1. 2

    What is going on in the Minecraft example? I tried to find the creator by searching Google, but didn’t find anything.

    1. 5

      You can see in the lower left hand corner of the loading screen some references to MCP and Forge, which are tools used to modify/load mods into Minecraft. I assume this person just wrote a Java solution to the problem and basically just used the Minecraft client as a container for their GUI.

      It’s been a while since I’ve messed around with any of this stuff, but I did have fun building a fairly complex adding machine a few years ago using this mod https://github.com/dan200/ComputerCraft - which makes available in-game monitors, cabling, and a “computer” that is programmable with LUA. Using something like ComputerCraft could be a fun way to solve one of these problems. You could hook the in-game computer up to some light blocks and have the solution displayed in the game world rather than just using the client as a wrapper.

      1. 2

        I had assumed the same but their solution is a little more elaborate than that as outlined in comments in this Reddit post.

        If I understand correctly, they’re using the / commands, primarily the /scoreboard manipulation commands as ‘memory’ and math primitives. These / commands can be be saved into a .MCFUNCTION file. They have built up an assembler and C compiler based on these primitives that emits these .MCFUNCTION files, which can then be run in Minecraft.

        1. 1

          Oh, I missed that. Thanks!

          Yeah, I’ve seen a few cool YouTube videos of people doing interesting things with ComputerCraft. A long time ago, I was working on getting an adder working just using redstone.

      1. 9

        Learn NAND2Tetris (or similar transistor / logic gates to basic CPU) to learn how early microprocessors worked.

        Learn an assembly language to understand how simple CPUs are programmed

        Learn 30+ years (60+ if you include mainframes, minis, etc) of architectural advancements, many of which abstract details you learned earlier to increase performance or hide implementation details

        Follow /u/lorddimwit’s advice to learn a few ways to abstract all that hardware into a different perspective.

        Learn a few more abstractions that take a completely different approach to computation.

        Stand atop this vast pyramid of abstraction, gaze at how large the base has gotten, and wonder how much work it is going to take to build this even higher.

        1. 4

          I think a book on Computer Architecture and one on OS Internals would give people enough understanding. If learning assembly, ARM on a RaspPi followed by x86 for desktops would be most useful but there’s also microcontrollers and associated books that could be more approachable. They need to learn a MCU assembly at some point since there’s billions of them out there, often supporting MPU’s.

          From there, probably just a few, different paradigms of programming followed by some OS and/or hardware projects in them:

          LISP/Scheme (Racket + Scheme CPU and/or synthesis)

          Metaproramming (META II, Ometa, Rascal, StrategoXL, Everything on Wikipedia article)

          Functional (Haskell + House OS and/or Clash)

          Logical (Prolog, Maude, Prolog CPU, and/or ACL2)

          Dataflow (Lustre, Simulink, and/or SystemVerilog)

          Off top of head, I think those cover bases pretty well. These cover the fundamental bases so well you probably won’t need anything else in terms of thinking patterns for designing and building stuff.

          1. 2

            However, then ponder why we still cannot predictably determine requirements and then predictably model them into implemented code, for complex problems in domains outside of computing.

          1. 5

            Feels like it could use some examples of what a good case scenario might look like.

            1. 3

              imho the airline example makes sense. What are you missing?

              1. 2

                what happens when an airline employee wants to buy a ticket? I guess you’d add certain permissions to certain “Purchasers”. I dunno. It’d be interesting.

                1. 2

                  We have sort of a hybrid system, where a ‘user’ is just a container for authorization, which can have one or more ‘personas’.

                  In the airline example, you’d log in as your normal user, and then the admin application you’re logging into would be in the context of your ‘Employee’ persona, and the website front end would be logged in under the ‘Purchaser’ persona context.

                  It gets complicated when applications need to be in multiple contexts, but the building blocks are pretty straightforward.

                  1. 1

                    IE: Roles?

                    1. 1

                      Kind of, and kind of not. I’ve always seen roles as part of an authorization setup, where our personas are the actual owners of user state.

                      With the airline example; rather than a user having purchases and roles to make purchases, a user has a purchaser persona which owns the purchases directly.

                      In addition, the personas own non relationship data: frequent flyer number, for example would belong on the purchaser, not a user object.

                      1. 1

                        Does the persona also act as a permissions holder in this setup?

                        1. 1

                          They can, but they’re disjoint sets of permissions per persona. Ie, the personas may have permisdions/roles, and you can think of the “account” user that owns all the personas to have the superset of those, but we rarely talk about them from a user-level.

                          Eg, the purchaser persona may have permissions to do X, and the admin persona to do Y. The user “has” permissions to do X and Y, sure, but apps authenticate in a specific persona, so from the purchasing app, the human sitting at keyboard could only do X not Y, due to the app persona context, even if Y was exposed through the same api (which it is).

                          1. 1

                            Curious, what you think of the concept? Chain ended rather abruptly :)

                            1. 2

                              I suspect I don’t fully understand it. The way I am reading it sounds like a low-value high-maintenance abstraction that I would have to explain to everyone… forever. Then even when people are like “yeah, I know personas” I would have to be “no, no, not user story personas, ours are different”. Which makes me think of the Chris Eric quote on premature abstraction.

                              If the data lives in a persona, and the permissions are attached to a persona, then really all the “meat” is in the persona? So I don’t care about “Mary” I care about “MaryAsPersonaPurchaser”. How is this better than Mary with a purchaser role and a related table purchases? The data is still fundamentally compatible, purchasing information related to Mary and permissions related to Mary. From a “my job is to transform data” perspective, I am not sure what you gain with the persona, it feels shallow to me, a coat of paint on top of roles and accounts that is harder to talk about.

                              As I said, I suspect I don’t fully understand it.

                              1. 1

                                If the data lives in a persona, and the permissions are attached to a persona, then really all the “meat” is in the persona? So I don’t care about “Mary” I care about “MaryAsPersonaPurchaser”.

                                This is correct, except in so far as we share authentication and security information across MaryAsPersonaPurchaser, MaryAsPersonaEmployee, et. al.

                                How is this better than Mary with a purchaser role and a related table purchases?

                                I guess I’d say, imagine the following schema:

                                User:
                                  email
                                  password
                                  purchase_cost_limit
                                  approval_code
                                  fulfillment_center_id
                                
                                Purchase:
                                  purchaser: User
                                  approver: User
                                  fulfiller: User
                                

                                Imagine now validating a user - you’ll have to make sure that any individual user only has fields set that make sense in the context of the roles they have, which can change. Taking away a purchaser role from a user should probably go in and clear out the purchaser specific fields from the row in the user table, and then go do something with purchase rows for which that user was the purchaser, but the schema’s not going to help you - the FKs are still valid, there’s no concept of the role stuff in the schema itself.

                                Now, our version of that schema would be something like this:

                                User
                                  email:
                                  password
                                
                                PurchaserPersona
                                  user: User
                                  purchase_cost_limit
                                
                                EmployeePersona
                                  user: User
                                  approval_code
                                
                                FulfillerPersona
                                  user: User
                                  fulfillment_center_id
                                
                                Purchase
                                  purchaser: PurchaserPersona
                                  approver: EmployeePersona
                                  fulfiller: FulfillerPersona
                                

                                Now, removing the purchaser persona without cleaning up purchases is going to fail, because you’ve got an FK constraint. You don’t have to remember to clean up a bunch of fields on the shared User table, because the purchaser state is held in the purchaser persona itself, etc, so they’re cleaned up atomically (when the row is deleted). The schema helps you maintain consistency in this case.

                                At the end of the day, could the personas be roles? Sure, that I think comes down to nomenclature. But note that there’s nothing authorization related in the schema. We can layer permissions on top: perhaps there’s a “approver” role on EmployeePersona that only allows managers to approve purchases. But personas aren’t about permissions - they’re about splitting data up to be consistent and purposeful.

                                I hope that makes sense, and gives some background. Would be super interested in your thoughts given more clarity.

                                Cheers!

                                1. 1

                                  Aren’t you just slapping the word “persona” on the nearly 50 year old idea of “related tables”? I mean, that exact schema of using sort of a joiner between two sets of related data while specifying additional has been used for decades, sans “Persona”. They would just be called “Purchaser” “Employee” “Fulfiller” and look well – the exact same.

                                  EDIT: Thank you so much for giving an example! \o/

                                  1. 1

                                    Aren’t you just slapping the word “persona” on the nearly 50 year old idea of “related tables”?

                                    I mean , yes. Within the specific domain of user management, of which a roles table (join table between two entities with a “permission” column) is also an example.

                                    The nomenclature is useful for us, as it reinforces that personas are an “is-a” relationship with user, not a “has-a” relationship, which is where I disagree with your drawing of an equivalency with roles.

                                    In my mind, a user has some set of roles they can use to authorize various actions and data access.

                                    Personas on the other hand are the user under different contexts.

                                    It might be elucidating to our thought process that we would like very much to change the name of the Users table to be Credentials, at which point we would have finished splitting the User model up (into significantly simpler, more or less unrelated entities), but having an overloaded model name is significantly less painful than the effort to change user to cred everywhere, hah.

                                    1. 1

                                      I can understand the thinking. I don’t agree with it – but I think I understand it. At least as you explained it I would say it is a “low-harm” decision, but I push against decisions without clear demonstrable value, and I feel this has cost without giving a lot of value back. But, I am a “grumpy old man” developer at this point, so it might just be chafing against new ideas..

                                      “damn kids, get off my lawn”

                2. 2

                  I agree that there can be improvements but I’d like to see some discussion on how the typical user with associated permission groups pattern would be treated in a sprawling application (or in the Unix example mentioned).

                1. 3

                  Interesting, this is something I’ve thought about as my Selenium automation against an every-changing codebase mixed with regular browser updates requires constant upkeep. I enjoyed the examples of software rot and the classification system.

                  This appears to be at a much lower level than my Selenium / browser / webapp example and a pitch for their apparently proprietary Rosetta Stone style polyglot language or system called ProgBase. Their discussion of technical challenges looks like a list of functional programming language features and an argument for a simple language. I couldn’t find language examples, only output examples, but I only took a cursory look.

                  Have there been other evaluations or systematic classifications of software rot along these lines? Other attempts at evergreen code? I can think of some generalizations, from successful open source’s continually evolving code-bases (Linux kernel maintaining drivers in-tree instead of a stable kernel API) to Microsoft’s heroic efforts to support certain versions of software as Windows is updated. At the language level you have Go’s emphasis on compatibility, C’s relative stability as a language, languages like Nim that cross-compile to various languages, JVM, ParrotVM, GraalVM, and the like. History gives us financial and government institutions maintaining long-lived COBOL and other codebases, we also have the libraries in FORTRAN like BLAS and LAPACK that are available as libraries.

                  1. 4

                    Microsoft’s perceived lack of clarity in the roadmap (.NET Standard, .NET Core, .NET Framework, etc) and history of killing off or deprecating frameworks (Silverlight, Winforms, should I use WPF or UWP?) are a couple more reasons why startups don’t turn to .NET. Add what others have mentioned, the closed source and history of high cost, the lack of ecosystem, and the long history of being actively against open source and copyleft licenses, and Microsoft just doesn’t look like a startup choice. Microsoft was also relatively late as a cloud computing choice. Maybe something will emerge from their Bizspark program and their open source efforts to change their perceived position.

                    I didn’t include PHP because there were a lot of startups that had nothing but PHP and Apache Server. That’s partly why I looked at 100 startups and ended up with 23. Startups with just PHP are probably e-commerce websites or non-software at all.

                    I wonder if this is reasonable to exclude PHP? I could see the point of excluding it because there’s a Wordpress blog hanging off the domain or if, as the author states, an e-commerce startup kicked things off with Magento or the like. On the other hand, is PHP just being excluded because, well, PHP?

                    1. 3

                      I read it as the author saying that they couldn’t distinguish between shops using PHP for a webshop/CMS and doing new software development with it, so it was excluded from the analysis.

                    1. 2

                      His latest research, set to be published on May 17

                      So… was it published?

                      1. 4

                        https://blog.eclypsium.com/2018/05/17/system-management-mode-speculative-execution-attacks/

                        Spectre can be applied to System Management Mode. Intel believes existing mitigation works to prevent these attacks.