1.  

    Not directly related but anyone knows a list of awesome RSS feeds? A bit like the other “awesome” lists.

    1. 8

      I find myself using RSS rather for the non-awesome feeds. The awesome stuff reaches me via lobsters or other aggregator. RSS is necessary for feeds I care for but which are not mainstream enough to be on an awesome list.

      1.  

        This is what I have realized as well. In this way, I have 100s of feeds which I don’t even see in a month. But, when I want to narrow my sources to something specific I am working on, then I could just go back to the mountain of feeds with relevant information.

        1.  

          Good idea. Thanks!

        2.  

          RSS is probably too personal, but there is this website where people have added their own personal sites.

          1.  

            https://github.com/learn-anything/blogs contains lots of blogs who have RSS feeds

            1.  

              One good source I recently found on hn is https://reddit.com/r/hnblogs/. You can append .rss to this URL as well: https://www.reddit.com/r/hnblogs.rss

              1.  

                For all the (mostly warranted) excitement around static site generators, this is a bit of a downside: RSS tends to be left out.

                1. 5

                  Really?! That’s disappointing.

                  I mean, if your SSG is generating a generic site, that’s fine I guess, but in my experience most people want to use them as blogs, and a blog without RSS/Atom is a travesty of the term, in my arrogant opinion.

                  1.  

                    Not so arrogant, I agree. Or maybe that means we’re both are.

                    1. 7

                      I’m prepared to die on the hill that a blog without syndication is not a blog.

                      1.  

                        Right beside you, brother. 💪🏾

                    2.  

                      The default template for Jekyll has an RSS feed, if it’s any help.

                1. 14

                  Trying to get Linux not to suck on the desktop is a losing proposition.

                  To put it into context: When enough of the hardware works, Haiku offers a better free desktop experience today, despite the manpower it has isn’t even comparable. Coherent UI, easy to understand desktop that behaves as expected, responsiveness, avoidance of stalls on load. BeOS did achieve the same, but as a proprietary OS, in the mid nineties.

                  Linux tries to do everything at once, with a design (UNIX-like monolith) that favors server usage in disregard for latency and is thus ill-suited for the desktop. On top of that, Its primarily corporate funding effectively steers it towards directions that have nothing to do with the desktop and are in detriment of it. It is hopeless.

                  A system design fit for a Desktop if we could have a clean slate today would be something with clean APIs, well-understood relationships between components and engineered for low, bounded response times (thus an RTOS); Throughput is secondary, particularly when the impact on throughput is low to negligible. As desktop computers are networked these days, security (confidentiality, integrity and availability) is a requirement.

                  If looking at the state of the art, you’ll find out that I am describing Genode, paired with seL4. If a thousandth of the effort put into the Linux desktop (which does not and can not satisfy the requirements) was redirected to these projects, we would have an excellent Open Source desktop OS years ago. One that no current proprietary solution would be able to come near.

                  A proof of concept is available through Sculpt (new release expected within days), demonstrated in this FOSDEM talk. Another FOSDEM talk covers the current state of seL4.

                  Full disclosure: Currently using Linux (with all its faults) as main desktop OS. I have done so for 20 years. AmigaOS before that.

                  1. 19

                    Haiku doesn’t support any hardware or software and is missing all the features that end up introducing the complexity that ends up introducing the bugs that you’re complaining about anyway.

                    Linux tries to do everything at once, with a design (UNIX-like monolith) that favors server usage in disregard for latency and is thus ill-suited for the desktop. On top of that, Its primarily corporate funding effectively steers it towards directions that have nothing to do with the desktop and are in detriment of it. It is hopeless.

                    Monolithic kernels vs microkernels have no actual impact on the ability for a desktop operating system to function properly and none of the problems with ‘Linux on the desktop’ are best solved with a microkernel approach. If anything it would cause even more fragmentation because every distro could fragment on implementations of core services instead of that fragmentation only being possible within a single Linux repository.

                    If anything, a good desktop experience seems to require more monolithic design: the entire desktop environment and operating system developed in a single cohesive project.

                    This is why ‘Linux on the desktop’ is a stupid goal. Ubuntu on the desktop should be the goal, or Red Hat on the desktop, or whatever. Pick a distro and make it the Linux desktop distro that strives above all else to be the best desktop distro. There you can have your cohesiveness and your anti-fragmentation decision making (project leader decides this is the only supported cron, the only supported init, only supported WM, etc.).

                    A system design fit for a Desktop if we could have a clean slate today would be something with clean APIs, well-understood relationships between components and engineered for low, bounded response times (thus an RTOS); Throughput is secondary, particularly when the impact on throughput is low to negligible. As desktop computers are networked these days, security (confidentiality, integrity and availability) is a requirement.

                    Literally everything would be better if we could design it again from the ground up with the knowledge we have now. The problem is that we have this stuff called time and it’s a big constraint on development, so we like to be able to reuse existing work in the form of existing software. If you want to write an operating system from scratch and then rewrite all the useful software that works on top of it that’s fine but it’s way more work than I’m interested in doing, personally. Because ‘a good desktop operating system’ requires not just good fundamentals but a wide variety of usable software for all the tasks people want to be able to do.

                    You can write compatibility layers for all the other operating systems if you want. Just know that the osdev.org forums are littered with example after example after example of half-finished operating system projects that promised to have compatibility layers for Windows, Linux and macOS software.

                    If a thousandth of the effort put into the Linux desktop (which does not and can not satisfy the requirements) was redirected to these projects, we would have an excellent Open Source desktop OS years ago.

                    The Linux desktop is already good. So clearly it is not the case that it cannot satisfy the requirements.

                    1. 5

                      The Linux desktop is already good.

                      This is super subjective. I for one does not consider Linux particularly good – I love the command line, and I many times tried to make Linux my primary work desktop. However I need excellent touchpad input with zero latency and precise acceleration, HiDPI support that Just Works with all apps (no pixel zooming), 60 fps scrolling without stuttering and just the right amount of inertia.

                      To me both Linux and Android fail miserably on things like 60 fps scrolling and most people don’t even notice that it stutters. I know that’s some very subjective criteria that many people don’t have. I’m excited about projects like Wayland, cause maybe there is light at the end of the tunnel?

                      1. 6

                        However I need excellent touchpad input with zero latency and precise acceleration

                        Never had a problem with this, personally, and I certainly dispute that anyone needs it. People have productively used computers for decades without it and it isn’t a desktop issue anyway. It’s a laptop issue. I’m sure Linux still has a long way to go on the laptop but shifting the goalposts isn’t helping anyone. What it means for Linux to be viable on the desktop seems to be changing every time it gets close. Now it apparently includes laptop-specific functionality?

                        HiDPI support that Just Works with all apps (no pixel zooming)

                        And I’d like a supermodel girlfriend. HiDPI support is fucked on every platform, because it fundamentally requires support from the programmes that are running. It’s far superior on Linux to Windows. Windows can’t even scale its file browser properly, half the time the icons are the wrong size. It’s bizarre. It’s like they didn’t test anything before they claimed to ‘support’ it.

                        60 fps scrolling without stuttering and just the right amount of inertia.

                        “Just the right amount of inertia” is subjective. I hate scrolling on macOS or iPhones, the inertia is far too high. I’m sure others feel the opposite and think it’s too low. Yet if it’s made configurable I’m sure people will complain about those damn software developers wanting to make everything configurable when things should ‘Just Work’. You can never win.

                        Also, a lot of monitors these days have really atrocious ghosting. Smooth scrolling on those monitors makes me feel sick. So please at least make it easy to turn it off and keep it functional if I do.

                        I get that none of what I said changes that you want those features and so do others, and they’ll never be satisfied until those features are there. I get it. Those features are requirements for you. They’re not inherently bad. But it’s worth bearing in mind that nobody is approaching this with the goal of fucking up the Linux desktop. Nobody wants you to have a bad experience. Things are the way they are because solving these problems is really hard without having the resources to just rewrite everything from scratch. Wayland is rewriting a huge chunk of the stack from scratch and that’s having some positive impact but it’s still for me in a state where it invalidates far too much of the stuff that was working fine already that I don’t want to use it any more. I’ve gone back to X.

                        1. 7

                          HiDPI support is fucked on every platform

                          Works great literally 100% of the time on my Mac. I can even mix external monitor types and everything “just works”.

                          1.  

                            Exactly. It’s 100% fair to keep moving the goalposts, because the rest of the industry isn’t taking a break waiting for Linux on the desktop to catch up to the state of the art.

                            1.  

                              I use mixed monitor densities with i3 as my daily driver and everything works perfectly 100% of the time. Working software for linux exists.

                              For reasons which escape me, the biggest distributions have not fixed their defaults to make it work.

                            2.  

                              Never had a problem with this, personally, and I certainly dispute that anyone needs it.

                              Of course you don’t need it for things like writing documents. I’ve worked over RDC connections with about 10 seconds of latency (I counted). I also raged the whole time, and my productivity tanked.

                              The point is that low input latency is a competitive advantage, and it’s known to improve ergonomics and productivity, even at 100ms levels, though it’s more something you feel than notice at that level. In comparisons of Andoid and iOS, what do they talk about? Input latency. In comparisons between Wayland and X11, it’s all about getting latency down (and avoiding graphics glitches, and effective sandboxing, and reducing the amount of code running as root; there’s a lot of ways to improve on Xorg).

                              Good input latency is also necessary to play action games, or delicate remote controls like drones, of course.

                              1.  

                                Of course you don’t need it for things like writing documents. I’ve worked over RDC connections with about 10 seconds of latency (I counted). I also raged the whole time, and my productivity tanked.

                                Personally I’ve had far worse experiences with remote desktop on Windows than on Linux. For example, remote desktoping into another Windows computer logs you out on that computer, or at least locks the screen, on Windows 10. Worse latency and relevant to this discussion too: terrible interaction with HiDPI (things scaled completely crazily when remoting into something with a different scaling factor).

                                The point is that low input latency is a competitive advantage, and it’s known to improve ergonomics and productivity, even at 100ms levels, though it’s more something you feel than notice at that level.

                                Touchpad latency has nothing to do with desktop Linux.

                                Good input latency is also necessary to play action games, or delicate remote controls like drones, of course.

                                Input latency on Linux is not an area of concern, it’s working perfectly fine. I have better performance in games (lower input latency, lower network latency, higher framerates, better support for different refresh rates on different monitors) on Linux than on Windows.

                                1.  

                                  Personally I’ve had far worse experiences with remote desktop on Windows than on Linux.

                                  I know that Linux’s input layer isn’t 10sec-latency bad. That horrible situation was entirely the fault of the overloaded corporate VPN. I brought it up as a reducto ad absurdum to anyone claiming not to care about input latency; just because you are capable of getting work done does not make a scenario acceptable.

                                  Input latency on Linux is not an area of concern, it’s working perfectly fine. I have better performance in games (lower input latency, lower network latency, higher framerates, better support for different refresh rates on different monitors) on Linux than on Windows.

                                  That’s why I didn’t compare it to Windows NT. I compared it to iOS.

                              2.  

                                Windows can’t even scale its file browser properly, half the time the icons are the wrong size.

                                What version of Windows are you discussing here? At least for me on Windows 10, I haven’t noticed any problems with HiDPI in Explorer. And the fact still remains that when using 2 monitors with different DPIs, Linux handles this significantly worse than Windows does.

                                1.  

                                  On Windows 10 at my last job I continually had errors with Windows Explorer not scaling its own icons correctly. This was with two screens with different DPIs.

                                  In contrast I’ve never had any issues with this on Linux and in fact with sway I can even have fractional scaling so that my older monitors can pretend to have the same DPI as my main monitor if I want to.

                              3.  

                                Well, “with all apps” is a ridiculous requirement. You can’t magically shove the good stuff into JavaFX, Swing, Tk, GTK2, GTK1, Motif, etc. :)

                                My short guide to a great touchpad experience would be:

                                • use wayland, of course
                                • stick to GTK apps as much as possible (I have a list by the way)
                                • apply this gtk patch (and the mentioned “relevant frame-clock ones” for good measure)
                                • MOZ_ENABLE_WAYLAND=1 MOZ_WEBRENDER=1 firefox
                                  • about:config widget.wayland_vsync.enabled=true (hopefully will become default soon)

                                Android fail miserably on things like 60 fps scrolling

                                huh? Android does 90 fps scrolling very well in my experience (other than, sometimes, in the Play Store updates list), and there are even 144Hz phones now and the phone reviewers say they can feel how smooth all these new high refresh rate phones are.

                                1.  

                                  Android does 90 fps scrolling very well in my experience (other than, sometimes, in the Play Store updates list), and there are even 144Hz phones now and the phone reviewers say they can feel how smooth all these new high refresh rate phones are.

                                  Maybe I’ve just been unlucky with hardware but my android experience has always been plagued with microstutters when scrolling. I haven’t used iOS though, maybe the grass is always greener on the other side.

                                  1.  

                                    The stutters all over Android were one of the issues that made me give iOS a try. I haven’t gone back.

                              4. 5

                                As my hat will tell you, I am biased in this matter, but still…

                                Haiku doesn’t support any hardware or software

                                “Any”? Well, I have a 2015-era ThinkPad sitting on my desk here in which I have a Haiku install in which all major hardware (WiFi, ethernet, USB, …) works one way or another (the sound is a little finicky), and the only things that don’t work are sleep and GPU acceleration (which Haiku does not support broadly.) I also have a brand-new Ryzen 7 3700X-based machine with an NVMe hard drive that I just installed Haiku on, and everything there seems to work except WiFi, but this appears to be a bug in the FreeBSD driver that I’m looking to fix. It can even drive my 4K display at native resolution!

                                You can also install just about any Qt-based software and quite a lot of WX-based software, with a port of GTK3 in the works. LibreOffice, OpenSSH, etc. etc. So, there’s quite a lot of software available, too.

                                1.  

                                  I’ve been inspired to try to find some time to install Haiku on an old laptop running Elementary OS!

                                  1.  

                                    I’ll preface this by saying: I’m not saying Haiku is bad, just that you clearly can’t compare Haiku’s software and hardware support with Linux’s and pretend that Haiku comes out on top.

                                    Well ThinkPads generally have excellent hardware support on many free software operating systems. Of course it boils down to separate questions, doesn’t it: are we asking ‘is there a machine where it works?’ or ‘is there a machine where it doesn’t work?’. You can say something has ‘good hardware support’ if there are machines you can buy where everything works, but I would say it only really counts as ‘good hardware support’ if the average machine you go out and buy will work. You shouldn’t have to seek out supporting hardware.

                                    Based on that evaluation I would say that Linux certainly doesn’t have good laptop hardware support, because you need to do your research pretty carefully when buying any remotely recent laptop, but by the first standard it’s fine: there are recent laptops that are well supported and all the new features are well supported.

                                    But I would say that Linux has excellent desktop hardware support, and this is a thread about desktop Linux. I never need to check if something will be supported, it just always is. Often it’s supported before the products are actually released, like anything from Intel.

                                    the sound is a little finicky

                                    Sound is definitely major hardware and should not be finicky. Sound worked perfectly on Linux in the early 2000s.

                                    sleep and GPU acceleration (which Haiku does not support broadly.)

                                    But there you go, right? It’s like people going ‘oh my laptop supports Linux perfectly, except if I close the lid it’s bricked and the WiFi doesn’t work but other than that it’s perfect’. Well not really perfect at all. Not all major hardware at all. Sleeping is pretty basic stuff. GPU support is hideously overcomplicated and that’s not your fault, but it doesn’t change that it isn’t there.

                                    You can also install just about any Qt-based software and quite a lot of WX-based software, with a port of GTK3 in the works. LibreOffice, OpenSSH, etc. etc. So, there’s quite a lot of software available, too.

                                    Right and I’m sure that software is great for what it is, but in a context where people are saying Linux isn’t a viable desktop operating system because of bad touchpad latency people are claiming that the problem is its monolithic kernel and that we actually need Haiku to save the day with… no sleep support? No GPUs?

                                    1.  

                                      I think you are moving the goalposts here. You claimed Haiku does not support “any” hardware or software, when that is rather pointedly not true. What the original comment you replied to was saying, is that in many respects, Haiku is ahead of Linux – in UI responsiveness, overall design, layout, etc.

                                      We are a tiny team of volunteers doing this in our spare time; we have a tiny fraction of the development effort that goes into the “Linux desktop.” The point is that we are actually not so radically far behind them; and the ways we are behind, perhaps doubling or tripling our efforts would be enough to catch up. How, then, does Linux spend so much time and money, and winds up with a far worse desktop UI/UX experience than we do?

                                  2.  
                                    1.  

                                      You should be ashamed of yourself.

                                  3. 5

                                    Do you think Fucshia would fit the bill?

                                    1. 2

                                      No, Fuchsia won’t.

                                      I took a look at Zircon recently, at it appears to be a first generation µkernel, as it seems to ignore everything Liedtke brought forward. I would particularly stress the principle of minimality (zircon is functionality-bloated). It would have been an impressive µkernel thirty years ago. Today, it’s a potato.

                                      But it is still better than Mach, used in IOS/OSX. I have no doubt the overall system will be nice to work with (APIs), considering they have people from the old NewOS/BeOS team in there. It will, for Google, likely become a workable replacement path for Linux, giving them much more control, but from a systems design perspective, it is nothing else than shameful. They had the chance to use any of many competitive contemporary µkernels. but went with such a terrible solution just because NIH. It taints the whole project, making it worthless from an outsider perspective.

                                      Because of HelenOS ties, I expect Huawei’s HarmonyOS to be better at a fundamental level.

                                      1. 3

                                        As the Fuchsia overview page says:

                                        Fuchsia is not a microkernel

                                        Although Fuchsia applies many of the concepts popularized by microkernels, Fuchsia does not strive for minimality. For example, Fuchsia has over 170 syscalls, which is vastly more than a typical microkernel. Instead of minimality, the system architecture is guided by practical concerns about security, privacy, and performance. As a result, Fuchsia has a pragmatic, message-passing kernel.

                                        IMO, there’s no shame in favoring pragmatism over purity. From what I’ve read, it looks like Fuchsia will still be a major step up in security compared to any current widely used general-purpose OS.

                                        1. 2

                                          there’s no shame in favoring pragmatism over purity

                                          They do think they are pragmatic. It’s not the same as actually being pragmatic.

                                          Those “pragmatic concerns” show, if anything, that they’ve heard about minimality, but did not care to understand the why; They actually mention performance, and think putting extra functionality inside the kernel helps them with that; They ignored Liedtke’s research.

                                          A wasted opportunity. If only if they did a little more research on the state of the art before deciding to roll their own.

                                          Fuchsia will still be a major step up in security compared to any current widely used general-purpose OS.

                                          Assuming OSX/IOS and Linux are the contenders you have in mind, this looks like a really low bar to meet, and thus very feasible.

                                          1. 3

                                            The fact is that nobody has ever actually demonstrated a performant operating system based on a microkernel.

                                            1.  

                                              Have you heard about QNX?

                                              1.  

                                                It’s proprietary software and I haven’t used it.

                                              2. 1

                                                That’s quite the liberal use of the word fact.

                                                If you can handle foul language, you might enjoy reading this article.

                                                1. 3

                                                  Starting off a blog post by talking about ‘microkernel hatred’ is pretty funny given that 99% of people that prefer monolithic kernels just get on with their lives while the microkernel people seem to be obsessed with comparing them and arguing for them and slagging off monolithic kernels and generally doing anything other than actually working on them.

                                                  The blog post then goes on to complain that people slag off microkernels based on old outdated performance benchmarks, followed by quoting some benchmarks and comparisons from the early 1990s. There’s not much performance data indicated from this millennium, and nothing newer than 2010.

                                                  It’s 2020. I expect to see performance data comparing realistic server and desktop workloads across production operating systems running on top of microkernels and monolithic kernels and explanations for why these differences should be attributed towards the kernel designs and not towards other aspects of the operating system designs. Because sure as hell Linux is not a theoretically optimally performant monolithic kernel, and I’m sure there are much faster monolithic kernel designs out there that don’t have all the legacy bits slowing things down that are there in Linux, or for that matter, the various things slowing Linux down that exist for reasons of flexibility across multiple domains of work, or to patch security vulnerabilities, etc.

                                                  It’s often said that you rewrite your system and it’s twice as fast, then you fix all the bugs and it’s 50% faster than the original, then you add all the missing features and it’s back to being just as slow as the original again. I suspect that performance figures being better on demos is probably mostly due to this. Operating system speed in 2020 is dominated by context switching and disk I/O speeds, especially the former since the Spectre crap, so anything you can do to cut down on those bottlenecks is going to give you by far the most bang for your buck in performance.

                                                  Nowhere does this blog post quote the ‘myth’ of “if they are so great, why don’t you install one on your desktop system and use it” because they know there’s no good answer to it.

                                                  1.  

                                                    Nowhere does this blog post quote the ‘myth’ of “if they are so great, why don’t you install one on your desktop system and use it” because they know there’s no good answer to it.

                                                    The absence (Sculpt is on the works covering this scenario) of a open source desktop OS based in a modern operating system architecture is, indeed, not an argument against the µkernel approach being fit for the purpose. It simply hasn’t been done as open source. The article goes as far as to cite successful commercial examples (QNX used to offer a desktop, and it was great).

                                                    There’s just nothing open that’s actually quite there, yet. And it is indeed a shame.

                                                    It’s often said that you rewrite your system and it’s twice as fast, then you fix all the bugs and it’s 50% faster than the original, then you add all the missing features and it’s back to being just as slow as the original again. I suspect that performance figures being better on demos is probably mostly due to this.

                                                    Your hypothetical does indeed apply to monoliths, and could possibly apply to some pre-Liedtke µkernels. It cannot apply to 2nd nor 3rd generation µkernels, due to the advances covered in the µkernel construction (1995) paper. µkernels just aren’t constructed the same way. Do note we’re talking about a paper from 25 years ago, thus your hypothetical is only a reasonable one to put forward 25+ years ago, certainly not today.

                                                    context switching (dominates performance…)

                                                    Is something Linux is a sloth at. Not just a little slower than seL4, but the magnitude orders sort of slower.

                                                    disk I/O speeds

                                                    Are largely considered non-deterministic, and out of scope.

                                                    File system performance is relevant, but Linux has known, serious issues with this, with pathological i/o stalls which, finally, are being discussed in Linux Plumbing conferences, but remain unsolved.

                                                    This is in no small way a symptom of an approach to operating systems design that makes reasoning about latency so difficult it is not tractable.

                                                    The blog post then goes on to complain that people slag off microkernels based on old outdated performance benchmarks, followed by quoting some benchmarks and comparisons from the early 1990s.

                                                    More or less correct. More or less. (highlighted a word).

                                                    nothing newer than 2010.

                                                    The implication (supported by the “outdated” above, correct me if I am wrong) is that all the performance data is obsolete. But it is left implicit, possibly because you suspect this data is obsolete, but you couldn’t actually find a paper that supported your hypothesis. Thus the validity of these papers is now strengthened by your failed attempt at refutation.

                                                    99% of people that prefer monolithic kernels just get on with their lives

                                                    There’s a several-steps difference between “using a system that happens to be monolithic”, and “preferring monolithic kernels”. The latter would imply an (unlikely) understanding of the different system architectures and their pros/cons.

                                                    Thus, you could get away with claiming that 99% of people use operating systems that happen to be built around monolithic kernels. But to claim that 99% of people actually prefer monolithic kernels is nothing but absurd, even as an attempt at Argumentum ad populum.

                                                    I have not encountered such a person who’d regardless prefer the monolithic approach. Not even Linus Torvalds has a clue, which I believe has no small role on the systemic echo chamber problem the Linux community has with the µkernel approach.

                                                    Overall, having read your post and the points you tried to make in it, and realizing how fast your response has written, I conclude you cannot possibly have read the article I linked to you. At most, you skimmed it. To put this into context, it took me several days to go through it (arguably just one or two hours per day, the density is quite high), and I spent weeks after that going through the papers referenced by it.

                                                    And thus I realize I have put too much effort in this post, relatively speaking. This is why it is likely I will not humor you further than I already have.

                                                    1.  

                                                      The absence (Sculpt is on the works covering this scenario) of a open source desktop OS based in a modern operating system architecture is, indeed, not an argument against the µkernel approach being fit for the purpose. It simply hasn’t been done as open source. The article goes as far as to cite successful commercial examples (QNX used to offer a desktop, and it was great).

                                                      I didn’t say it isn’t fit for purpose. I’m not the one saying that. You are. You are the one claiming that a monolithic kernel is fundamentally a broken model. Well prove it. Build a better example. Show me the code.

                                                      My perspective is all the working kernels I’ve had the pleasure of using have been monolithic and I’ve never seen any demonstration that there are viable other alternatives. I’m sure there are, but until you build one and show it to us and give us performance benchmarks for real world usage, we just don’t know. There are hundreds of design choices in an operating system that affect throughput vs latency vs security etc. etc. and until you’ve actually gone and built a real world practical operating system with a microkernel at its core you can’t even demonstrate it’s possible to build one that’s fast, let alone that the thing that makes it faster is that particular design choice.

                                                      Your hypothetical does indeed apply to monoliths, and could possibly apply to some pre-Liedtke µkernels. It cannot apply to 2nd nor 3rd generation µkernels, due to the advances covered in the µkernel construction (1995) paper. µkernels just aren’t constructed the same way. Do note we’re talking about a paper from 25 years ago, thus your hypothetical is only a reasonable one to put forward 25+ years ago, certainly not today.

                                                      If you can’t actually build a working example in 25 years then maybe your idea isn’t so great in the first place.

                                                      Is something Linux is a sloth at. Not just a little slower than seL4, but the magnitude orders sort of slower.

                                                      And how fast is seL4 when Spectre and Meltdown mitigations are introduced? Linux context switches aren’t slow because slow context switches are fun. They’re slow because they do a lot of work and that work is necessary. seL4 has to do that work anyway, and context switches need to happen a lot more often.

                                                      The implication (supported by the “outdated” above, correct me if I am wrong) is that all the performance data is obsolete. But it is left implicit, possibly because you suspect this data is obsolete, but you couldn’t actually find a paper that supported your hypothesis. Thus the validity of these papers is now strengthened by your failed attempt at refutation.

                                                      I don’t need a paper to support my hypothesis. I don’t have a hypothesis. It’s simply a statement of fact that these benchmarks are outdated. I’m not saying that if they were redone today they would be any different, or that they’d be the same. I don’t know, and neither do you. That’s the point.

                                                      Thus, you could get away with claiming that 99% of people use operating systems that happen to be built around monolithic kernels. But to claim that 99% of people actually prefer monolithic kernels is nothing but absurd, even as an attempt at Argumentum ad populum.

                                                      99% of people that prefer monolithic kernels. That prefer them.‘99% of people that have blonde hair just get on with their lives’ does not mean ‘99% of men have blonde hair’ and ‘99% of people that prefer monolithic kernels just get on with their lives’ does not mean ‘99% of people prefer monolithic kernels’. Christ alive this isn’t hard. The irony of quoting Latin phrases at me in an attempt to make yourself look clever when you can’t even parse basic English syntax…

                                                      Overall, having read your post and the points you tried to make in it, and realizing how fast your response has written, I conclude you cannot possibly have read the article I linked to you. At most, you skimmed it. To put this into context, it took me several days to go through it (arguably just one or two hours per day, the density is quite high), and I spent weeks after that going through the papers referenced by it.

                                                      You’re quite right. I skimmed it. It didn’t address the problems I have with your aggressive argumentative bullshit and so it isn’t relevant to the discussion.

                                                      Nobody actually cares whether microkernels are faster or monolithic kernels are faster. It doesn’t matter. It isn’t even a thing that exists. It’s like saying ‘compiled languages are faster’ or ‘interpreted languages are faster’. Sure, maybe, who cares? Specific language implementations can be faster or slower for certain tasks, and specific kernels can be faster or slower for certain tasks.

                                                      Perhaps it will turn out, when you eventually come back here and show us your new microkernel-based operating system, that your system has better performance characteristics for interactive graphical use than Linux. Perhaps you’ll even somehow be able to justify this as being due to your choice of microkernel over monolithic kernel and not the hundreds of other design choices you’ll have made along the way. And yet it might turn out that Linux is faster for batch processing and server usage.

                                                      We don’t know, and we won’t know until you demonstrate the performance characteristics of your new operating system by building it. But arguing about it on the internet and calling everyone that doesn’t care a ‘Linus Torvalds fanboy’ definitely isn’t going to convince anyone.

                                      2. 3

                                        I’m curious about why you say that the state of the art is Genode specifically paired with seL4. What advantages does seL4 have over Nova? It looks like Sculpt is based on Nova. Would it be difficult to change it to use seL4?

                                        1. 4

                                          Nova is a microhypervisor that, IIRC, was partly verified for correctness. seL4 is a microkernel that was verified for security and correctness down to the binary. Genode is designed to build on and extend secure microkernels. seL4 is the best option if one is focusing on security above all else.

                                          An alternative done in SPARK Ada for verification is the Muen separation kernel for x86.

                                          1. 0

                                            Because operating system and kernel enthusiast communities are full of people that are obsessed with dead, irrelevant technology.

                                            1. 1

                                              Genode offers binary (ABI) compatibility across kernels. They’re using the same components, the same drivers, the same application binaries.

                                              I do not know the current state of their seL4 support. The last time I looked into it (more than a year ago), you could use either NOVA or seL4 for Sculpt, and seL4 had to be patched (with some patches they were on their way to upstreaming) or you’d get slow (extra layer of indirection due to a missing feature in MMU code) framebuffer support.

                                              From a UX perspective, using either microkernel should feel about the same. I do of course find seL4 more interesting because of the proofs it provides, and because it provides them (assuming they got the framebuffer problem solved) without any drawbacks; seL4 team does claim their µkernel to be the fastest at every chance.

                                              I also do favor seL4’s approach to hypervisor functionality, as it forwards hypercalls and exceptions to VMM, a user process with no higher capabilities than the VM itself, making an otherwise successful VM escape attack fruitless.

                                          1. 7

                                            Broadly agree, but specific nits:

                                            There are no native antivirus solutions or similar software for Linux

                                            I don’t buy this. Antivirus is more or less useless anyway on windows. The tools you need to protect yourself from viruses are not OS-specific.

                                            Certain applications that exist both for Windows and Linux start up faster in Windows than in Linux

                                            Odd. My experience has been exactly opposite.

                                            All native Linux filesystems (except ext4) are case sensitive about filenames which utterly confuses most users. This wonderful peculiarity doesn’t have any sensible rationale. Less than 0.01% of users in the Linux world depend on this feature.

                                            Also don’t quite understand this one. Ext4 is case sensitive, and–when would you not want case sensitivity?

                                            No native production-ready file system

                                            ZFS-on-linux is there. Not in kernel - sure - but ubuntu ships it, making it native enough if you can use ubuntu.

                                            1. 2

                                              when would you not want case sensitivity?

                                              When you end up with both readme and Readme and README.

                                              1. 13

                                                But having both Straße.jpg and STRAẞE.jpg would be fine?

                                                And how will that work out in locales where uppercase i is İ?

                                                Really, case insensitive FS are a silly idea of people who don’t understand languages/locales/Unicode.

                                                1. 4

                                                  No Linux filesystem will ever be case insensitive for this reason. See, for example, Linus’s take on HFS (originally on Google+ but that has since been nuked, so this quote is yoinked from reddit)

                                                  Did anybody check that “..” can’t be fooled to do the same thing on HFS+? In particular, how does the character sequence “dot” “zero-width-utf8” and “dot” work? Or “zerowidth” “dot” “zerowidth”? Does it work like “..”? Because if it does, your fix is incomplete, and people can populate things in random places above the git tree.

                                                  Finally, did you check that “tolower” works on a ucs_char_t? It’s not supposed to, afaik.

                                                  Quite frankly, HFS+ is probably the worst filesystem ever. Christ what shit it is. NTFS used to have similar issues with canonicalizing utf8 (ie using non-canonical representations of slashes etc). I think they at least fixed them. The OS X problems seem to be fundamental.


                                                  …but while +John Siracusa isn’t a fan of HFS+, he’s not even ranting about the true insanities of that filesystem.

                                                  Sure, it’s old. Sure, it does a horrible job of actually protecting your data. But those are more “it’s not a great filesystem” issues. They aren’t “that’s incredible crap designed by morons that have a hard time figuring out how to feed themselves”.

                                                  The true horrors of HFS+ are not in how it’s not a great filesystem, but in how it’s actively designed to be a bad filesystem by people who thought they had good ideas.

                                                  The case insensitivity is just a horribly bad idea, and Applie could have pushed fixing it. They didn’t. Instead, they doubled down on a bad idea, and actively extended it - very very badly - to unicode. And it’s not even UTF-8, it’s UCS2 I think.

                                                  Ok, so NTFS did some of the same. But apple really took it to the next level with HFS+.

                                                  There’s some excuse for case insensitivity in a legacy model (“We didn’t know better”). But people who think unicode equivalency comparisons are a good idea in a filesystem shouldn’t be allowed to play in that space. Give them some paste, and let them sit in a corner eating it. They’ll be happy, and they won’t be messing up your system.

                                                  And then picking NFD normalization - and making it visible, and actively converting correct unicode into that absolutely horrible format, that’s just inexcusable. Even the people who think normalization is a good thing admit that NFD is a bad format, and certainly not for data exchange. It’s not even “paste-eater” quality thinking. It’s actually actively corrupting user data. By design. Christ.

                                                  And Apple let these monkeys work on their filesystem? Seriously?

                                                  There are lots of good reasons to not move to ZFS (cough-Oracle-cough), but they could have pushed people to case-sensitive HFS+, which would have then made it much easier to (in the long run) migrate to anything else saner. But no. There is a case sensitive option, but Apple actively hides it and doesn’t support it. The stupidity, it burns.

                                                  So you had all these people who made really bad decisions and actively coded for them. And I find that kind of “we actively implement shit” much more distasteful than just the “ok, we don’t implement a lot of clever things” that John complained about.

                                                  Rant over.

                                                  Now much of this is on its crappy normalization practices, but I think that sort of thing is central to any kind of case-insensitive filesystem.

                                                  1.  

                                                    I understand them, but I use a case-insensitive filesystem on MacOS and haven’t actually ever noticed. I just had to check to see what it was set to because I couldn’t remember.

                                                    I’m not sure what happens with Turkish, no, and I’m aware that case-insensitivity requires crazy logic that can never be ‘correct’, but yet it’s the default on MacOS - so there must be some good reason, probably around user experience?

                                                    1.  

                                                      No it’s mostly about poorly-written software that will fail if it suddenly finds itself on a case-sensitive filesystem. Photoshop was one of them, last time I looked.

                                                  2. 6

                                                    Doesn’t prevent you from having ‘read me’, nor separate COPYRIGHT and LICENSE. The solution to such problems is to be careful, not a crutch that works only occasionally (because it’s impossible to encode intent). Oh, also, does your scheme know that réadme and RÉADME are the same? Because ascii-only case normalization is obviously inconsistent and user-unfriendly. But unicode-aware case normalization causes incompatibility—I create this file using foofs w/unicode v20; you then try to read it back with foofs w/unicode v15, but it errors out because it can’t do case-normalization on the new code points, even though the on-disc format hasn’t changed otherwise—and is also a huge dependency for a file system to have (have you read the source code to libicu? It’s not pretty.), not to mention a potential attack vector.

                                                    Also, as the sibling mentions, case normalization is locale-sensitive. There is no good way to handle that.

                                                    1.  

                                                      I’ve dropped people onto Linux systems, and have never actually seen anyone confused by case-sensitivity except for command-line junkies. If you’re using a point-and-click interface, you don’t have to remember what case something is. You can see the real name. They might not like it, but they always understand it.

                                                      Having both license and Iicense is way worse, and no filesystem prevents it.

                                                      1.  

                                                        Having both license and Iicense is way worse, and no filesystem prevents it.

                                                        Indeed. But at least case-sensitive does not pretend to solve it, thus preferable.

                                                    2. 2

                                                      ext4 is a native production-ready file system.

                                                      1. 2

                                                        Depends on your needs. Ext4 is very good for some use cases (though I prefer xfs). But here’s the specific list of requirements:

                                                        de-duplication, data and metadata checksumming and file compression

                                                        Though the OP doesn’t mention it, for cases where you want those attributes, you probably also want cow, which rules out pretty much everything except for btrfs (a mess), zfs (amazing), and bcachefs (promising, if not quite there yet).

                                                        1.  

                                                          Deduplication is a questionable requirement tbh. Most modern ZFS guides usually have “DO NOT USE DEDUPLICATION” in all caps somewhere :)

                                                          1.  

                                                            And HAMMER2 (not linux, but no licensing issues).

                                                      1. 9

                                                        I knew it a few seconds in, but I listened on 1.75x in the background… then he finally gets there that the folks who got rms to resign were complaining about stuff not worth mentioning by name which indeed was part of a national scandal.

                                                        Centering in part on a WWII era center of American thought MIT, the scandal over Epstein, over dehumanizing women’s lived experience, wasn’t a joke scandal. The acts of RMS for years were bugging people out, in ways that if he’d done them to fellow men, fellow young men, he probably would’ve gotten booted years ago. But here in this video it doesn’t even merit mention by name, only vague reference.

                                                        Being excellent to each other means replacing missing stairs.

                                                        https://en.wikipedia.org/wiki/Missing_stair

                                                        1. 4

                                                          I think there are two separate issues here: what RMS said and did, and the mob reaction that forced him out. Maybe both are wrong.

                                                          1. 3

                                                            There was no mob reaction, let alone a ‘linux users mob’ That’s really the crux of it. The video assumes Linux users had some majority agency in removing him, when in fact he was booted because no organization can have someone like that associated with them. It’s common decency not Linux community decency that forced him out. No mob of any sort needed.

                                                          2. 5

                                                            If I’m ever in the mood for reading toxic rhetoric (which never happens), I go read RMS. While the things you listed are important, I never really knew about them until the mob happened, because I chose to ignore him.

                                                            Anyway, toxic rhetoric is exactly the thing that polarizes our world and turns everyone into abominable villains. Toxic rhetoric starts wars and tears communities apart. So in my book, toxic rhetoric alone is enough to get anyone fired.

                                                            1. 4

                                                              Yeah I don’t get why some people insist on defending Richard Stallman after his:

                                                              • pedophilia support
                                                              • untoward behaviors towards women
                                                              • utter lack of humility bordering on parody

                                                              It often makes me think the RMS defenders really think that low of women and that their only code is the bro code. As a woman in technology, it makes me feel somewhat jaded. Just because someone does good things doesn’t excuse them from acting like a human being. :-/ It feels more that people like me are perfectly fine to sacrifice as long as some figure head gets his adoration. And that bothers me a lot.

                                                              1. 25

                                                                RMS never supported pedophilia. I actually read the supposed evidence. They are thoughts/questions, admittedly naive, on the subject of unintended consequences of laws (evidence against pedosexual activity being itself illegal) and whether non-coercive, mutually beneficial, pedosexual activity, could, in principle, be possible.

                                                                Also, please don’t use the term ‘pedophilia’ here. Pedosexual activity is child abuse and that is what is wrong, not ‘pedophilia’. We should encourage people to come forward as pedophiles to counselors and therapists so they can learn to live with a -philia that they must never follow up on. Shaming them for their feelings or even calling them evil merely for their feelings only makes the risk greater.

                                                                1. 18

                                                                  pedophilia support

                                                                  It was a single philosophical blog banter that he later retracted. Calling it a support is a far far stretch.

                                                                  untoward behaviors towards women

                                                                  Am I missing something or all he did was literaly ask out women on dates? Is that bad?

                                                                  Stallman is weird in many ways but to consider him to be a malicious monster is ridiculous.

                                                                  1. 4

                                                                    He’s an awkward, clearly aspergers guy that asked some women out on dates quite awkwardly. That’s ‘untoward behaviour towards women’ today.

                                                                  2. 27

                                                                    When I did initially read about it, I was quite skeptic, particularly as I had recently seen many cases of mob justice gone wrong.

                                                                    Later it blew out of control and I did some digging. It turned out to be nothing else than the usual character assassination some collectives favor. Due to his personality and lack of awareness of current trends, Stallman proved an easy victim.

                                                                    1. 20

                                                                      Hard agree. Unfortunately, this is happening in tech far too often. The free and open source software movements are getting caught in the cross-fire of US politics.

                                                                      1. 4

                                                                        I disagree. RMS was a seminal contributor to the movement, but there is no reason to pretend that his behavior - which might have acceptable back in the day when computer sciences were a boys club and movies like Revenge of the Nerds were considered funny even though they depict non-consensual sex as a ‘prank’ - is compatible with today’s world.

                                                                        Epstein’s case is not subject to ‘politics’: the guy was a known pedophile and sex trafficker. There’s not even a point in arguing that. Minsky, who Stallman defended, was well-aware of Epstein’s circumstances and willingly took money from him and sexual favors from one of his victims. One could argue that Stallman was trying to make a ‘philosophical’ argument or playing devil’s advocate, but you’d have to ignore the kind of message that would be sending to any young women or victim of sexual assault in that mailing list: welp, it’s a shame Minsky got caught doing something really bad, let’s just ignore this other victim so we avoid rocking the boat!

                                                                        1. 14

                                                                          Epstein’s case is not subject to ‘politics’: the guy was a known pedophile and sex trafficker. There’s not even a point in arguing that. Minsky, who Stallman defended, was well-aware of Epstein’s circumstances and willingly took money from him and sexual favors from one of his victims. One could argue that Stallman was trying to make a ‘philosophical’ argument or playing devil’s advocate, but you’d have to ignore the kind of message that would be sending to any young women or victim of sexual assault in that mailing list: welp, it’s a shame Minsky got caught doing something really bad, let’s just ignore this other victim so we avoid rocking the boat!

                                                                          It is insane to me that RMS’s opponents would denounce a person for making an argument that a personal friend of theirs is not guilty of a crime, on the grounds that making this argument “sends a message” to people who might see it who are members of a demographic they assume is likely to be a victim of that crime. I’m deliberately not addressing the question of whether or not Stallman’s argument is correct or not, in the context of the actual alleged crime. Maybe he’s wrong and Minsky really was guilty in a legal or moral sense of having illict sex. I’m not sure what I think about Stallman’s argument in context, although I agree with him that something seems morally wrong about charging a person with the crime of statutory rape who was unaware that the person they had sex with was under the age of consent.

                                                                          I’m not particularly interested in litigating the details of a media-reported crime I have no special information about, and it doesn’t matter in any event. Young women as a demographic, or even actual victims of sexual assault, have no particular right to never see someone argue that a specific sort of sexual encounter wasn’t actually a sexual assault. I refuse to be complicit in condemning RMS for doing so.

                                                                          1. 2

                                                                            Do you even understand how society works? Are you arguing that people - in particular people in a position of power in a learning institution - should be able to say whatever comes to their minds, disregarding how other people are going to take what they say?

                                                                            That’s the kind of behavior that leads to the normalization of behaviors like Minsky’s. The fact that people like RMS are comfortable thinking this is some philosophical riddle we are able to discuss, instead of clearly gross behavior that would creep the fuck out of any young person in the lab, is the problem. This is not someone pondering whether a bear shits in the woods, this is someone defending a 74 year man having sex with people in the age range of his students in front of his students.

                                                                            Now, if that’s perfectly normal behavior for you, then I don’t know what to tell you. Maybe a consultation with a therapist would be a good start (and no, I’m not being an flippant about it).

                                                                            1. 6

                                                                              Do you even understand how society works?

                                                                              I believe this is a bit patronizing.

                                                                              Are you arguing that people - in particular people in a position of power in a learning institution - should be able to say whatever comes to their minds,

                                                                              Yes? I believe that anyone should be able to say almost anything. Of course, there are the traditional exceptions for slander and specific incitation of a crime.

                                                                              disregarding how other people are going to take what they say?

                                                                              Lacking foresight is no reason to deny someone’s voice.

                                                                              1. 6

                                                                                I believe that anyone should be able to say almost anything.

                                                                                Good argument against arresting someone. None of this is illegal, nor should it be.

                                                                                Bad argument for leaving someone in charge of the FSF. Figureheads have resigned for less.

                                                                                1. 3

                                                                                  Being cast out from society is, like it or not, a serious effect. It’s more serious, in many cases, than legal censorship.

                                                                                  1. 2

                                                                                    Not being the head of the FSF any more is not the same thing as being banished.

                                                                                    1.  

                                                                                      Being ostracised by the community and accused of all manner of wrongthink and wrongdoing based on at best wilful misinterpretation is being banished.

                                                                                      1.  

                                                                                        If it works out anything like it worked out for Brian Eich, I’m sure Starman would do fine.

                                                                                        1.  

                                                                                          Brian Eich? Starman?

                                                                                          Come on if you’re going to participate in the discussion you could make a good faith effort to at least get the names right.

                                                                                          1.  

                                                                                            I agree, but it’s Brendan Eich and Stallman. Starman is someone else entirely.

                                                                                  2. 4

                                                                                    I believe this is a bit patronizing.

                                                                                    But, on the other hand, it isn’t patronizing at all to assume how everyone should behave around people who say things that make them feel unsafe?

                                                                                    Yes? I believe that anyone should be able to say almost anything. Of course, there are the traditional exceptions for slander and specific incitation of a crime.

                                                                                    Sure, and I believe people should be able to fire a co-worker they disagree with or find generally disagreeable.

                                                                                    Lacking foresight is no reason to deny someone’s voice.

                                                                                    ‘Lacking foresight’ is hardly the problem, when there’s an extensive email thread where RMS kept digging deeper and deeper. I could see him lacking foresight before the first email, but by the third reply you’d assume he’d have some hindsight.

                                                                                    1. 3

                                                                                      Lacking foresight is no reason to deny someone’s voice.

                                                                                      Dr. Stallman’s free speech rights have not been infringed in any way.

                                                                                    2. 4

                                                                                      Do you even understand how society works? Are you arguing that people - in particular people in a position of power in a learning institution - should be able to say whatever comes to their minds, disregarding how other people are going to take what they say?

                                                                                      Yes. In fact, providing a space for people to say things that (some) other people take to be offensive is an important function of universities as an institution. This is the purpose of tenure systems, for instance.

                                                                                      That’s the kind of behavior that leads to the normalization of behaviors like Minsky’s. The fact that people like RMS are comfortable thinking this is some philosophical riddle we are able to discuss, instead of clearly gross behavior that would creep the fuck out of any young person in the lab, is the problem.

                                                                                      This isn’t (only) a question over whether some kind of sexual behavior is gross on an abstract philisophical level, it’s a question about whether something a friend of his did in fact or should have have constituted a serious felony under law. Discussing questions of law is absolutely the rightful concern of any citizen. I completely reject the idea that the standard of whether a behavior is moral or not should be based on whether some people claim it makes young people in a lab feel grossed out or not.

                                                                                      This is not someone pondering whether a bear shits in the woods, this is someone defending a 74 year man having sex with people in the age range of his students in front of his students.

                                                                                      I defend this. I explicitly believe that it is possible for a 74 year old man to have sex with someone of the traditional age to go to college (18-22 or so - that is, legal adults!) without either party doing something immoral. In fact, I believed this when I myself was within the ages of 18-22! Again, I refuse to be complicit in condemning someone else for making this kind of argument.

                                                                                      1.  

                                                                                        Yes. In fact, providing a space for people to say things that (some) other people take to be offensive is an important function of universities as an institution. This is the purpose of tenure systems, for instance.

                                                                                        RMS, as a non-tenured member of MIT, should’ve known that didn’t apply to him.

                                                                                        This isn’t (only) a question over whether some kind of sexual behavior is gross on an abstract philisophical level, it’s a question about whether something a friend of his did in fact or should have have constituted a serious felony under law.

                                                                                        ‘Gross’ vs. ‘legal’ isn’t abstract in the context he was discussing though. Let’s think of a different example: let’s say someone in an academic context talks about his experiences with prostitutes in a country where that’s legal. Would that be acceptable?

                                                                                        Just because something is legal, it doesn’t mean discussing it or defending it is appropriate in every context.

                                                                                        I defend this. I explicitly believe that it is possible for a 74 year old man to have sex with someone of the traditional age to go to college (18-22 or so - that is, legal adults!) without either party doing something immoral. In fact, I believed this when I myself was within the ages of 18-22! Again, I refuse to be complicit in condemning someone else for making this kind of argument.

                                                                                        Well, we agree to disagree on that. Personally, I feel like there are so many questions about power imbalance embedded in that statement, that it could lead to a loooooong conversation I’m not willing to have seeing as people have been flagging my replies because apparently not defending RMS is a sin or something.

                                                                                        1. 1

                                                                                          Yes. In fact, providing a space for people to say things that (some) other people take to be offensive is an important function of universities as an institution. This is the purpose of tenure systems, for instance.

                                                                                          There is a time and place for this - for example, invited speakers, seminars, lectures. A free-form mailing list for students and faculty would fall outside of this in most contexts - i.e. if some idiots starts spouting Nazi propaganda for trolling purposes, they can be banned from the conversation.

                                                                                          Dr. Stallman did not have tenure at MIT. In fact, he was not even part of the staff. His office and access to the mailing list was provided as a courtesy.

                                                                                          This isn’t (only) a question over whether some kind of sexual behavior is gross on an abstract philisophical level, it’s a question about whether something a friend of his did in fact or should have have constituted a serious felony under law.

                                                                                          The sad part of this is before this happened, I had no idea that Marvin Minsky was mentioned in the Guiffre deposition[1]. Had Dr. Stallman not gone out on the field and broken a lance for him, I would not have to contend with the plausible possibility of him availing himself of sexual favors provided through Epstein.

                                                                                          I refuse to be complicit in condemning someone else for making this kind of argument.

                                                                                          One can simultanously agree that Dr. Stallman has and did have a right to make this argument, and also agree with the right of MIT to terminate his unofficial occupancy of an office, and the right of the FSF to remove him from a leadership position[2].

                                                                                          Free speech is the right of an individual not to be gagged by the state, not an obligation that private parties have to host that speech.

                                                                                          ______
                                                                                          

                                                                                          [1] a deposition isn’t a statement of fact under the law, it’s a document submitted by one party in an ongoing lawsuit.

                                                                                          [2] as an advocacy group, the FSF is reliant on persuading people to their ideals (and usually soliciting financial donations). A public view (no matter how legally absurd) that their primary spokesperson is a defender of pedofilia is counterproductve to the mission of the FSF.

                                                                                          1. 4

                                                                                            Free speech is a principle of good society. Yes it has legal protection in some states but this constant appeal to ‘free speech is just a law stopping the STATE from censoring you’ is pathetic. Should we condone attacks on free speech in other states because it’s not protected by law in China or North Korea? Freedom of expression existed as a principle of a decent society far before it was ever enshrined in legislation. In New Zealand it isn’t even supreme law, essentially just a rule of administrative law and of legal interpretation (interpret ambiguity in favour of rights).

                                                                                            Nobody is talking about whether MIT had the right to terminate his privileges. That’s not in question, anywhere in this thread. The discussion is around whether it was right to do so.

                                                                                            1. 2

                                                                                              Nobody is talking about whether MIT had the right to terminate his privileges. That’s not in question, anywhere in this thread. The discussion is around whether it was right to do so.

                                                                                              In the narrow circumstances of Epstein’s alleged contributions to Harvard (he also had access to an office there as a private citizen, I believe) which is currently tearing Harvard apart, it was absolutely correct of MIT to defensively cut off Dr. Stallman from access to official MIT facilities and mailing lists. Not doing so would only have hurt MIT’s image (and possible future endowments).

                                                                                              Note that if Dr. Stallman had been part of the faculty or student body, I would probably not accept MIT’s behavior.

                                                                                              What is your opinion on the FSF removing him from a leadership position?

                                                                                        2. 3

                                                                                          Do you even understand how society works? Are you arguing that people - in particular people in a position of power in a learning institution - should be able to say whatever comes to their minds, disregarding how other people are going to take what they say?

                                                                                          I think that people should not be expected to self-censor on the basis that people might get offended on behalf of others.

                                                                                          This is not someone pondering whether a bear shits in the woods, this is someone defending a 74 year man having sex with people in the age range of his students in front of his students.

                                                                                          Society decided a long time ago - and has not changed its decision since then - that once you’re over the age of consent there’s nothing wrong with relationships with anyone of any age also above the age of consent.

                                                                                          You can advocate for change to that or that you think that’s wrong, but given that the primary basis for LGB rights advocacy I’ve seen is ‘consenting adults in private should be able to do what they like’ I think you should think carefully about what you’re implying.

                                                                                          1.  

                                                                                            I think that people should not be expected to self-censor on the basis that people might get offended on behalf of others.

                                                                                            So, is there any situation at all where you think people should self-censor? Say, for example, is sexual harassment appropriate? After all sexual harassment is just one person being offended about how someone else treats them.

                                                                                            Society decided a long time ago - and has not changed its decision since then - that once you’re over the age of consent there’s nothing wrong with relationships with anyone of any age also above the age of consent.

                                                                                            This is definitely not true. Society frowns upon all kinds of relationships where the age disparity is incongruous with the situation. For example, the terms ‘gold digger’, ‘crate robber’ and ‘cougar’ come to mind. Legality doesn’t equal acceptance.

                                                                                            You can advocate for change to that or that you think that’s wrong, but given that the primary basis for LGB rights advocacy I’ve seen is ‘consenting adults in private should be able to do what they like’ I think you should think carefully about what you’re implying.

                                                                                            If you can’t see the difference between two adults in a loving relationship wanting to be accepted by society vs. someone abusing a power imbalance to take advantage of people, then I don’t know what I can do to explain it to you.

                                                                                        3. 1

                                                                                          Young women as a demographic, or even actual victims of sexual assault, have no particular right to never see someone argue that a specific sort of sexual encounter wasn’t actually a sexual assault.

                                                                                          Conversely, Stallman has no particular right to an office provided as a courtesy by a private university, nor does he have a particular right to a leadership position in a privately-held non-profit advocacy group.

                                                                                          1. 8

                                                                                            Imagine someone who pretend to be very nice and morally virtuous to a crowd that’s obsessed with this, which can easily be any crowd when carefully herded the right way (most people will agree with superficial statements that sound “morally good”) and gains influence in this crowd.

                                                                                            Then, using this leverage (the belief this person is definitely a good person) and some character assassination material (an article, twits, whatever claiming a person is terrible; truth here is irrelevant, the holding of controversial opinions at any point in time, even the distant past, is often used as material), on someone (thereon subject), written by themselves or some convenient third party, calls on the mob to take on actions to try and destroy the subject’s life. Actions including online bullying and organized harassment of the subject’s employer, family and friends. This isn’t an exhaustive list.

                                                                                            There’s a name for a person who does this. It’s Sociopath, or as it used to be called, Psychopath. They are the actual monsters. Whereas the subject is actually nothing else than a victim. If you still have doubts, digging a little on the perpetrator will typically reveal they have had other targets. Yes, they do it, enjoy it, realize they can get away with it and then do it again.

                                                                                            It helps when in the mob there’s other monsters which enjoy doing this. They willingly help the mob leader, as in exchange they also get their help with other targets. There’s literally entire communities built around doing this.

                                                                                            This is getting out of control and it needs to stop. Awareness of how these monsters operate helps. At some point, however, instigators will hopefully have to start answering to Justice. The official sort, with trials, evidence, presumption of innocence and all these steps and safeguards which separate Justice from Mob Justice.

                                                                                              1. 5

                                                                                                I have just finished reading this. As I suspected, others have noticed this pattern, analyzed it and explained it much better than I could have.

                                                                                                Thank you for linking this excellent article on the matter.

                                                                                              2. 1

                                                                                                Imagine someone who pretend to be very nice and morally virtuous to a crowd that’s obsessed with this, which can easily be any crowd when carefully herded the right way (most people will agree with superficial statements that sound “morally good”) and gains influence in this crowd.

                                                                                                This is a straw man.

                                                                                                1. 3

                                                                                                  This is a straw man.

                                                                                                  No, it is not. My comment is about a dark pattern I have noticed in recent years, nothing else than that. The intended audience is pretty much everybody reading the thread. The intended effect is to raise awareness of this dark pattern, and to promote critical thought (there’s never enough of this).

                                                                                                  The poster I was replying to isn’t being targeted by me in any other way than being the post that incited my reply, and is absolutely not being pinpointed as the instigator. Thus, I am not making them into some strawman.

                                                                                                  Instead, they are kindly and indirectly being nudged into considering the possibility that they might be participating in such a scenario, and into reflecting into whether what they’re doing is positive.

                                                                                                  1. 1

                                                                                                    Can you cite an example of that ‘dark pattern’ you’ve noticed? Can you cite two examples? Can you cite examples where both sides of the political spectrum used that dark pattern to their advantage?

                                                                                                    I’ll be happy to discuss them.

                                                                                                    1. 3

                                                                                                      Here’s an example: there is a transgender YouTuber whose channel is called ‘ContraPoints’. Her name is Natalie Wynn. She makes videos about a variety of different topics. She’s clearly left-wing and has stated openly and frequently that she is not a transmedicalist (essentially someone with a very narrow view of what constitutes a ‘valid’ transgender person).

                                                                                                      She was essentially ‘cancelled’ on Twitter, and left Twitter as a result, because she made a video where she used a particular transgender activist as a voice actor for all of 6 seconds in an hour long video. What this activist actually said had nothing to do with transmedicalism, he was there to be the voiceover for a particular quote.

                                                                                                      However, because said activist is alleged (without any basis that I’ve seen) to have transmedicalist views, not only did ContraPoints get ostracised from Twitter and harassed so badly she deleted her account and left the platform, but anyone that expressed any support for her (her friends, etc.) were harassed, even if they didn’t actually say anything beyond ‘she’s my friend’.

                                                                                                      So to be clear, people get harassed (death threats, other violent threats, spammed with abusive imagery, told to kill themselves, etc.) not just for being a transmedicalist, not just for allegedly being a transmedicalist, not just for collaborating in an unrelated way with someone that they did not know allegedly is a transmedicalist, inhales but for being friends with someone that collaborated with someone that they did not know allegedly is a transmedicalist.

                                                                                                      But no you’re right I’m sure that cancel culture isn’t a problem.

                                                                                                      1. 1

                                                                                                        Can you cite an example of that ‘dark pattern’ you’ve noticed? Can you cite two examples? Can you cite examples where both sides of the political spectrum used that dark pattern to their advantage?

                                                                                                        The answer to all your questions is: I don’t need to.

                                                                                                        I’ll be happy to discuss them.

                                                                                                        I do not have the time nor the inclination to humor you any further than I have.

                                                                                                        1. 1

                                                                                                          The answer to all your questions is: I don’t need to.

                                                                                                          So… it was a straw man. You were just pushing the whole ‘virtue signaling’/‘conservative oppression’ talking point on a conversation that had literally nothing to do with that.

                                                                                                          I do not have the time nor the inclination to humor you any further than I have.

                                                                                                          I have a feeling that you are one of those people who thinks he’s right even when proven wrong, and has been proven wrong enough times he’s learned not to push the envelope when things aren’t going his way. Can’t say I’m surprised.

                                                                                                  2. -1

                                                                                                    lol

                                                                                          2. 8

                                                                                            I especially recommend reading the “Low grade “journalists” and internet mob attack RMS with lies.”, article, perhaps more for it’s content than it’s choice of words.

                                                                                            The upside to this whole debacle is that RMS will probably have more tile to work on the GNU project. IMO the role of president of the FSF wasn’t ever the best for him – even if I disagree with they way they amputated him. I’ve been following the Emacs mailing list in more detail recently, and maybe I have a wrong impression, but I see him taking part in the discussions more than at least over the last few years.

                                                                                            1. 0

                                                                                              I remember that article. It had some weird phrasings, since edited:

                                                                                              https://twitter.com/gerikson/status/1176211260142231552

                                                                                              RMS’ more ardent defenders are in general a bit outside the mainstream.

                                                                                              1. 9

                                                                                                This is known as ad-hominem. The author’s personal views (or what kind of person they are) are irrelevant to the validity of arguments presented.

                                                                                                The linked twit is a good reminder of why I avoid twitter. It is a community full of hate and destructive energy, not one of reasoning and respect for difference of opinions.

                                                                                                If someone cannot tolerate the existence of human beings who hold opinions different than theirs, then they’re toxic. Twitter is toxic, as it’s full of this sort of people, to the point it hosts mobs that attack people they disagree with, with the full intent of destroying their lives. This is called mob justice (I believe those involved tend to use euphenisms for this), as opposed to justice. Basically a mob, typically herded by a sociopath, playing judge and executor. It isn’t just in any way.

                                                                                                Twitter tolerates this behaviour and thrives on it. Twitter is a platform for organized hate. It is literally the platform where most of this is conducted. If Twitter went away overnight, the world would be better for it.

                                                                                                1. 3

                                                                                                  It’s not really a stretch to say that the age of consent at 16 is too old. There are clearly kids having consensual sex that shouldn’t be illegal below that age, but not much below it. ‘Romeo and Juliet’ laws for anyone under 18 is probably a much more reasonable system.

                                                                                              2. 1

                                                                                                Hm, that article doesn’t do a great job of proving Stallman’s supposed innocence.

                                                                                                His argument that Minsky having sex with Virginia Giuffre is not a crime even though she was a minor because she was coerced by someone else is ludicrous. By that argument, having sex with a victim of sexual trafficking Is acceptable. Minsky was a grown-ass man that should be responsible - and accountable - for his decisions, including deciding to have sex with a minor in very weird and strange circumstances.

                                                                                                Besides the potential legality based on jurisdiction, the very obvious lack of morality of the act should make anyone take a step back. One can’t equate a 17 year old having sex with a partner of similar age as part of a normal love relationship with a full-grown adult taking advantage of someone barely able to make a decision about their sexuality… and yet, the author of that article seems to think that because Stallman somehow has been consistent about that misrepresentation, that must mean he’s been wronged by someone pointing out it’s wrong.

                                                                                                1. 8

                                                                                                  He’s not arguing that it wouldn’t be a crime. I don’t know how you read that from the very clear, incredibly specific text.

                                                                                                  1. -1

                                                                                                    Did you read the mail thread linked in that article? The whole point of the thread is pondering if they should be calling this sexual assault or not, because to Minsky’s knowledge she could’ve just been a really keen very young woman. For context, they are talking about a 74 year old thinking that a teenager is coming on to him.

                                                                                                    1. 5

                                                                                                      I know two women who in their teens were gerontophiles.

                                                                                                      1. -1

                                                                                                        Ah, I see. So that makes it OK, I guess.

                                                                                                        1. 5

                                                                                                          It makes it believable that an old man could think a teenager is coming onto him, at the least.

                                                                                                      2. 2

                                                                                                        The structure of your post throws around some ideas, but doesn’t construct any arguments. It reads as an appeal to emotions.

                                                                                                        The whole point of the thread is pondering if they should be calling this sexual assault or not, because to Minsky’s knowledge she could’ve just been a really keen very young woman. For context, they are talking about a 74 year old thinking that a teenager is coming on to him.

                                                                                                        Your point being? Be very specific, because through your roundabout strategy, you come out to me as pushing the idea that some topics should never be discussed, that some ideas should be never expressed, and that people who dare do so should be executed by mob. Or that it is alright if this is what happens.

                                                                                                        Please correct me if I am wrong. By all means, please tell me this isn’t what you’re trying to push.

                                                                                                    2. 3

                                                                                                      Virginia Giuffre

                                                                                                      Being born in 1983, she couldn’t have been a minor in 2001 when she alleged this trafficking took place. Assuming that it happened, that Minsky was involved, and that Minsky had sex with her, the crime would not be having sex with a minor.

                                                                                                      His argument that Minsky having sex with Virginia Giuffre is not a crime even though she was a minor because she was coerced by someone else is ludicrous. By that argument, having sex with a victim of sexual trafficking Is acceptable.

                                                                                                      If you don’t know that someone is a victim of sexual trafficking then it isn’t wrong. Obviously.

                                                                                                      1.  

                                                                                                        That depends on the definition of ‘minor’. In most places that means ‘under 18’, and last time I checked, if she was born in - say - September 1983 and the sexual encounter happened in January 2001, that’d make her a minor. In fact, being that both of them are American, and considering that Americans aren’t exempt from crimes committed against other Americans abroad, the statue is even less clear.

                                                                                                        If you don’t know that someone is a victim of sexual trafficking then it isn’t wrong. Obviously.

                                                                                                        Millions of Johns that got thrown in jail would like to disagree with you.

                                                                                              1. 5

                                                                                                Interesting if god-awful reasoning behind Windows setting the hardware clock to localtime.

                                                                                                1. 8

                                                                                                  It’s not awful; it’s human-centric as our tools should be. Let the OS work a little harder so the system makes sense to the user even if they drop to a lower level.

                                                                                                  1. 5

                                                                                                    It isn’t human-centric, it’s pointlessly difficult: Most humans aren’t using the BIOS time, and the ones who are don’t want the problems inherent with trying to keep BIOS time on local time.

                                                                                                  2. 6

                                                                                                    Chen is always interesting and I sympathetic with Microsoft’s problems (apps love bad practices, but need to keep working, while keeping the system secure), sometimes it feels he’s reaching at straws to retroactively justify a bad decision.

                                                                                                    1. 5

                                                                                                      Other than compatibility with operating systems that set the hardware clock to UTC, why is it a problem?

                                                                                                      1. 13

                                                                                                        The word reify/reified/reification is used 19 times in this article (which to me suggests the meaning of this particular word is quite important), and I’m not sure I agree with the author’s usage of it. My understanding of the word reify is to make a concrete implementation of an abstract idea or data model. I’m finding it hard to stretch this definition to fit the ideas the author is describing.

                                                                                                        I tried to learn if this word might be interpreted differently in a design or human-computer-interaction context, but if this word just means to “thingify” something abstract like a work practice, then I don’t understand the distinction the author is making between CLIs and GUIs. In fact, the author seems to almost immediately totally contradict themselves in the conclusion with these two pull-quotes; emphasis my own:

                                                                                                        A unique advantage that CLIs typically offer over GUIs is that the interaction between user and computer is reified

                                                                                                        The reification of interaction is, however, not fundamentally limited to CLIs, and the concept may just as well be applied to GUIs.

                                                                                                        1. 6

                                                                                                          The word “reify” is used broadly enough that I don’t think the author’s use is too much of a stretch.

                                                                                                          Also, I think the author was mistaken in using “unique advantage”, because the rest of the article makes it pretty specific that they really mean “the default behaviour.” GUIs interactions can be reified, but shell commands are reified by default, because the shell itself takes care of it.

                                                                                                          1. 1

                                                                                                            I agree. I think I get what the author is trying to express, and I think persistent is a much closer word. Previous interactions remain on the “screen” (sometimes you have to scroll up), .bash_history and all that.

                                                                                                            To me, for a CLI to reify the UI, it would have to do something like create ~/.interactions/ and save each interaction as a file (or a directory of files) so I can look at ~/.interactions/last/command much like !!. You know when the CLI doesn’t reify? when output scrolls off the screen, and your output buffer is too small, and the command you want is in another bash terminal, when you accidentally paste hexcode and you need to reset the window. And the bit about copy/paste is extremely limited on the command line without GUI niceties like mouse selection.

                                                                                                            CLIs are documented UIs, sure maybe. CLIs are persistent UIs, sure. But not reified.

                                                                                                          1. 13

                                                                                                            Oh my goodness. This is not Javascript, it’s Typescript!! With a .js extension!!

                                                                                                            Wow, that’s a new level of wtf. I wouldn’t chalk that particular error to Node - mislabeling source files is pretty much an “developer is gravely mistaken” error.

                                                                                                            The more I think about it, I wonder if the github author first took a node project skeleton then dumped or rewrote a section in typescript and didn’t update the README.

                                                                                                            A mislabeled typescript file put erroneously into a stale project skeleton is hardly a fair experience, except for “how a developer with a stale readme can cause pain”.

                                                                                                            1. 6

                                                                                                              My guess is that it was Flow rather than TypeScript. They have very similar syntax for type declarations, but Flow was mostly written with a .js extension, whereas TypeScript will issue a compile error if types are embedded into a .js file using the typical syntax. (You can use TS with types in a .js file, but only in comments.)

                                                                                                              1. 6

                                                                                                                That still merits a WTF from me. Why do the Flow developers think it’s okay to appropriate the extension of a different, closely-related file type?!

                                                                                                                1. 4

                                                                                                                  Why do the Flow developers think it’s okay to appropriate the extension of a different, closely-related file type?!

                                                                                                                  Because the ambition was to have Flow as a superset of JavaScript, which would allow teams to gradually introduce static typing to their existing codebase.

                                                                                                                  I’m not going to pass judgment on whether or not I think this is a good idea. However, this was devised by some of the highest-paid programmers in the world (since they work[ed] at Facebook), which I think validates the points about the JavaScript ecosystem that Lea Verou was making in her article, and the points that I’ve made elsewhere in this thread.

                                                                                                              2. 3

                                                                                                                You’re right to be horrified, but it’s not the developer’s fault, I’d bet. The reason it’s .js extension (if it’s TS and not flow) is likely to be the difficulty they had in configuring their build toolchain, which is a constant thorn in the side of all of us JS devs with everything constantly shifting underneath us. And almost every single npm package in existence is filled to the brim with content that has no business being in the built+published artefact. NPM the tool makes publishing the correct content incredibly difficult, if you’re doing any sort of build-time tooling at all.

                                                                                                              1. 3

                                                                                                                This sounds oh-so-much like the AmigaOS CLI, which not only has argument parsing as part of the standard library, but human-readable arguments. To list all files (not directories) recursively updated since yesterday, you write “list all files since yesterday”. To copy a file, you write “copy from this to that”, with from and to being optional. DCL users will also understand the made-up distinction between one-shot commands and interactive use.

                                                                                                                Oh, and the notion that GUIs can’t be scripted is preposterous.

                                                                                                                1. 1

                                                                                                                  You certainly could script GitLab through Selenium, but GitLab doesn’t actually promise a stable DOM tree the same way they promise a stable API, and I’m pretty sure it would be a lot slower, too.

                                                                                                                  1. 1

                                                                                                                    Gitlab is just a webpage, isn’t it? It’s not even a real GUI, and you’re just lucky it even has a stable REST API.

                                                                                                                    1. 1

                                                                                                                      and you’re just lucky it even has a stable REST API

                                                                                                                      It’s not luck. Platform lock-in is their business model; every time they break their API, they make it more expensive to stay on their service (and, thus, relatively cheap to leave). It’s the same business model that Microsoft Windows follows.

                                                                                                                      1. 1

                                                                                                                        Let me put it this way: You’re lucky they have a business incentive to have a stable REST API.

                                                                                                                    2. 1

                                                                                                                      As someone who uses Selenium:

                                                                                                                      A stable DOM tree isn’t the hard part. Maybe GitLab is more static than the sites I work with, but you quickly learn that there’s a difference between what you can see on the screen, what the browser knows as its DOM, and what Selenium thinks it can click or otherwise interact with at any given instant.

                                                                                                                    3. 1

                                                                                                                      DCL users will also understand the made-up distinction between one-shot commands and interactive use.

                                                                                                                      i also has this, in addition to VMS. There, programs can snarf an argv that doesn’t have just strings and free of any argument parsing, and the CLI can provide consistent parsing, structured suggestions, inline help, turning a command description into a form, etc. A lot better than the ad-hoc getopt (if it’s even that, or subtly different… or worse, hugely different like dd) soup.

                                                                                                                      edit: Re-reading the article makes me realize only DCL has this, not i. i does have structured commands/prompting that VMS lacks. FWIW, the VMS/DCL one-shot/REPL modes also make it so you can fire a bunch of commands off in a script, something like:

                                                                                                                      $ command task/flag
                                                                                                                      $ command secondtask/flagtoo=arg
                                                                                                                      $ ! or
                                                                                                                      $ command
                                                                                                                      task/flag
                                                                                                                      secondtask/flagtoo=arg
                                                                                                                      

                                                                                                                      Oh, and the notion that GUIs can’t be scripted is preposterous.

                                                                                                                      AppleScript and VBA prove this worng. Even without native hook points, @hwayne has had great success with AHK.

                                                                                                                      1. 1

                                                                                                                        When you say “i”, you mean IBM i Series, the artist formerly known as OS/400?

                                                                                                                        1. 1

                                                                                                                          Yes. It reminds me I should write some kind of primer for Lobsters on interesting ideas it has…

                                                                                                                    1. 7

                                                                                                                      When it comes to blocking ads, I go all the way: uBlock Origin with all the bells and whistles activated, cookie-blocker, cookie-consent-blocker, privacy badger, cookie autodelete, etc., but most importantly, SponsorBlock, where a community of enthusiasts identifies sponsor clips in youtube-videos, marks them and auto-skips them for everybody else. If you think that these sponsors take long to get “detected”, you’re wrong: I’ve not seen a single sponsor since I’ve been using it, even on videos only a few minutes (!) old.

                                                                                                                      Sponsors are getting increasingly annoying and widespread on YouTube. I don’t think that content should be free, and youtubers need a way to monetize their videos, but using ad blocking technology might push them to much saner models like Patreon.

                                                                                                                      I see it like this: Every ad-served user wastes a set amount of time and is annoyed, but only contributes like 0.001€ per view. If only one in 5000 viewers is a regular supporter on patreon with 5€/video (which is not uncommon), the youtuber gets the same amount of reward and everyone benefits from it. The patreon supporter gets a few perks on top, but most importantly, no one has to sit through ads. Another thing is, that since the adpocalypse on YouTube, the YouTubers are getting demonetized for even little things. And those ad-friendly-guidelines will get stricter and stricter. Going away from ad-revenue will not only bring benefits to the viewers, it will also bring back independence to the videomakers.

                                                                                                                      Some people blame me for blocking ads, but I just can’t be arsed to sit through them. Every time I use another person’s phone, it really shocks me how bad ads on the internet have become. Those people using iDevices can’t even install ad blockers, which shows how bad a walled garden can harm your experience.

                                                                                                                      1. 8

                                                                                                                        I probably won’t install SponsorBlock.

                                                                                                                        The main reason is that most of the arguments I made against ad blocking don’t apply here. Sponsored video clips are unlikely to exploit vulnerabilities (the video creator, and likely the video host, have reencoded the clip they were provided, so any malformed video is probably gone by now). They can’t track you, since they cannot make any outgoing web requests, and they cannot change after the video has been produced. And because they’re unable up change after the video is put out, they’re also unlikely to link to fly-by-night malware operations; starting from scratch as a direct video sponsor is too much work.

                                                                                                                        They’re still annoying, but I’m sorry, the time and effort it takes to install and configure an ad blocker takes too much work just for a minute or two per video.

                                                                                                                          1. 4

                                                                                                                            It’s not as simple as a five minute initial setup. Ad blockers incur a variety of other costs:

                                                                                                                            • I’m not nearly smart enough to make good points on capitalism in general, but I know people who see ad blocker as a moral hazard. I do have to justify myself to others.

                                                                                                                            • Ad lists aren’t 100% reliable. There’s the risk of someone inserting a “sponsor segment” that messes up the video, either because they disagree on what constitutes a sponsor segment (does product placement count?) or because they’re just trolling.

                                                                                                                            • If I switch browser, I need to re-install the add-on.

                                                                                                                            • If the browser upgrades, the add-on might break.

                                                                                                                            • If the video website upgrades, the add-on might break it.

                                                                                                                            • The add-on might be compromised. Ask about the Stylish incident.

                                                                                                                            Clearly worth it for the script-carrying ad networks (I am not going to take on a security hazard just up prop up your business), but not so obvious for video sponsors.

                                                                                                                        1. 2

                                                                                                                          Thank you for this, I never heard about SponsorBlock and I already love it!

                                                                                                                          1. 1

                                                                                                                            If only one in 5000 viewers is a regular supporter on patreon with 5€/video (which is not uncommon), the youtuber gets the same amount of reward and everyone benefits from it. The patreon supporter gets a few perks on top, but most importantly, no one has to sit through ads.

                                                                                                                            This is a great point. This is a really good article on that topic by Tim Carmody.

                                                                                                                            Those people using iDevices can’t even install ad blockers

                                                                                                                            This isn’t really true: iOS has supported ad blockers (“content blockers”) since September 2015. Granted, these are only used for web content—they’re active in Safari and in all embedded web views but they can’t apply restrictions to non–web view content in apps. Overall, though, I don’t think it’s fair to say that iOS doesn’t support ad blockers.

                                                                                                                          1. 12

                                                                                                                            Good website. But @notriddle can you please not use news websites as your sources ? Those are not only the worst when it comes to ads, but they are known for blowing things out of proportion, which makes your argument look flimsy.

                                                                                                                            1. 11

                                                                                                                              I get your point, but it’s a matter of bootstrapping the trustworthiness of my claims.

                                                                                                                              CNN might do a lot of unfortunate things, but I can’t think of anyone who’s more likely to be trusted. If they said that Google ran a month-long ad campaign that pretended to sell fishing licenses, then it probably happened. What other site could I possibly link to, and actually expect my target audience (which isn’t actually you, since you already know this stuff) to give me the time of day? Academic papers are probably pretty good, but they use the English language in a way that lots of people find impenetrable. Wikipedia isn’t even worth considering, though in a few cases, I actually discovered the article through Wikipedia. Neither are independent blogs, or people like SwiftOnSecurity that my audience never heard of.

                                                                                                                              Who could I link to instead that I would expect a technically illiterate reader to both understand and trust?

                                                                                                                              1. 2

                                                                                                                                Add some research on the bottom, keep inline news. It is messy, but guess what - the world is messy. And being idiot-proof is imho good.

                                                                                                                              2. 5

                                                                                                                                Yeah, In my opinion it is nonsensical to cite news sites when there is real research on the topic.

                                                                                                                              1. 9

                                                                                                                                I wrote some about ad blocking over here a few months ago: http://daemonforums.org/showthread.php?t=11265 (username=Carpetsmoker); some relevant parts:

                                                                                                                                Advertisements have been an important revenue source for the publishing industry for over 100 years, and I’m actually in favour of allowing ads that don’t have the tracking and such that most do; at its most basic this could just be an <img src="/ad.png">.

                                                                                                                                It’s easy to just say “all ads bad”, but things turn out to be a bit more nuanced once you start building products that are very hard to monetize otherwise. For example, one product I worked on a bit last year is a better recipe site with some novel ideas, but … how do you monetize that without ads? Not so easy. I ended up shelving it and working on something else that’s easier to monetize (hopefully anyway…)

                                                                                                                                There should probably be more transparency from AdBlock, but having advertisers pay some amount of money to vet their ads by AdBlock is not wholly unreasonable.

                                                                                                                                [ … some replies snipped …]

                                                                                                                                Yeah, I agree it’s complex; I have no easy answers either.

                                                                                                                                Right now my website has some ads from codefund.io – which explicitly advertises itself as ethical ads and is fully open source – which are blocked by default by uBlock origin (and I believe also AdBlock). These adblocking tools do much more than just block requests to third-party data-collectors, they frob with the HTML in an attempt to remove every single last ad, and while there is some merit to this for the really intrusive/annoying ones, I feel this is fundamentally a misguided approach which doesn’t consider the perspective of publishers/product makers.

                                                                                                                                I use uBlock origin too, for all the same reasons as you do, but I don’t really like it because of this. I’m currently working full-time on open source stuff, and the income from these ads isn’t a bit of pocket-money on the side, it’s part of my income. Removing these kind of ads kind of rubs me the wrong way. Basically, I’m “collateral damage”.

                                                                                                                                I maintained a “track blocker” (trackwall) for a while, which I think is much more reasonable than an “ad blocker”.

                                                                                                                                The current situation sucks for both users and publishers :-(

                                                                                                                                1. 13

                                                                                                                                  The current situation sucks for both users and publishers :-(

                                                                                                                                  I completely agree. Today’s situation is a perfect example of a defect-defect equilibrium.

                                                                                                                                  From the advertisers’ standpoint: if users don’t have ad blockers, then they’re better off if they act badly (you save the money that would be needed to vet ads), but if the users do have ad blockers, they’re still better off acting badly (milk whoever remains for all they’re worth). As for the end users, it hardly matters what the ad company does, because blocking ads is always better than not doing so.

                                                                                                                                  I still blame the ads industry for being greedy. Setting up ad blocking takes time, and while it’s hard to give it up once you have it, few would go through the time investment unless things were really bad.

                                                                                                                                  1. 12

                                                                                                                                    It’s easy to just say “all ads bad”, but things turn out to be a bit more nuanced once you start building products that are very hard to monetize otherwise.

                                                                                                                                    IMHO, “products that are very hard to monetize otherwise” sounds a lot like “products that people don’t think it’s worth paying for”. I’m very much into things that people aren’t usually willing to pay for myself, so I sympathize, but not everything that you or me like is also a good business idea. If the only way to monetize something is by having a third-party siphon other people’s data, that probably means it’s just not a great commercial venture. Lots of things aren’t, it’s just how it is.

                                                                                                                                    1. 10

                                                                                                                                      I think it’s a little bit more complicated than that. There are an untold number of cooking books, websites, TV shows, etc. Almost everyone cooks at least occasionally, and many do it regularly. It’s a big market, and these kind of products (including sites) bring a lot of value to people. Cooking is not even an especially big hobby of mine, it’s just something I noticed where improvements can be made, and I have a few ideas on it.

                                                                                                                                      I think it’s more a “race to the bottom” kind of thing. It’s just really hard to compete against “free”: given two websites which are equal where one is €5/month subscription and the other is “free”, then many (probably most) will use the “free” one (often with adblock), leaving me with no option to offer a “free” option as well. Even with a great product, you really need a clear edge to compete against that.

                                                                                                                                      Or to give an analogy: if I set up a stand with “free cooking books” next to the book store, then I’m fairly sure the book store’s sales of cooking books will drop.

                                                                                                                                      1. 6

                                                                                                                                        First off – I apologize if I was/am harsh or unfair. I understand this is probably important to you (and as the “happy owner” of several entirely unmonetizable – and, worse, probably expensive – passions, I know how it can feel). I’m not trying to discourage you or anything – the tl;dr of these posts is “here’s why x64k doesn’t wanna pay for recipes”, not “here’s why your idea sucks and you suck”. The fact that I’m unwilling to pay for recipes may well put me so much outside your target audience that if I were to think your idea sucks (which FWIW I don’t, since I don’t know too much about it in the first place), it might actually mean it’s great :-D.

                                                                                                                                        So, with that in mind:

                                                                                                                                        There are an untold number of cooking books, websites, TV shows, etc. Almost everyone cooks at least occasionally, and many do it regularly. It’s a big market, and these kind of products (including sites) bring a lot of value to people. Cooking is not even an especially big hobby of mine, it’s just something I noticed where improvements can be made, and I have a few ideas on it. I think it’s more a “race to the bottom” kind of thing. It’s just really hard to compete against “free”

                                                                                                                                        It is – but then again, “free” is what recipes have been since practically forever. It’s not like websites with free recipes have “disrupted the recipe market”. If all free recipe websites were to close tomorrow, and only subscription-based websites were to exist, I still wouldn’t pay a dime for these, since all I need to do in order to find out how to make pastitsio (random example ‘cause that’s what I had for lunch and it’s not from my part of the world) is ask someone who knows how to make pastitsio. I learned how to cook dozens, if not hundreds of things from family and friends. Some of them from far, far away, which is how I can cook Carribean or Japanese dishes in the middle of Europe (when I can get the ingredients, that is). I’ve never paid a dime for any of these things, I just asked nicely when I was abroad, or when someone from abroad was here, and did a few hilarious screw-ups until I got it right.

                                                                                                                                        Of course it’s a race to the bottom (the bottom being “free”) when learning how to cook from friends and family is how virtually everyone who’s not a professional in the field learned has done it since practically forever, and when this is still available.

                                                                                                                                        1. 3

                                                                                                                                          I didn’t take it as either harsh or unfair, so no worries :-)

                                                                                                                                          Recipes are not even eligible for copyright, but it’s not the recipes as such that you charge for but rather the making available of them. There are about 18 million cooking books sold in the US every year, so there’s definitely a market.

                                                                                                                                          I personally wouldn’t pay for a recipe website either, as I’m too casual of a user. Then again, I have bought cooking books, which are pretty much the same. Kinda funny how that works 🤔 I think this is a general problem with the internet: if every “casual user” would pay a low (<$1, depending on usage) amount of money then there’s no need for ads – that’s basically what ads are right? – but there’s no real way to do that AFAIK. I know Brave has gotten a lot of flak here, but I really like it for at least trying to solve this problem (although I’m not really sure about their whole cryptocurrency approach; but that’s a different discussion).

                                                                                                                                          I’m not angry, bitter, or resentful about any of this, by the way, they’re just observations. I wrote this as a hobby thing early last year after I quit my job after a bit of a burnout and it was the first time I had fun programming in a long time. In a way it’s probably the best thing I’ve ever worked on; it was very therapeutic. After I decided I wanted to work on my own product I looked at my options with what I already had, and came to the conclusion this probably wasn’t the best way to earn a living so shelved it for the time being. I still want to get back to it as a hobby thing once I have some time (and think of a name for it!)

                                                                                                                                          If you look at the existing big recipe websites then almost all of them suck: they’re shitty “recipe dumping grounds” with untold popups and all sorts of bullshit, and in a perfect world someone providing a better product shouldn’t have a hard time making an earning from it without crapping their product up with a zillion ads.

                                                                                                                                          I think the best thing we (as programmers/community) can do here is to make good alternatives available, which could be a “sane ad network” or perhaps something entirely different. I know that’s easier said than done but people do things to solve real problems they have (the same applies to many other things, and many people are working on this, with varying degrees of success).

                                                                                                                                          1. 2

                                                                                                                                            Cookbooks are a pretty decent example of how recipe-centered sites can monetize, though. Binging with Babbish on YouTube is always pushing his cookbook, along with whatever product has sponsored his video. If people want to feel like they’re getting something that took effort to make (like a physical book) in return for their $20, then that’s how the recipe space will be monetized. Patreon is also gaining significant ground in monetizing quality content made available for free.

                                                                                                                                            At the end of the day, people seem to recognize that the marginal cost of serving information on a website to an additional person is near zero and they balk at paying (subscription or not) for something digital unless it is perceived to be expensive to provide (like music, movies, internet itself, etc.).

                                                                                                                                            1. 1

                                                                                                                                              If we’re being honest, most recipe books suck, too – I guess it’s easier to pay for them because they’re a physical item and people are used to paying for books in general. But by and large, I discovered that even expensive books with fancy endorsements turn out to be… well, not wrong, these are recipes after all, but somewhat untrue to their topic. For example, I’m yet to see an English-language book that recommends anything even close to an useful amount of olive oil for recipes around the Mediterranean (or at least the ones I’m familiar with).

                                                                                                                                              What I really wish we had, especially now that the world is much better connected and Internet access is universal, is something akin to rec.food.recipes, alt.gourmand and rec.food.historic :).

                                                                                                                                              Edit: FWIW, I kindda like the idea of what Brave did. Back when rec.food.recipes was still a thing, I didn’t really have a problem with ads. I used some ad-supported software, including Opera (which I still miss so much), and I thought it was okay. I didn’t really mind the large banners, either, some of them were actually pretty neat..

                                                                                                                                              1. 1

                                                                                                                                                I suppose Sturgeon’s law (“90% of everything is crap”) applies 😅

                                                                                                                                                I was a long-time Opera user as well, and used the ad-supported version back in the day. That was a different time though, before the ad-tech industry became what it is today. I’d be more hesitant to use a similar model today. And I also still miss that browser :-( Pretty much everything about it was fantastic.

                                                                                                                                        2. 5

                                                                                                                                          Yeah, “ideas” aren’t “businesses”.

                                                                                                                                        3. 4

                                                                                                                                          at its most basic this could just be an <img src="/ad.png">.

                                                                                                                                          Part of the problem is that even this type of innocuous-looking “non-tracking” ad can, without much effort, be turned into a tracker. It doesn’t take that many ads like this one to be able to generate and track a unique user identifier via HSTS, for example.

                                                                                                                                          1. 7

                                                                                                                                            The amount of information it can track is quite limited though, compared to canvas/font tricks and whatnot. It’s also much more in transparent and in your control on what you send. It would still me a massive improvement over the current situation.

                                                                                                                                            You can use src=data:base64 too.

                                                                                                                                          2. 3

                                                                                                                                            Maybe if publishers had real businesses that deserved to make money because they actually provide a good service to the community then they wouldn’t have this problem! :)

                                                                                                                                          1. 3

                                                                                                                                            I wonder how LWN feels about folks posting subscriber links here. Almost every one posted is a subscriber link…

                                                                                                                                            1. 26

                                                                                                                                              (LWN editor here)

                                                                                                                                              The short answer is that the occasional posting of subscriber links to sites like this is, as far as we can tell, beneficial to LWN. It exposes our work to a wider audience, lets us pitch the occasional trial subscription offer, and leads to higher subscription numbers overall. It’s some of the best word-of-mouth advertising we can get.

                                                                                                                                              That said, posting such links could clearly turn into a problem if it causes the LWN paywall to entirely disappear. So we ask people to restrain themselves and not post too many of them to public sites.

                                                                                                                                              For those who don’t understand our model, LWN is almost entirely subscription-supported at this point. We think it is a great model; it aligns our interests with those of our readers, doesn’t require us to sell readers out to the surveillance capitalism machine, and has let us watch the collapse of the advertising market without distress. It has kept us going (more comfortably some times than others) since we adopted it in 2002.

                                                                                                                                              If you find articles like this one worthwhile, please consider supporting the creation of more of them with a subscription of your own; we would love to see you around more often!

                                                                                                                                              1. 3

                                                                                                                                                Often, for topics I’m investigating, I notice that the definitive online resources are links to LWN articles. I started my LWN subscription to support the creation of more articles like that.

                                                                                                                                                As I mentioned above, for a few years I simply read the articles that were freely available on LWN. After some introspection, I realized that for more or less the same reasons that I make my contributions to free/open software, I could and should also support reporting and writing about that software, even if I didn’t absolutely need access to those articles during the one-week subscriber-only period. In other words, my supporting LWN was one way for me to give back to the wider community that’s given me so much.

                                                                                                                                                Finally, I’m also very happy with the absence of intrusive advertising and tracking on LWN site.

                                                                                                                                                1. 1

                                                                                                                                                  There was a collapse of advertising market?

                                                                                                                                                  Anyway, I do believe it’s a better model in the end and I’m happy to see you sticking with it.

                                                                                                                                                    1. 1

                                                                                                                                                      I’m not keeping track of the advertising market, but my impression is that adblock users are still a tiny minority. Is there data on adblock user stats and ad market revenues? This is getting offtopic of course…

                                                                                                                                                2. 3

                                                                                                                                                  From the page when you attempt to create a subscriber link:

                                                                                                                                                  The “subscriber link” mechanism allows an LWN.net subscriber to generate a special URL for a subscription-only article. That URL can then be given to others, who will be able to access the article regardless of whether they are subscribed. This feature is made available as a service to LWN subscribers, and in the hope that they will use it to spread the word about their favorite LWN articles.

                                                                                                                                                  If this feature is abused, it will hurt LWN’s subscription revenues and defeat the whole point. Subscriber links may go away if that comes about.

                                                                                                                                                  I interpret that as they are okay with it as as long as it’s not abused.

                                                                                                                                                  1. 3

                                                                                                                                                    I don’t think it matters to them if everyone reads a story for free, it matters to them if all stories can be read for free. People who click on the link here are either:

                                                                                                                                                    • People already subscribed to LWN. This is only a problem if they see all of the stories that they read here (and elsewhere) and drop their subscriptions.
                                                                                                                                                    • People who can’t afford to subscribe to LWN or won’t ever subscribe for other reasons. It costs a small amount for LWN to serve web pages to these people, but it’s likely to be in the noise.
                                                                                                                                                    • People who hadn’t considered subscribing to LWN before. For these people, there’s a balancing act. If they see all of the stories that they’re interested in without subscribing, then they’re a small cost. If they see some of the stories they’re interested in without subscribing then this is a small cost (and a lost potential customer) but if they only see some of them then this makes them more likely to subscribe.

                                                                                                                                                    LWN posts subscriber-only stories almost every few days and lobste.rs posts one every week or two. I expect that this ratio is pretty good for advertising. That said, they could probably do a lot better if they did a little bit of in-site advertising. They’d probably see a much higher conversion if every article visited via a subscriber link contained normal links to 2-3 other relevant subscriber-only stories so that people get an immediate view of what they’re missing by not subscribing (I didn’t even realise LWN has subscriber-only stories until I saw these comments because I completely blank out boxes like the one at the top and I’d therefore never considered subscribing, though they do run a lot of things I’m interested in). It would also be nice if they put a small text banner on the top saying something like

                                                                                                                                                    1. 2

                                                                                                                                                      “subscriber only” is bit misleading: LWN stories are subscriber only for one week, after that they are public. So everyone can access all the stories, but most people probably wouldn’t remember to share something interesting to others after waiting for week.

                                                                                                                                                      1. 1

                                                                                                                                                        Correct. They’re “subscriber only” in the sense that only a subscriber can create them. I lurked on LWN or a few years and read only 1-week old articles before I decided that I wanted to spend my hard-earned cash to support them. Not to read the articles fresh off the press.

                                                                                                                                                    2. 0

                                                                                                                                                      Well, that’s the question. Is it abuse (almost exclusively) posting subscriber links to a site like lobste.rs, which has many active users?

                                                                                                                                                      1. 2

                                                                                                                                                        If this feature is abused, it will hurt LWN’s subscription revenues…

                                                                                                                                                        I don’t think these links would hurt their subscription revenues. Instead, high-quality content can be great advertisements on Lobsters. I assume by “abuse” they mean using a bot to generate subscription URLs for every single article and resell them, etc.

                                                                                                                                                        1. 0

                                                                                                                                                          The same link was posted to Hacker News and Proggit:

                                                                                                                                                          http://gerikson.com/hnlo/#gmy7ub_23240800

                                                                                                                                                          1. 0

                                                                                                                                                            As the note states, let them worry about it. If you feel bad and are not subscribed to LWN then subscribe or buy it for a friend!

                                                                                                                                                        2. 2

                                                                                                                                                          Limiting the number of people who can access a subscriber link would be easy (almost trivial), and I think it’s safe to say that LWN is aware that these links frequently get shared on HN, Reddit, Lobsters, etc. So it seems that LWN is okay with this.

                                                                                                                                                        1. 12

                                                                                                                                                          It’s not our fault that software is looked down upon in academic circles as work for unskilled, undertrained students. You can build the safest language in the world and still have a sufficiently foolish fool create a disaster. The issue isn’t with software, it’s with culture.

                                                                                                                                                          And no tooling can solve a culture problem.

                                                                                                                                                          1. 3

                                                                                                                                                            It’s not our fault that software is looked down upon in academic circles

                                                                                                                                                            Considering the dismal state of commercial and open source software, I’d say it kind of is. Too much widely-used snake oil and superstition.

                                                                                                                                                            1. 9

                                                                                                                                                              That’s not the reason it’s looked down upon. It’s looked down upon because of the hierarchical nature of academia.

                                                                                                                                                              You can find plenty of reasons to flagellate yourself. Go ahead, I won’t stop you. But that doesn’t answer the hierarchical issues at play of “being above” such dirty work as observed from academics.

                                                                                                                                                            2. 1

                                                                                                                                                              It’s not our fault that software is looked down upon in academic circles as work for unskilled, undertrained students.

                                                                                                                                                              Admittedly, the feeling is quite mutual on the software industry side.

                                                                                                                                                            1. 1

                                                                                                                                                              I’ve experienced similar issues with an email-only login we implented in a small B2B application. First of all, it was not easier that just implement Email/Password with Django (there was no need to add a recovery password option, since the product is very small, people will just send us an email). Second, most emails arrived fine or in spam folder, which is ok, but some companies (10%) never got an email from us. We used SendInBlue because it was easy to implement (just use SMTP). However. even if it worked, it’s somehow strange yet, and not an option for all users.

                                                                                                                                                              1. 1

                                                                                                                                                                there was no need to add a recovery password option, since the product is very small, people will just send us an email

                                                                                                                                                                I’m pretty sure the entire premise behind claiming that email-login is easier is that you’re already implementing the password reset option. If you aren’t implementing password reset by email, then the premise is no longer true.

                                                                                                                                                              1. 13

                                                                                                                                                                The below essay is Frankfurtian bullshit. I wrote it in the same style as https://shouldiusethreads.com/, because I believe that it is also bullshit of the same type; all of the statements are true, or at least very very hard to falsify, but it’s written primarily to offend, not based on its actual truth or falsehood.


                                                                                                                                                                Should I use the filesystem?

                                                                                                                                                                No

                                                                                                                                                                Some people would have you believe that NULL is the worst mistake in computer science. They make a good case for it, but they’re dead wrong. Shared mutable state is the worst mistake in the history of computers. Ask anyone who has debugged both a segfault and a race condition. They will assure you that the latter is 10-100× more difficult to solve.

                                                                                                                                                                Look at a list of files that your system has touched recently. How many of them have actually been manipulated by more than one program? I’m mostly thinking of the hidden ones, like .bash_history and the .dvdcss directory. Outside of highly-visible but comparatively-rare circumstances, the filesystem is an excessively general abstraction for the “silent majority” of its use. The poorly-defined concept of filesystem atomicity result in a system that simultaneously has both excessive synchronization and not enough synchronization for the purposes of the same application (PostgreSQL, in the case of those two links). It’s impossible to design an fsync() call that provides full-filesystem atomicity while preventing two applications on the same computer from blocking each other, because fsync() is fundamentally a filesystem-global lock.

                                                                                                                                                                What’s worse is that the default behaviour is to allow limitless race conditions. A process has access to the same filesystem space as other processes in your machine, and can do whatever they want with it (as long as they’re running as the same user, which is the default behaviour when you launch processes). You have to take extreme pains to avoid accidentally doing the wrong thing. You’ll probably mess it up, and the symptoms will show up in an unrelated part of the multiprocess system 10 minutes later. There is no shame in making such mistakes — we’re only human, after all. The shame is in believing ourselves super-human, and reaching for a tool that we don’t need, in full knowledge that we’re likely to shoot ourselves in the foot with it. Nine out of ten times, this tool is the filesystem. If you’re asked to dig a hole and you point a pistol between your feet to get the job done… you should have used a shovel.

                                                                                                                                                                But, perhaps your problem requires multiple processes to operate on the same data. In that case — you still shouldn’t use the filesystem! Consider using message passing instead. A good model is an overseer program, which organizes the work to be done and aggregates the results, spawning worker programs to run the actual computations. This is not only much more robust, but it scales better, since you could distribute these programs across multiple computers later on*. This approach is more useful, too, because often the user of the program may have a more novel idea about how to distribute work, and if they can invoke the worker processes themselves, they’re empowered to try it out. This is easier to test and debug for the same reasons. And, in addition to all of these benefits, you get brand new virtual memory scratch space which is much more difficult to fuck up.

                                                                                                                                                                What’s worse is that, while there has been a great deal of attention paid to memory-safety, filesystem-safety in programming languages is essentially nonexistent**. Python, Java, Rust, even Haskell expose almost identical APIs for manipulating files, and that interface is terrible. Database designers since before I was born have known that user data and query code should be connected using prepared statements only, but that’s not how you manipulate paths on the filesystem on any of the major operating systems. If you want to connect user input that might potentially contain a forward slash, the best thing that language abstractions might provide is a function that will error out in the presence of “forbidden characters.” At least HTML has standardized escape sequences; how is it acceptable that, in 2020, we can’t have forward slashes in file names? You want to scrape the IMDB and use it to populate file names? Sorry; those episode titles have forward slashes in them, so you’re going to have to invent some arbitrary, non-standardized character substitution and hope it doesn’t result in a naming conflict. “Don’t fuck with user input” is a pretty low standard for API design, and the filesystem paths fail it.

                                                                                                                                                                Don’t use the filesystem! It’s a trap!

                                                                                                                                                                * NFS is not a solution. Because it’s designed to be transparent to the application, it can’t be both reliable and fast, because the application doesn’t give it enough information to know whether an operation should be retried or failed out if something goes wrong.

                                                                                                                                                                ** The closest you can get is sqlite, which is great, but it can’t really fix the pessimistic synchronization, and it doesn’t work very well with existing tooling like git.

                                                                                                                                                                1. 6

                                                                                                                                                                  Honestly, this mostly makes sense to me? The fact that we don’t have any better solutions to the use cases filesystems address doesn’t mean that a global shared filesystem is a good idea to begin with. In fact, if you look at more recent OSs that cared less about retro compatibility, like the mobile OSs, they all have some sort of per-app scope for filesystem, and in iOS specifically it’s something very abstracted over.

                                                                                                                                                                  I mean, if you were designing a OS today, without any care for any retro compatibility, without any need to support any sort of posix API, would you really provide files and a filesystem as an abstraction for storage? I don’t think I would.

                                                                                                                                                                  1. 1

                                                                                                                                                                    I can’t decide.

                                                                                                                                                                    On the one hand it feels pretty archaic to just store labeled blobs of bits vaguely sorted in a tree and maybe with an extension as a rough type indicator. How are we going to explain this to the kids swiping on the TV? ;) And that in times where we have cloud everything and our phones have share buttons to avoid dealing with files! I am totally on-board with this accidentally true rant.

                                                                                                                                                                    On the other hand pretty much every order I need I can create with the wonderful filesystems we have and I prefer that to dealing with having my files scattered over sharepoints and onedrives and google docs and whatnots.

                                                                                                                                                                    1. 2

                                                                                                                                                                      Your second alternative is not the only other option to filesystems though. It might seem like the only feasible one, but I’m not constraining myself with such minor concerns as “is this even remotely viable in the real world at all”.

                                                                                                                                                                      What if we could have one (or a couple) rich, programmable, safe, and portable interface that every program could (and did) use? What if you could have even more flexibility (or rigidity) at your fingertips to organize your data, in pretty much any device?

                                                                                                                                                                  2. 1

                                                                                                                                                                    You nailed it! I would just add a few solutions like “use INT 13h directly” or “print your data on paper”.

                                                                                                                                                                  1. 2

                                                                                                                                                                    Are there any reputable, reliable VPS providers that use servers with a single socket, uniform memory, and local NVMe SSDs? I believe Linode, DigitalOcean, and Vultr all have the local SSD part covered, but I don’t know about the other parts.

                                                                                                                                                                    Yes, I’m attacking this from the opposite direction: bringing servers down to the scale of our laptops. I believe that’s viable for a great many applications that don’t need really big servers.

                                                                                                                                                                    1. 12

                                                                                                                                                                      The problem with trying to take this approach is that it’s far more power efficient to have one server with a bunch of VMs than to have a bunch of servers. All those fixed costs get folded into one.

                                                                                                                                                                      I guess you can add the workload to one of those set-top boxes, like a DD-WRT router, which you probably use anyway. But those things are a lot slower than your laptop is, so it’s not really comparable.

                                                                                                                                                                      1. 1

                                                                                                                                                                        If we cared about power efficiency we would charge for power and not bandwidth in hosting facilities

                                                                                                                                                                        1. 9

                                                                                                                                                                          The fact that hosting facilities don’t (necessarily) charge by the watt does not mean that the price isn’t accounting for power use.

                                                                                                                                                                          There is a limited amount of power that one server can actually use before it overheats. This is inevitable; a standard rack unit has a fixed surface area through which you can dissipate heat, and heat is basically the only place that the energy can go.

                                                                                                                                                                          If you need more, then you have to use more than 1U. In this way, charging for space (which hosting facilities definitely do) is equivalent to charging for power.

                                                                                                                                                                          1. 5

                                                                                                                                                                            FWIW the last time I used a colo facility for real work(*), they charged for bandwidth, space and power separately.

                                                                                                                                                                            (* I’d tell you which because they were rather good, but unfortunately they later got bought out by a competitor and the service has, according to the grapevine, fallen off a cliff.)

                                                                                                                                                                            1. 3

                                                                                                                                                                              Not my department exactly, but I’m 80% sure we charge for power too. (Servercentral)

                                                                                                                                                                              1. 2

                                                                                                                                                                                I am also a SC customer! But I don’t deal directly with the hosting stuff at this job. Last I knew though the power related charges were for the size of circuit and another charge for redundant power. But there’s no charge for /usage/ which would be more relevant because of the BTUs the facility has to remove. That cost is far more than our transit.

                                                                                                                                                                          2. 3

                                                                                                                                                                            As @notriddle points out, most VPS providers are going to use many-core servers so they can pack many VMs on one host. So it can be hard to find the higher clock speeds associated with “laptop” hardware.

                                                                                                                                                                            However, my understanding is that most providers will at least try to give you VMs within a single NUMA zone if the selected VM size will fit.

                                                                                                                                                                            So, for example, my 4-core Digital Ocean VPS is running on a server with a Xeon Gold 6140 CPU, and it’s very likely that the server in question has multiple sockets. But because it’s only 4 cores and that CPU has 18 physical cores (36 hyperthreads), my little VPS reports that it only has one NUMA zone.

                                                                                                                                                                            (This is something you can check really easily using lscpu, which will report not just the CPU model and features, but how many NUMA zones are present!)

                                                                                                                                                                            There do exist some providers that use single-socket consumer hardware for some machines. OVH, for example, provides some dedicated machines with Intel i7 processors. (“Reputable and reliable” are in the eye of the beholder; I’ve personally had poor experiences with vendors that run consumer hardware in datacenters, but that doesn’t mean they’re necessarily a bad choice…)

                                                                                                                                                                            1. 1

                                                                                                                                                                              (This is something you can check really easily using lscpu, which will report not just the CPU model and features, but how many NUMA zones are present!)

                                                                                                                                                                              Not necessarily. It will report the number of NUMA zones that the CPUID instruction reports, but the CPUID instruction can be trapped and emulated by the hypervisor. Most hypervisors will do this to allow migration (advertising the minimum features, so software doesn’t depend on features that won’t be present on the host that you migrate to). It’s entirely possible that you’re in one NUMA zone, two NUMA zones, or either one or two NUMA zones depending on the current pseudo-physical to physical memory mapping, but CPUID is trapped and emulated to report two. You can try allocating a load of memory scattered over your pseudophysical address space and measure latency, but if your VCPUs are being migrated between the two sockets then you’ll need to do a lot of samples to get accurate timing.

                                                                                                                                                                          1. 4

                                                                                                                                                                            As long as HTTP is supported, everything is alright. I guess at some point web browsers will stop processing js served through HTTP, so that the “this site is insecure” icon will lose its meaning and civilized people can get back to plain http for simple static sites (instead to resorting to gopher and whatnot).

                                                                                                                                                                            1. 8

                                                                                                                                                                              I like the idea of removing JavaScript from plain HTTP. Give us back the Simple Web!

                                                                                                                                                                              1. 5

                                                                                                                                                                                It seems to me that there is a large portion of the web/browser community that would rather just drop support for HTTP altogether. Hopefully they won’t do that, because IMHO we need simpler protocols and tech, not more complex. Modern trends like HTTP/2, Kubernetes and whatnot are all adding complexity, while practically no new inventions reduce it. Sooner or later it will be impossible to understand how it all works, even dedicated experts will only understand a tiny portion of all the moving parts.

                                                                                                                                                                                1. 2

                                                                                                                                                                                  What does enabling JS have to do with the move from HTTP to HTTPS? HTTPS is about encrypting the requests/responses, not preventing XSS.

                                                                                                                                                                                  1. 4

                                                                                                                                                                                    I can’t speak for anyone else, but I’m thinking of events like the one that took down GitHub a few years ago.

                                                                                                                                                                                    It’s not technically the same scenario, since they injected the scripts through an ad network rather than a MITM attack, but it does match a general rule: allowing third parties to inject arbitrary JavaScript into your web site is no better than running Windows 98 on the public internet. Even if there’s nothing valuable on the computer, the computer itself is valuable enough to hack.

                                                                                                                                                                                    And everyone should be running an ad blocker, of course. The web really is this era’s equivalent to the DOS-based family of Windows.

                                                                                                                                                                                    1. 3

                                                                                                                                                                                      I am a vocal proponent of using HTTP and not using HTTPS for displaying unsecure static data to the world. The increased complexity of HTTPS and its need to depend on third parties are too strong inconveniences for such a basic usage. I argue that my website is a sand castle in the beach, for everyone to look at, and I do not really care if some random visitors (“attackers”, if you want) come and put their name or whatever they want on it.

                                                                                                                                                                                      The invariable reply to my pleas is that using HTTP can not only be used by others to mis-represent my work (which I do not care about), but that it is actually evil. The reasoning is that some man in the middle can attack the communication channel and inject evil code that will “steal the credit cards” of my readers, and that this theft will be entirely my fault for providing an insecure channel. I find this argument particularly offensive and complete bullshit, but I have heard it so many times that I guess that many people are worried about that. Since you cannot realistically steal credit cards without javascript or some form of scripting, I would be really happy if browsers blocked scripting over http. This will make http great again for personal static sites.

                                                                                                                                                                                      1. 3

                                                                                                                                                                                        I’ve legit seen ISPs in certain regions inject ridiculous ads and track the content of HTTP pages people visit.

                                                                                                                                                                                        1. 3

                                                                                                                                                                                          I’m thinking less about stealing the credit cards and more about redirecting traffic to malicious servers which can install malware. https://theintercept.com/2014/03/12/nsa-plans-infect-millions-computers-malware/

                                                                                                                                                                                    1. 2

                                                                                                                                                                                      Another perspective on these: constants: many readers, no writer (implies read-once) cache: many readers, one writer (an optimization) state: many readers, many writers (hell)

                                                                                                                                                                                      1. 5

                                                                                                                                                                                        Wayland has a protocol? I thought Wayland was supposed to not be like X windows … or am I missing something here?

                                                                                                                                                                                        1. 7

                                                                                                                                                                                          Wayland is a protocol (and a C implementation of that protocol).

                                                                                                                                                                                          But Wayland does not have network transparency - the rendering is done directly by the client.

                                                                                                                                                                                          1. 6

                                                                                                                                                                                            Wayland IS a protocol. The protocol defines how clients (typically applications that have a buffer of pixels that they want to display and want to listen to input events) communicate with the server, aka the compositor, which manages the hardware (e.g. output and input devices), displays applications buffers where appropriate on the screen, and delivers events to the appropriate application.

                                                                                                                                                                                            One difference with the X architecture is that there is no universal X server; instead, the compositor combines the role of the X server and the window manager. Reusable components for handling the low level details of the wire protocol or hardware devices exist as separate libraries (for example, libinput, xkbcommon, libwayland), on top of which different compositors can be build.

                                                                                                                                                                                            The wikipedia page looks like a good read for more general information of that kind.

                                                                                                                                                                                            1. 4

                                                                                                                                                                                              To be a little more specific than just “Wayland is a protocol”, let’s quote https://git.sr.ht/~sircmpwn/wayland-book/tree/master/src/protocol-design/wire-protocol.md#transports:

                                                                                                                                                                                              To date all known Wayland implementations work over a Unix domain socket. This is used for one reason in particular: file descriptor messages. Unix sockets are the most practical transport capable of transferring file descriptors between processes, and this is necessary for large data transfers (keymaps, pixel buffers, and clipboard contents being the main use-cases). In theory, a different transport (e.g. TCP) is possible, but someone would have to figure out an alternative way of transferring bulk data.

                                                                                                                                                                                              1. 3

                                                                                                                                                                                                “Protocol” as in “interface”, a set of operations, resources and rules. Not like a network protocol where the interface is designed to map to packets on the wire.

                                                                                                                                                                                                1. 2

                                                                                                                                                                                                  It is pretty much a network protocol. For communication between a Wayland client and server, messages are sent over a UNIX domain socket (for reasons that @notriddle cited). The C API just abstracts over that.

                                                                                                                                                                                                  1. 2

                                                                                                                                                                                                    …I actually just learned this due to /u/notriddle ’s post. Dang.