicitly described, it is just something you have to pick up as you go. That really separates those who can program anything and those who can’t.

                                                      1. 13

                                                        I would agree with this, and specifically the part about generation of hypotheses about what might be wrong, and how to specifically test and evaluate then, and if they’re wrong, reject them and come up with a new one afterwards. It’s hard without experience to generate hypotheses when there’s no hints and nobody who knows more than you about the problem. It also seems to be hard to be objective about your hypothesis, seek to prove if it’s right or wrong, and reject it if it’s wrong. It’s these things that you can’t learn by reading about them.

                                                        1. 8

                                                          It is frustrating.

                                                          We have an entire Internet or two of “programming tutorials” that frequently leave out all of the problems and mistakes that the author made while trying to write it – believing perhaps this makes them seem like less of an expert. I’d like to see more things like this gem (see the mistakes at the bottom).

                                                          We also have a computer science curriculum which still seems to pretend (at least at the beginning) that instructions are equal and memory is fast and “teach” binary-trees and probed hash tables as “data structures”. But whatever. How do you know this hasn’t degenerated into a linked-list? Debugging seems remarkably absent any CS curriculum being single stepping, mental simulation of an algorithm, and printf.

                                                          However I don’t think the scientific method is quite right. Peirce believed that too much rigour (or as he put it “stumbling ratiocination”) was inferior to sentiment, and that the scientific method was best suited to theoretical research. For more on this subject, see the Pragmatic theory of Truth, but a little background for my argument should be enough: Peirce outlined four methods of settling an opinion:

                                                          1. Tenacity; sticking to ones initial belief brings comforts and decisiveness, but ignores contrary information.
                                                          2. Authority, which overcomes disagreements but sometimes brutally
                                                          3. a priori – which promotes conformity less brutally but fosters opinions as something like tastes. It depends on fashion in paradigms, and while it is more intellectual and respectable it sustains accidental and capricious beliefs.
                                                          4. The scientific method, which obviously excels the others by being deliberately designed to arrive – eventually – at the most secure beliefs, upon which the most successful practices can be based

                                                          Now we still see a lot of “programming wisdom and lore” which people do because they always have, or because some blog said so. I’d argue syntax-highlighting and oh-my-zsh are fashionable, and laugh at anyone who believed that the scientific method could demonstrate these tools are ideal.

                                                          So what then? Well, it means we have pseudo-science in our programming.

                                                          It’s for this that I remain that we (as a society) don’t know how to program computers – let alone teach anyone how to program (and therefore debug). I predict this will mature over the next couple hundred years or so, but I don’t expect anyone in my lifetime to be able to teach programming itself, the way, for example, we can teach bridge-building.

                                                          1. 1

                                                            “I don’t expect anyone in my lifetime to be able to teach programming itself, the way, for example, we can teach bridge-building.”

                                                            We’ve been doing it a while if you keep the structuring simple. The first is an iterative method for doing that with low cost that combines things like lego blocks. Even students get low defect rate on quite-maintainable code. The second adds formal specifications and verifiable code to drive predictability up and defects further down. The third combined with error-handling techniques and automated testing is pretty good at dealing with stuff too complex for the rest. So, I’d say we can do quite a bit of what you describe but it’s mostly just not applied.

                                                            http://infohost.nmt.edu/~al/cseet-paper.html

                                                            http://www.anthonyhall.org/c_by_c_secure_system.pdf

                                                            http://www.eiffel.com/developers/design_by_contract_in_detail.html

                                                            1. 2

                                                              I’m not sure I understand what you’re saying. Maybe you don’t understand what I’m saying.

                                                              Clean room doesn’t help a programmer understand what’s wrong with:

                                                              memcpy(a, b, c*d);
                                                              

                                                              All of these examples advise not putting bugs in the first place – sensible advice to the novice, for sure, but how exactly does that teach us how to debug programs?

                                                              What constitutes a bug in the first place? Eiffel sounds great not having any bugs in it, but what exactly does that mean?

                                                              Is “DISK 0K” a bug? There’s a wonderful story of tech support getting a report that I’m getting an error message about my disk being full, but the computer says it’s ok.

                                                              If you’re saving a big (multi-gigabyte) CAD drawing to disk and run out of space ten minutes in, should the system generate an error, telling you to quit and delete some files and try again later? We use multitasking systems, so why not pause and give the user the option to retry or fail? They can delete some files if they want to…

                                                              What about an email server? What if it runs out of disk space? Should reject a message? Could we still pause, let the client timeout while we page the sysadmin/operator?

                                                              Writing software is in part, being able to say what you mean (implement), and part being able to mean what the business means (specify), but it’s also clearly (still) a matter of taste because we don’t have good science to point to giving us the answers to these questions.

                                                              In contrast, have you seen bridge engineering handbooks? Pretty much every consideration you might have when you need to build a bridge is documented and well researched in a way that makes software development professionals look like lego builders.

                                                          2. 2

                                                            Two great talks on the topic of debugging:

                                                            Stu Halloway on Debugging with the Scientific Method

                                                            Brian Cantrill on Debugging Under Fire: Keep your Head when Systems have Lost their Mind

                                                            What I find interesting is that, depsite their different backgrounds and presentation styles, their advice has a lot of similarity.

                                                          1. 8

                                                            At work we’ve recently started using Architecture Decision Records (ADR). These are lightweight documents capturing a decision, and more importantly its context and tradeoffs. This has really cut down on rehashing conversations again and again, and lets us keep working asynchronously, while also transferring important architecture decisions.

                                                            I find ADR’s much easier to write than documentation, because you’re writing down what you’ve been thinking and talking about, rather than having to transform it into a documentation context.

                                                            1. 2

                                                              Very cool to hear. Are any of them on open source or public projects? People are always looking for examples of ADRs they can study.

                                                              1. 1

                                                                Unfortunately not, though I’ll probably use them on other open source projects I work on.

                                                            1. 4

                                                              It makes me sad there there are so many different instant messaging platforms in common use today and they are all proprietary and unfederated walled gardens.

                                                              • iMessage
                                                              • Skype
                                                              • Facebook messenger
                                                              • Snapchat
                                                              • Google Hangouts
                                                              • Google Allo
                                                              • WeChat
                                                              • SnapChat

                                                              I would like for something like XMPP to be successful, but it seems more and more unlikely as time goes on.

                                                              1. 4

                                                                I until recently would have agreed. However, I think that Conversations on Android showed that you can make a good client that people seem to be able to agree upon. Having something like that (a dominant, fully featured, yet simple to use) application, maybe web application could make things better again when using XMPP.

                                                                If not I hope that Matrix picks up some steam. It looks promising, however I think it’s too early. Currently the clients are very rough around the corners and only techy people seem to use it. That’s not a complaint, other than against myself, for not helping out - or not having time to.

                                                                This is all based on the assumption that the major reason for not using XMPP is the lack of easily working desktop/mobile sync, especially in combination with encryption. OMEMO to me is the best thing that has happened in a while.

                                                                1. 3

                                                                  I’ve sometimes thought that the only reason we have good email interoperability is because there was no profit in running email systems back when the standard was written.

                                                                  It seems that there’s no way to create a commons once a market develops. (I’m happy to be proven wrong, and would love to see counterexamples!)

                                                                  1. 3

                                                                    XMPP is evolving with the times. You can now get end-to-end encryption, and mobile-friendly optimizations that minimize polling and save battery life.

                                                                    Android client: https://conversations.im/

                                                                    iOS client: https://chatsecure.org/

                                                                    Eventual codebase unification: https://chatsecure.org/blog/chatsecure-conversations-zom/

                                                                    Riot/Matrix isn’t XMPP but is similarly open: https://matrix.org/docs/projects/client/riot.html

                                                                    1. 3

                                                                      Not to mention KakaoTalk, WhatsApp, and LINE, which are crazy popular in places that aren’t the US.

                                                                      1. 3

                                                                        You listed Snapchat twice!

                                                                        1. 2

                                                                          I think there is a slight difference with iMessage. When it comes to the Mac app, you could plug in all sorts of services that had XMPP as their baseline. This fell apart over time as Facebook, Google, etc. all closed up and in the High Sierra version of Messages you can only add smaller Jabber/XMPP services.

                                                                          For a lot of those services, they did start out as open XMPP services, but it’s likely the case that they realized they didn’t want the competition on the client side.

                                                                          1. 1

                                                                            I think part of the issue has been XMPP’s lack of adoption of new market features, and how hard it’s been to keep up with the pace of innovation throughout the entire XMPP federated network. If those challenges can be made simple, I’d expect there to be an increase in adoption. I don’t know if that would be enough to start chipping away at the network effect however.

                                                                          1. 1

                                                                            I often see code bases where every domain class has an interface, such that the signatures in the interface map one-to-one with the public signatures in the domain class. It’s usually motivated by a desire for test mocks but sometimes also as an interpretation of DIP and dependency injection.

                                                                            So far, every time I’ve seen that there were real abstractions struggling to get out of the mammoth interface. Usually some smaller set of methods are used together by a subset of callers. Another set of methods will be used by a different set of callers.

                                                                            That’s what the segregated interface principle is about. Each of those subsets of methods show cohesion, so each should be separated into a more descriptive, more abstract interface.

                                                                            As a rule, I scrutinize any interface that has exactly one implementer.

                                                                            1. 1

                                                                              This is a nice approach that reminds me of the “Out of the Tar Pit” paper.

                                                                              By sheer coincidence, I heard a presentation about FactUI a week or so back. It takes a similar approach to say “bits of the UI state tree are defined by query results”. It does the heavy lifting directly in the browser.

                                                                              1. 4

                                                                                I remember reading about this in the Spring Papers from Sun’s research labs. It took some digging, but I found a link in the Wayback Machine.

                                                                                The Spring Nucleus: A Microkernel for Objects

                                                                                1. 3

                                                                                  I like this one better. It’s really clean compared to an integration with a monolothic OS built for different usage. Too bad Oracle owns the IP. Moving on.

                                                                                1. 8

                                                                                  There’s this funny history in physics where some of the really well known metaphors were meant to be arguments against a thing by reductio ad absurdem.

                                                                                  For example, Fred Hoyle used the term “Big Bang” to argue against the idea of an expanding universe with a single point of creation. (He thought it was a religious argument rather than a physical one.)

                                                                                  1. 8

                                                                                    It was irresponsible and dumb.

                                                                                    It’s also what journalists have done forever. The term “doxxing” is the new part… the idea of allowing people to preserve the anonymity of their online identity is relatively new. I think we’re going to see a protracted struggle to establish a new cultural norm about this.

                                                                                    For example, can you believe that companies used to publish big books with everybody’s name, home address, and phone number printed right in it? And they would give it away totally for free. (I’m only half-joking… kids now are stunned to learn that phone books used to be a thing.)

                                                                                    1. 2

                                                                                      allowing people to preserve the anonymity of their online identity

                                                                                      It’s more of a collective fiction. Let’s all pretend that what we wrote last year can no longer be accessed by the people we have silly feuds with today. So many people think that this is a good idea, that even the European Union took it seriously and gave people the right to rewrite online history to better suit their mood.

                                                                                      Real anonymity is hard, with almost all the communication channels wiretapped with the excuse of terrorists and paedophiles, so we’re supposed to focus on pretend-anonymity now. Unfortunately, it’s working.

                                                                                      1. 9

                                                                                        I have to disagree. Your point about the intractability of the problem is well-taken, but taking the attitude that anonymity is a fiction has the result that nobody feels responsible for fixing it.

                                                                                        Besides, there actually is a clear line here: Disclosing somebody’s legal residence has very real consequences for them. And it’s clear that putting it together in this case wasn’t an easy task, even though the information was nominally “public”.

                                                                                        People who have the knowledge and experience to follow that kind of trail should be careful about how they use it, just as a locksmith shouldn’t go around unlocking random people’s doors and rationalize it by saying they’re just rearranging public pieces of metal which were on the outside of the home.

                                                                                        1. 4

                                                                                          Unlocking a locked door is clearly a single unified action. There might be some objective sense in which it’s a bunch of separate movements of pieces of metal, but no human would see it that way.

                                                                                          There is something deeply, viscerally oppressive about the idea that it might be ok to read published fact A, read published fact A => B, but not ok to publish B. It seems like 1984-style doublethink.

                                                                                          1. 4

                                                                                            I think your second paragraph is insightful, and gets to the heart of a lot of objections to my position, especially objections from technically-minded people. Thank you for saying it.

                                                                                            I nonetheless do take the position you mention. “Not okay” is a pretty broad term, and I’m not suggesting it should be illegal… but I really do feel that it’s the consequences, not the actions themselves, which should have primary importance when we talk about ethics.

                                                                                            I don’t really think the “single unified action” thing is a meaningful distinction; I think that it’s a valid perception, but more a matter of perspective than anything really different between the scenarios. I had to hire a locksmith not long ago, which is why it came to mind; I’m pretty sure it was a bunch of individual steps to him, establishing tension then working one pin at a time, even though to me the upshot was that I waited a few minutes and then my door was open. (It was also somewhat frightening how few minutes it took.)

                                                                                            1. 2

                                                                                              I don’t really think the “single unified action” thing is a meaningful distinction; I think that it’s a valid perception, but more a matter of perspective than anything really different between the scenarios. I had to hire a locksmith not long ago, which is why it came to mind; I’m pretty sure it was a bunch of individual steps to him, establishing tension then working one pin at a time, even though to me the upshot was that I waited a few minutes and then my door was open. (It was also somewhat frightening how few minutes it took.)

                                                                                              Well, put it this way: I don’t think there are many noncontrived cases where it would be unclear who had unlocked your door. I mean it would be possible for a locksmith to jiggle a few pins, leave the tools in place, and have another locksmith come and finish it off, but I don’t think that’s a common enough case that we need to worry about the morality of it.

                                                                                              I’m reminded of the “ghost gun” business in the US. Roughly, from memory: commercial gun sellers are required to register their sales, but private individuals are allowed to make their own guns, and gun professionals are allowed to sell replacement parts or help people assemble guns without needing to check registration. Eventually the government was obliged to formalise things, and thus we have the “80% finished lower receiver”: one particular part is regarded as being “the gun”, and it’s considered a piece of metal after it’s shaped but before the holes are drilled in it, and a gun afterwards. So to “make” your own gun you can buy the parts, drill the holes in that one piece yourself, then get it assembled.

                                                                                              Kind of absurd, but at least they did manage to draw a line somewhere. Doing this with linking a name and address is much harder - is it the person who publishes that person x went to school in town y? The person who publishes that internet personality z is a fan of sports team w?

                                                                                              It doesn’t feel like it should be the person who puts published facts together, though maybe that’s my biases. The classical philosophical tradition is that all true logical statements are regarded as vacuous; if we knew all the facts that lead us to a given conclusion, then we already knew the conclusion. This is unsatisfying when it comes to something like Fermat’s Last Theorem, where the proof was clearly an enormous amount of work. But we don’t really have a good model for assigning credit/blame for that kind of work - for mathematical theorems the credit tends to go to whoever puts the capstone on, but that seems rather unfair. We seem to be approaching these inferences the same way.

                                                                                              1. 3

                                                                                                Sorry I missed this yesterday.

                                                                                                You make a fair point. The category of response I’m thinking about is: I’m less interested in assigning blame than in raising awareness. If people are conscious of how the information they’re sharing could be used against other people, we can get to a higher level of responsibility. It would be unreasonable to demand constant caution until awareness of the threat model is widespread.

                                                                                                If I were trying to assign blame, I’d place it on everyone who could reasonably anticipate the result. People who post things; site owners who don’t have a process to remove private information; unnecessarily broad data-retention policies; people who train customer-service representatives and don’t adequately prepare them for social engineering … In this particular case I do imagine some of the blame belongs with the journalist who put the pieces together; I kind of doubt that it was entirely a matter of web searching, or it would have happened long before.

                                                                                                But I really am not trying to assign blame so much as encourage people to take responsibility. I understand that this must seem like a fantasy, but if every raindrop decided to be responsible, there wouldn’t be a flood.

                                                                                          2. 0

                                                                                            People who have the knowledge and experience to follow that kind of trail should be careful about how they use it, just as a locksmith shouldn’t go around unlocking random people’s doors

                                                                                            A more appropriate comparison would be a photographer going around public places and taking pictures. Not illegal, not immoral, not unexpected. (yes, I think requiring Google/Bing Maps to blur faces and street numbers is absurd).

                                                                                            1. 5

                                                                                              You’re just restating your position that there’s nothing immoral here. I don’t want to put words in your mouth, but I understand your reasoning to be that people should expect doxxing to happen, and therefore there cannot be anything wrong with it, regardless of its effects. But I expect a laptop to get stolen if I leave it visible in my car; that doesn’t mean the thief has done nothing wrong. Have I summarized accurately? Do we agree on that example? Does it seem like a relevant example to you?

                                                                                              You don’t have to debate, of course, and I’m happy to drop this if you want to. Just to say that, because it can’t be taken for granted.

                                                                                              1. 1

                                                                                                Have I summarized accurately? Do we agree on that example? Does it seem like a relevant example to you?

                                                                                                No, of course not. My position is that “doxxing” is nothing more than journalism and that journalism is not illegal, not even when done by amateurs.

                                                                                                1. 3

                                                                                                  Heh, well it’s of course to you, but that’s why I asked…

                                                                                                  I feel like there are a lot of things that cause serious harm that aren’t illegal. The law necessarily takes a quite weak position on what things people should avoid doing. There’s no law that says you can’t cut in line at the supermarket, but don’t do it, anyway. I don’t really see the law as relevant here at all, so I doubt we’ll find agreement.

                                                                                        2. 2

                                                                                          For example, can you believe that companies used to publish big books with everybody’s name, home address, and phone number printed right in it? And they would give it away totally for free. (I’m only half-joking… kids now are stunned to learn that phone books used to be a thing.)

                                                                                          Are phonebooks no longer a thing in the United States? When did that stop?

                                                                                          1. 1

                                                                                            They were still publishing them as of a couple years ago, but I suspect they were mostly used as a source of free kindling for backyard BBQs.

                                                                                            1. 3

                                                                                              The Bells no longer print phone books themselves; that business was sold off, at least ten years ago, to independent companies. I’ve met salespeople who were doing hard-sell approaches to get local businesses to buy ads in the yellow pages, which was always a significant revenue source and now seems to be all that’s left.

                                                                                        1. 92

                                                                                          Forcing JS everywhere is arrogance. Accept that native platforms offer a superior UX to web UIs at a fraction of the resource cost. Understand that forcing a document viewing platform to be an app runtime suffers from impedance mismatches that users pick up on. (Shipping a V8 runtime is still hacky).

                                                                                          For all that tech claims to care about execution and UX, they’re awfully wedded to second-best tooling. And for all the talk of “constant learning,” nobody seems to want to move on, instead cramming square pegs further into round holes, wasting engineering effort, and then writing self-congratulatory Medium posts on how they hit 60fps on an i7.

                                                                                          This is not engineering. It is fashion.

                                                                                          1. 44

                                                                                            it’s not arrogance, it’s a sad but pragmatic concession to the fact that there is no good, productive way to write a cross-platform desktop app with easy packaging and shipping for at least linux, mac and windows. people can simply develop and maintain code a lot more easily in electron than they can in C++/Qt, .NET still has issues on linux, gtk is a pain to package and ship, and somehow java never took off (from personal experience, I gave up on it because swing was painful, but I hear there are better options now).

                                                                                            i have personally settled on ocaml + gtk, which i found nicely productive under linux, but it took me days to get things compiling under windows, mostly because i had to set up a cygwin environment and fight incompatibilities between things compiled against gtk 2.24.30 and things compiled against gtk 2.24.31.

                                                                                            (incidentally, racket is a very productive language for writing desktop apps in; it just needs a lot of work put into optimising the gui platform. i’m keeping a hopeful eye on it.)

                                                                                            1. 10

                                                                                              This is a good point. There are two issues here:

                                                                                              1. A language that has equal footing on both macOS and Windows. There are a few that fit the bill here, but it certainly limits your options out of the gate.

                                                                                              2. A cross-platform UI framework that isn’t terrible. I think they all are, including Qt. (Qt just gets a pass these days because it is less bad than everything else.) Also, chosen language needs decent bindings to the UI framework.

                                                                                              Ideal: common library shared by native apps, but nobody does this.

                                                                                              1. 6

                                                                                                good, productive way to write a cross-platform desktop app with easy packaging and shipping

                                                                                                It’s going to be controversial but: Java 8 is one, actually. And JavaFX isn’t really bad. And you can package the jre so the user does not have to ship it.

                                                                                                And you can use Kotlin or Ceylon or even Scala if you really don’t like .java.

                                                                                                1. 5

                                                                                                  Can you hot reload UI code without blowing up application state in Java/JavaFX the same way you can with the web? How about inspect and manipulate UI elements in a running program?

                                                                                                  Iterative UI development on the web, if you’re careful to disentangle state and operations on that state (React makes this easy!), is very nice.

                                                                                                  1. 4

                                                                                                    as an active java developer between 1997 and 2013 I would have said “no, not really”, but since getting into Android development, I have changed my tune completely. well designed code can immediately reload any and all state from storage and a good development environment can ‘hot’ deploy. I’ve extended the notion to some of my Java desktop and server apps and it works just as well. the key is in app design; if your code can tolerate being killed without notice, hot reloads are essentially a freebie!

                                                                                                    1. 2

                                                                                                      clojure absolutely lets you do this, though clojure can be very sluggish for its own reasons.

                                                                                                    2. 3

                                                                                                      or clojure :) i started writing a desktop app in clojure several years ago, and only gave it up because swing was too painful, but clojure itself was pretty pleasant to develop gui apps in.

                                                                                                      1. 3

                                                                                                        I built an IDE for games with Clojure and JavaFX. The combination worked really well.

                                                                                                  2. 24

                                                                                                    “Yeah, yeah, but your scientists were so preoccupied with whether or not they could that they didn’t stop to think if they should.” - Dr. Ian Malcom, Jurassic Park (1993)

                                                                                                    1. 5

                                                                                                      Shipping a V8 runtime is still hacky

                                                                                                      Is shipping a lua runtime similarly hacky? edit: add a y to hack

                                                                                                      1. 9

                                                                                                        I don’t know, but at least Lua is made to be embeddable, whereas JS is embedded because they want to write the app in that.

                                                                                                        1. 5

                                                                                                          whereas JS is embedded because they want to write the app in that.

                                                                                                          What is V8, if not an embeddable scripting language for Chrome’s version of WebKit?

                                                                                                          Say what you will about JS (I hate it) but it’s almost undeniable that we’d be talking about Electron enough to have any debate about it at all if it used something other than JS.

                                                                                                          1. 2

                                                                                                            Is it really embeddable? Wasn’t one of the issues of Node that V8 changes API so quick, it is difficult to keep track of it so unless you have a lot of resources, you’re going to get stuck on an old version because API compatibility is not a priority for V8?

                                                                                                            1. 2

                                                                                                              Define “embeddable”?

                                                                                                              It might not be their goal to provide V8 as an embeddable implementation of JavaScript for other projects, but it’s certainly embedded in Chrome/Chromium, right?

                                                                                                              Wasn’t one of the issues of Node that V8 changes API so quick

                                                                                                              I have no idea, as I don’t follow this. But, this sounds like a tradeoff that Node has to make if they want to continue using V8, so long as V8 has no interest in providing this sort of compatibility.

                                                                                                              1. 5

                                                                                                                Sure enough, only 4 hours later a discussion on trouble with keeping up with V8 happens on the Node project.

                                                                                                                1. 2

                                                                                                                  That’s fairly horrifying. :(

                                                                                                                2. 1

                                                                                                                  Lots of things are stuck inside another thing - Lua is seen as being a particularly embeddable language and runtime because a bunch of choices were made in their design to facilitate embedding them in things. V8 is essentially the opposite. Hence, while it clearly is embedded in various things, it isn’t really a language and runtime combination which is good for that case; so, ‘not really embeddable’.

                                                                                                            2. 1

                                                                                                              With @Leonidas comment, I think I (may?) now understand your intention in saying “Shipping a V8 runtime is still hacky.”

                                                                                                              Did you mean to imply that because V8 has to be yanked out of Chrome, and the API isn’t stable that it’s hacky?

                                                                                                              1. 4

                                                                                                                I’d call it that. Lua, like most embeddable stuff, is designed to easily include in whatever app you want with its existinh interfaces. This will be easy. V8 is embedded in Chrome but maybe not “embeddable” in other stuff easily. Didn’t seem a high priority in its design.

                                                                                                                1. 2

                                                                                                                  Yup! I was trying to understand if @mattgreenrocks thought shipping any embedded language was hacky, or just V8 / node in particular. But even still, I don’t see how that’s avoidable in Electron’s case, given their goals.

                                                                                                                  I wouldn’t consider Lua hacky to ship, generally, but there are certainly situations in which shipping a Lua VM would be hacky. It all depends on what the intentions and goals are.

                                                                                                                  1. 1

                                                                                                                    It was targeted more at V8, yeah.

                                                                                                                    You can usually find ways to package a VM in with an app and remove hassles around needing the VM on the system or certain versions. Desktop apps have big issues around making it easy to package and run everywhere, still.

                                                                                                                    1. 5

                                                                                                                      I may be way off here (I’ve never done an Electron app), but I’m surprised that this thread seems to be going on the assumption (on all sides?) that embedding V8 is really the objectionable part of Electron. I had always assumed it was the embedded web browser (Chromium) that was the culprit in making these apps large, memory-hungry, and “webbish” in their UI conventions, not the embedded JS runtime. I mean, Node CLI apps aren’t necessarily my favorite way to write a CLI app, but they’re not sluggish the way the Slack desktop app is sluggish.

                                                                                                                      1. 3

                                                                                                                        It is, but I think @apg was poking at what part of my “embedding V8 is still hacky” part, not, “what part of Electron is objectionable?”

                                                                                                                        Re-using the entire browser layout engine is ridiculous, yes.

                                                                                                                        1. 1

                                                                                                                          I had always assumed it was the embedded web browser (Chromium)

                                                                                                                          I mentally filter most things that look like another JS framework or whatever. Especially if comments start about how resource-hungry it is. This is first one on Electron I actually read where I found out it embeds a whole, web browser. Wow, yeah, easily the most objectionable thing. This tangent covered another important property of how embeddable its main components were in the first place. As in, should they be used at all vs individual libraries? Where that went shows it’s even worse of an idea.

                                                                                                              2. 10

                                                                                                                Eh… I don’t think so:

                                                                                                                $ cd /tmp/v8; sloccount .
                                                                                                                Totals grouped by language (dominant language first):
                                                                                                                cpp:        1305265 (97.78%)
                                                                                                                python:       27869 (2.09%)
                                                                                                                sh:            1147 (0.09%)
                                                                                                                ansic:          357 (0.03%)
                                                                                                                lisp:           222 (0.02%)
                                                                                                                
                                                                                                                $ cd /tmp/lua; sloccount .
                                                                                                                Totals grouped by language (dominant language first):
                                                                                                                ansic:        16595 (100.00%)
                                                                                                                

                                                                                                                Lua’s source is a little over 1% of v8’s.

                                                                                                                Even LuaJIT which is faster than v8 in many cases is smaller:

                                                                                                                $ cd /tmp/luajit; sloccount .
                                                                                                                Totals grouped by language (dominant language first):
                                                                                                                ansic:        59836 (100.00%)
                                                                                                                

                                                                                                                Lua is the only language I’ve seen that really meets the requirements for being an embedded interpreter (apart from some tiny lisp implementations). Granted, node runs on a lot of IoT devices but I’m pretty sure it’s using more than 256k of flash and more than 64k of ram (unlike elua).

                                                                                                                1. 3

                                                                                                                  requirements for being an embedded interpreter

                                                                                                                  What are the official requirements for this?

                                                                                                                  I don’t think a lot of people care about slocount if it meets their requirements.

                                                                                                                  1. 2

                                                                                                                    There is also an “original” embedded interpreter - Tcl.

                                                                                                                2. 4

                                                                                                                  Who is forcing anything anywhere? People use the tools they want to use to build their apps. Make the native tools attractive to developers and they’ll build using those tools.

                                                                                                                  Telling developers who know Javascript and all of a sudden can create desktop apps that they’re being arrogant is in itself arrogant.

                                                                                                                1. 1

                                                                                                                  I would appreciate a ELI5. I skimmed through the paper and from what I saw they took the entire domain of time, mapped it into a couple categories (weekday/weekend, working hours/non-working hours) and then created a test matrix based off that. What I’m not clear on is if this special matrix was smaller than what you’d expect by just doing a combinatorial test of all categories. They mention generating a test with something “pairwise”, but I think I missed a piece about how this approach is better than “write a list of possible states”.

                                                                                                                  1. 1

                                                                                                                    The first array is special. If you just generated every combination of the 5 different equivalence classes, you’d have 48 combinations to test.

                                                                                                                    They don’t explain how they arrived at that array, but it looks like they used some knowledge of the logic inside the system under test. They may have drawn a Karnaugh map to find equivalence classes that don’t have any mutual effect.

                                                                                                                    It’s not clear to me why they generate the results into a second array, other than for compact representation. Verification only consists of looking across a row to see if the values disagree. The paper didn’t talk about any column-wise verification in that second array. So in implementation terms, you could generate the output as a list of lists.