1. 1

    This seems a very strange definition of “undefined behavior”. At first it seems to be referring to the same concept as C, but there’s nothing undefined about accessing a uint8_t variable through a uint8_t pointer.

    1. 4

      What do you mean?

      C pointers, as far as I understand them (I not an expert C standard rules lawyer), can be chopped up into about three categories

      • restrict pointers, which definitely allow you to invoke UB by accessing a uint8_t pointer through a uint8_t pointer, if you deference two different aliasing pointers, one of which is restrict.

      • “normal” pointers, which are still subject to the strict aliasing rules in standard C. This definitely means you can access a uint8_t variable through a uint8_t pointer, but you can’t access the first byte of an int through one unless you do an appropriate dance through union. Otherwise, it’s undefined behavior.

      • “generic” pointers, namely void* and char*, have no aliasing rules. About the only way to invoke undefined behavior is to alias them with a restrict pointer, or dereference them when they dangle.

      You’ll notice that this article describes two different types of pointer in Rust:

      • References, which are a bit like restrict pointers in C.

      • Raw pointers, which are a bit like “generic” pointers in C, but can exist in any type, not just c_char.

      “a bit like restrict” is a complete oversimplification, though. The real deal of how any of these things work is the spec. The C spec is at least as bad as this article is for Rust.

      1. 1

        The first code example, in C:

        uint8_t x;
        uint8_t *y = &x;
        x = 7;
        *y = 5;
        

        Or whatever. There’s nothing undefined about that.

        1. 4

          That’s not a completely accurate translation. An accurate translation would make the pointer a restrict pointer, and it would be undefined behavior in C too.

          An easier way to look at it is this: In Rust, some things that would be UB in C (e.g. strict aliasing violations) are not UB in Rust, however other things that not UB in C (writing through multiple aliases that are not marked as unsafecell) are UB in Rust.

          The final nature of undefined behavior in Rust will likely not map cleanly to C concepts. We can refine the concept of restrict pointers a lot, for one.

      2. 3

        Yes, Rust has its own cases of undefined behaviour. Especially that &mut references are not allowed to alias and are always unique, so getting hold of a second on the same value while one is already active is undefined behaviour. unsafe allows you to create that case.

        The nomicon has an example why breaking this rule does matter, as the compiler will rely on the uniqueness of &mut references. https://doc.rust-lang.org/nomicon/aliasing.html

        The example is trivial, but &mut needs to be globally unique (its on of the core guarantees of Rust), so some care is necessary when handing them out from Rusts unsafe blocks.

        Ralfj has more writing on this (that’s his research topic).

        1.  

          Thanks. I missed some context.

          cc @notriddle @Manishearth

          1.  

            You’re welcome.

      1. 6

        We recommend adding a text string above the Open With… buttons that reads, “Click a button below to open the file in an appropriate application.”

        Wow. That is not how the GNOME team would have tackled the problem nowadays. I was expecting something more like.

        We recommend removing the list of applications and replacing it with a single “Edit” button and a smaller “open with other application” button.

        UI attitudes have definitely changed.

        1. 2

          I think the GNOME developers now would remove Open With entirely, because choosing an application is not something an end user would ever do, much like they entirely removed screensavers, entirely removed being able to manage which accounts show up on the login screen, &c.

          1. 2

            they entirely removed screensavers

            Sarcasm?

            1. 2

              No, GNOME Screensaver just blanks the screen; they completely got rid of the ability to run actual screensavers: https://mail.gnome.org/archives/gnome-shell-list/2011-March/msg00340.html

              1. 1

                I know they actually removed them. I was asking if it were sarcasm that you’re upset about it. Screensavers are terrible for the environment; they’re a massive waste of electricity. I’m surprised anyone actually wants them back.

        1. 14

          Go strikes me as one of the most conservative programming languages available today. It’s small and simple, and every detail is carefully thought out. There are very few dusty corners of Go - in large part because Go has fewer corners in general than most programming languages. This is a major factor in Go’s success to date, in my opinion. Nearly all of Go’s features are bulletproof, and in my opinion are among the best implementations of their concepts in our entire industry.

          https://stackoverflow.com/questions/43059653/golang-interfacenil-is-nil-or-not

          1. 10

            Of all the noise that’s resulted, that’s probably one useful result. Somebody on HN posted a similar link. (https://dave.cheney.net/2017/08/09/typed-nils-in-go-2) It’s something I’d vaguely remembered, but it’s always good to have a refresher.

          1. 14

            This doesn’t address encrypted email at all. I know all the cool kids hate email and want everyone to adopt DiscordSlackJabber, but some of us think email is still importand and a crazy useful tool for all kinds of communication.

            1. 15

              Email is the only free and universaly recognised communication protocol on the internet. It has lots of problems, but is the de-facto lingua franqua of the business internet, the only way to reliably reach someone outside walled gardens.

              1. 3

                Couldn’t agree more. I REALLY don’t understand the distaste for it I’m seeing almost universally among younger people, even younger people technically astute enough to know better.

              2. 10

                Email is the universal internet communication protocol. PGP email is not. And the migration plan from plaintext email to PGP email, being completely manual, has also completely failed.

                I know of a couple of attempts to do automatic encrypted email. Transport layer encrypted email is actually pretty common, even GMail does it. There’s also ProtonMail’s attempt to do E2E within a webmail client, though I don’t really trust it because, you know, they could just serve me a modified client that leaked my key and I’d never know.

                1. 3

                  I’ve been thinking about a tool leveraging NaCl to build a 21st-century PGP alternative. The time’s right.

                  I’d like to avoid ASN.1 and have something readable (so not MessagePack/Protobufs/Thrift) and clean (so not JSON). I need to read up a lot more about the details of what OpenPGP offers in order to intelligently figure out what a format really does need, and what can be left out.

                  And then some things are really difficult to handle over email itself (e.g. you’re never going to have an email axolotl).

                  1. 3

                    Well then, we should take some of the tools mentioned, add a bit of glue, and write one! Make plugins for mutt, Thunderbird and K9, plus a client-side-only web service people can just copy-paste encrypted messages into, and people will have no excuse for not using it. :D

                    1. 6

                      I don’t think the problem is mutt/K9 users, it’s the multitude of users using either apple, gmail, or microsoft ‘web’ email. The default way they use these services is via an android or ios app, or the provider’s web portal thing. You would need to effectively make a new client altogether, not some plugin for some proprietary interface, or convince most of them to switch to a client that allows you to make plugins/changes (mutt/K9/Thunderbird/very few others?)

                    2. 2

                      Practically every email client (even PINE) support S/MIME signed or encrypted emails. They are heavily used within the US Government for confidentiality and non-repedudiation.

                      1. 2

                        Gmail doesn’t, fastmail doesn’t. Apple mail does, but most of the security conscious people who try to send me encrypted email don’t use S/MIME. Guess it’s not secure … enough?

                        1. 3

                          To keep it simple, I just tell folks to encrypt text or zip files to send as attachments with nothing in subject or body hinting at contents. Reduces usage to basically five commands in GPG: creating one’s own key, adding others, listing keys to get email address if they forget it, encrypt file to email, decrypt file. I can give cheat sheets for those commands. By using attachments, I block risks that come with the email programs interacting with the crypto. Vulnerabilities of that nature have been submitted here, too.

                          It’s also simple. The email part is something they’re already doing. The crypto part is something easy to learn. The platform is still on a decentralized protocol. There’s no data lockin.

                          1. 2

                            I’m very surprised to hear GMail doesn’t since they are interested in working with the US Government. S/MIME is as secure as any other PKI approach.

                            The US DOD moved from using a specialized protocol for the Defense Messaging System to S/MIME, for example: https://www.public.navy.mil/bupers-npc/reference/messages/Documents2/NAVADMINS2/NAV2010/NAV10249.txt

                            1. 1

                              They do, but only for G-suite for enterprise and educators: https://support.google.com/a/answer/6374496?hl=en

                      1. 7

                        No screenshots? I’m curious what the tablet gmail interface would look like before and after replacing icons with “write an email” and “send an email”.

                        1. 9

                          Knowing what I know about how Google works (I work in Google Apps), what the UX testers did was probably sample a few dozen people. I bet no more than 5% of people could not successfully create and send an email. When Googlers see numbers like this, we tend to ignore them, instead of trying to figure out why that is and fixing them. It’s tyranny of the majority applied to every change. If you’re in a small minority, the company won’t cater to you. It’s justified and it’s not.

                          1. 15

                            It’s not just that.

                            Someone who’s in a usability study is going to try to complete the task. After all, they know the tasks assigned to them are in possible, and they know that if they mess up nothing of value will be lost. Someone who’s on their own is much more likely to give up, either because they don’t know it’s possible to begin with, or because they’re afraid of losing their own data.

                            1. 2

                              That is a good point. Usability studies have structural bias that hides just how invisible UI elements can be.

                        1. 4

                          About the flag thing - I rarely if ever see the US flag used to denote the English language. I do, however, often see the Union Jack taking that role. That kinda always made sense to me.

                          1. 1

                            Insert note about Gaelic languages here.

                          1. 2

                            Why not simply go the Nix way? I have found it to be very reasonable during merges.

                            Specifically, one can either stick with a JSON like format or expand the data into a dotted format.

                            1. 3

                              My understanding is that Nix provides a DSL, but TOML and JSON are just data. Are these really equivalent?

                              1. 1

                                Nix provides the DSL as a configuration language, which can be used instead of TOML here. For example, see this example (not mine).

                                1. 2

                                  Yeah, but it’s Turing Complete. Which is nice if you intend to always modify it by hand anyway, since you can write custom functions to reduce the file size, but it also means that programs like dependabot go from parse-tweak-serialize to IDE Refactoring Engine.

                                  1. 6

                                    Perhaps Dhall may be a better choice then?

                                  2. 1

                                    Looks like a nice language! Thanks for the example. How is the parser support across various languages?

                                    1. 2

                                      Well, lacking at this point. There is only Java, Go, Rust, and Haskell, Ocaml and I suppose C.

                                      I would like to note that Dhall might also be a better choice (In that it is better designed to be a configuration language than any of the alternatives, and has a number of language bindings in progress. Unfortunately F# is not one of them.)

                                    2. 1

                                      Haven’t they simply copied HOCON? At least it looks a lot like it.

                                      1. 3

                                        Good point

                                        According to the git history, HOCCON started out in 2011

                                        commit 9ca157d34a4f2e14ac0d88de001611bcf3e911d0
                                        Author: Havoc Pennington <hp@redacted>
                                        Date:   Sat Nov 5 16:45:25 2011 -0400
                                        
                                            WIP initial sketch
                                        

                                        where the nix project started out in 2003:

                                        commit 2766a4b44ee6eafae03a042801270c7f6b8ed32a
                                        Author: Eelco Dolstra <eelco.dolstra@redacted>
                                        Date:   Fri Mar 14 16:43:14 2003 +0000
                                        
                                            * Improved Nix.  Resources (package descriptors and other source
                                              files) are now referenced using their cryptographic hashes.
                                            
                                              This ensures that if two package descriptors have the same contents,
                                              then they describe the same package.  This property is not as
                                              trivial as it sounds: generally import relations cause this property
                                              not to hold w.r.t. temporality.  But since imports also use hashes
                                              to reference other packages, equality follows by induction.
                                            
                                            svn path=/nix/trunk/pkg/; revision=5
                                        

                                        I guess Nix gets the precedence by ~ a decade here.

                                        But to be completely honest, if we make abstraction of some implementation details (builtins, builtin types, strings contexts, …), Nix is just about combining sets using some lambdas. They are probably not the first to come with this design and are unlikely to be the last.

                                        1. 1

                                          I didn’t know. You are right, it does look a lot like it.

                                  1. 8

                                    The timed (or dynamic) wallpapers in macOS Mojave also use the azimuth of the sun to try to mimic the day/night cycle you see outside on your computer.

                                    Marcin Czachurski spent a lot of time (1, 2 and 3) reverse engineering the file format – it’s based on an HEIC container, I think.

                                    In my experience, it’s not all that accurate – the sun sets much faster outside than on my computer.

                                    1. 2

                                      That’s interesting. I guess the ultimate in wallpapers would be to raytrace the desktop wallpaper with accurate lighting as Earth rotates and revolves around the sun.

                                      1. 4

                                        I remember using xplanet to do something like that like 10 years ago. It would set my X background to a map with accurate day and night indication. I wish there was something like it for modern high resolution screens.

                                        1. 3

                                          I used xplanet to show me a view of Mars. I can’t remember whether it was rotating in realtime or not… I believe it was. Fascinating piece of software, which I don’t think ever made it off Linux.

                                          1. 3

                                            I’d forgotten all about xplanet. Thanks for that trip down amnesia lane!

                                          2. 3

                                            This sounds like a job for WebAssembly.

                                            I’m only half-joking. It sounds like a method that could work, compiling one of those business card raytracers into a program that draws your wallpaper without being able to do arbitrary I/O. Better than Windows .scr screensavers, which are literally just executable complete with the ability to do arbitrary system I/O (so many old viruses pretended to be screensavers…)

                                            1. 1

                                              There is a project offering 3D animated wallpapers, named livewallpaper.

                                              Check out the livewallpaper package if you are using Arch Linux.

                                        1. 4

                                          Sounds like all these arguments apply to any threading program. Go is not the same as Goto because you keep your thread of execution, despite adding another.

                                          1. 2

                                            Yes, they do apply to any threading program, which is the point—you’re applying the analogy too literally. Goto is a low-level mechanism that was (largely) replaced by a higher-level mechanism (structured programming) that did the same work in a much more understandable and reliable way. In SAT terms, goto is to structured programming as today’s thread APIs are to structured concurrency.

                                            1. 2

                                              We did have C style concurrency with pthreads, that just sucks. The go statement gives us back our ability to thread without the boilerplate. Nurseries remove the ability to “just take care of it while I’m not looking” with more boilerplate.

                                              1. 3

                                                Are the if/then and for statements just more boilerplate too, then?

                                                1. 0

                                                  Yes. If we could do with zero boilerplate we would. Look at Shell with its && and || making it fast to test assumptions without the boilerplate of an if.

                                                  1. 5

                                                    Any time I look at raw TLA+ I’m reminded of how much I appreciate abstractions above logical dis/conjunction

                                                2. 2

                                                  The article literally lists pthreads as an example of the “go statement.”

                                            1. 17

                                              You know, I have a real problem with agreeing with the claim while disagreeing with the examples. Contrary to the author’s claims, the CSS layout system is freakishly complicated, the fully generalized RDF semantic web was dead on arrival, I have to side with the linguistic descriptivism that led to the HTML5 parser, and as for URLs, the widespread success of phishing attacks proves that they don’t work.

                                              But WebAssembly really is the correct solution to the wrong problem. Honestly, so is the aforementioned freaky CSS layout system. The web was never supposed to need either of those things, and the only reason it’s needed now is because of perverse network effects that turned the world’s most popular document database into the world’s worst designed application platform.

                                              1. 3

                                                Also, we have web assembly because googles proposal, native client, didn’t catch on.

                                                1. 6

                                                  And ActiveX and NPAPI and Flash and Silverlight–decades of every browser stake holder trying to find a way to run binaries in the browser.

                                                  1. 1

                                                    Flash absolutely did catch on—it was installed basically universally for years, and failed more because Adobe horrendously mismanaged it than due to fundamental issues with the technology.

                                                    Personally, I don’t think WebAssembly is significantly worse than having Javascript at all. Running random code from the internet is a terminally bad idea (and always has been, even long before Meltdown and Spectre gave us specific, compelling reasons to fear it); it makes precious little difference if that code is in source code form or a binary translation thereof (or, since minification/“uglification” is very common these days, a text translation thereof).

                                              1. -5

                                                I scanned the entire article but could not find any concrete legitimate criticisms. A lot of the article repeats falsehoods like the notion that Bitcoin is environmentally wasteful, or the straw man that to trust Bitcoin you must trust an exchange (not true).

                                                Statements like this are unbecoming of Scheiner:

                                                Do you need a public blockchain? The answer is almost certainly no. A blockchain probably doesn’t solve the security problems you think it solves.

                                                It’s pretty arrogant of him to tell all of the people who do find that Bitcoin solves problems they have that they’re wrong and it doesn’t and that they don’t know what they’re doing, and to do so while repeating one falsehood after another demonstrating his own ignorance about the subject.

                                                1. 22

                                                  Bruce Schneier literally wrote the book on applied cryptography (you know, the crypto part of “cryptocurrency”).

                                                  His points are all true. The blockchain and cryptocurrencies are only good for speculation, scams and potentially for money-laundering but the last one is doubtful given the large swings in value for most of these systems.

                                                  “The blockchain” is an expensive history lesson about the nature of trust and financial regulation.

                                                  1. 9

                                                    expensive history lesson about the nature of trust and financial regulation

                                                    Oh yeah. As Nicholas Weaver put it, literally speedrunning 500 years of bad economics. Tulip mania with CryptoKitties, Tether is a wildcat bank, “smart contracts” are unlicensed securities…

                                                    1. 2

                                                      Schneier also apologised for all the harm done by “Applied Cryptography” in his preface to “Secrets and Lies.” It turns out that implementation is all important, but hard. Yes, he can get it wrong. And he has done so here by conflating trust with removing the need to rely on a central authority for conducting transactions anywhere in the world.

                                                      1. -1

                                                        I see a lot of rhetoric in your reply and nothing else. Your saying that “his points are all true” doesn’t change the fact that they are nonsense upon even rudimentary examination. But you are more than welcome to point to a single valid criticism he makes.

                                                      2. 12

                                                        I’m annoyed by this article, because it doesn’t really cite its sources. So here’s some instead:

                                                        A lot of the article repeats falsehoods like the notion that Bitcoin is environmentally wasteful

                                                        https://digiconomist.net/verify-dont-trust/

                                                        https://www.politico.com/magazine/story/2018/03/09/bitcoin-mining-energy-prices-smalltown-feature-217230

                                                        the straw man that to trust Bitcoin you must trust an exchange (not true)

                                                        https://lobste.rs/s/fq8z3x/even_lastpass_will_be_stolen_deal_with_it

                                                        Got any good ways to deal with risk other than multi-key wallets, which fail by irretrievably losing your money?

                                                        1. 4

                                                          “By comparison, a VISA transaction has a carbon footprint of 0.4 grams (a factor 7,500 difference).”

                                                          Which isn’t the lower bound since their legacy systems probably use mainframes. New hardware/software systems, esp with protocol offloading, could get energy use down further. Think FoundationDB on ARM servers.

                                                          On the client side, the tamper-resistant cards use 16-bit MCU’s with crypto accelerators. Might be worth comparing to whatever cards are in use for bitcoin transactions in performance, cost, energy, and/or tamper-resistance.

                                                          1. 2

                                                            This was already brought up and discussed below.

                                                            1. 6

                                                              I didn’t see client-side addressed. Ledger, Trevor, and KeepKey look expensive compared to either free-for-me, cheap-for-them smartcards from my bank or stuff like Infineon SLE 78 using 16-bitters. Talking to these bank databases costs about $2.20 per chip-enabled card per a Bloomberg article. Magstripe cost 50 cents.

                                                              I am curious where the price points are on the hardware these days. Accessibility, too. Can you participate in Bitcoin network for 50 cents to $2.20 without a computer or messing with any software? And then doing the online stuff, checking for fraud and so on, on the cheapest, Internet-enabled computer on Earth? And can you do that without any more volatile effects on your balance than the U.S. dollar is exposed to?

                                                              1. 3

                                                                Can you participate in Bitcoin network for 50 cents to $2.20

                                                                On-chain transaction fees cost about 2000 satoshis right now (~$0.07), and lightning transactions are a fraction of a satoshi. There are multiple free wallets you can install on smartphones, tablets, laptops, or desktops.

                                                                without a computer or messing with any software?

                                                                Stipulating no software does rule out most ways of interacting with bitcoin. Which I guess was your point?

                                                                And then doing the online stuff, checking for fraud and so on, on the cheapest, Internet-enabled computer on Earth?

                                                                Sure. Even a full bitcoin node only requires hardware about as powerful as a raspberry pi, plus a few hundred gigabytes of storage. “Light” wallets without a copy of the blockchain should run nearly anywhere. You can also check your address balances using a block explorer website. For example, this randomly selected address has 1.22 BTC in it.

                                                                And can you do that without any more volatile effects on your balance than the U.S. dollar is exposed to?

                                                                This is a tough criteria to compete on, even for powerful foreign currencies. There is a “stablecoin” project built on Ethereum called MakerDAO, which uses collateralized smart contracts to issue DAI tokens with a stable $1 value. Personally I prefer accepting bitcoin, but the Maker project looks interesting. Bounties on gitcoin are mostly paid using DAI.

                                                                1. 2

                                                                  Thanks for the update on the transaction fees. That’s pretty awesome. Other points:

                                                                  “Stipulating no software does rule out most ways of interacting with bitcoin. Which I guess was your point?”

                                                                  The existing methods for banking and digital payments can work with minimal, software interaction. They carry a cheap card, swipe it, and optionally hit yes/no to some things. They can get online or paper logs of the transactions for security. Even if the computers go down, there’s paper methods for doing credit charges which I used to do as a cashier periodically. The orders get processed later with any problems or fraud sorted out with standard procedures. Lots of folks still like checks, too. New methods might need to fit into these situations that already work.

                                                                  ““Light” wallets without a copy of the blockchain should run nearly anywhere. “

                                                                  I mean, it’s good to know that. It might address my concern. However, blockchain’s concept is you can’t trust anyone. You need to be verifying stuff with so much on the distributed ledger.. The traditional systems don’t keep logs and check logs since we don’t think that’s necessary for the whole ledger. If not doing the checks (aka trusting outsiders), might as well trust firms and tech that have been delivering for a long time.

                                                                  “You can also check your address balances using a block explorer website.”

                                                                  That’s useful. The usability looks horrible compared to online banking, though.

                                                                  “This is a tough criteria to compete on, even for powerful foreign currencies.”

                                                                  You literally just have to use dollars. That’s it. There’s also a few countries whose currencies are pretty stable. One, Switzerland, has strong laws about finance. It’s only so hard for cryptocurrencies since they’re trying to replace payment systems and currencies. Just doing the former makes the job a lot easier on the payment side.

                                                                  “There is a “stablecoin” project built on Ethereum called MakerDAO, which uses collateralized smart contracts to issue DAI tokens with a stable $1 value. “

                                                                  Now, that is interesting. That also looks incredibly complicated. Lots of potential risk in the description. At least they had a fale-safe provision toward the end in event of security breaches and such that was controlled by voting. I like that. Better than pretending nothing can happen. Bookmarking it.

                                                                  “Bounties on gitcoin are mostly paid using DAI.”

                                                                  Gitcoin is interesting, too. The dollar amounts on the side look decent. I occasionally run into people looking for stuff like this. I’ll pass it on.

                                                                  “There are multiple free wallets you can install”

                                                                  Far as these side projects, just finished my trial of AliExpress with small-ticket items. That went about as smoothly as you might guess. My SharkWatch is nice, though. Helps the memory-impaired keep date in mind while still looking cool. Be nicer if they send me the manual. Last seller issue I’m working on. AliExpress might be safe for clothes and stuff. Just nothing needing manuals, quality, or water resistance. ;)

                                                                  Note: It’s actually a good example of why I like escrow and chargebacks being available. The possibility of them plus reputation helped in two cases. Had to use it for real in one.

                                                                  Although I’m pretty overloaded, being doing with AliExpress experiment leaves me time to try some cryptocurrency. I might try to put a small amount of money into some of these things just to get a feel for what using it is like today. Just a little use here and there over this year. Let’s say I’m focusing exclusively on Bitcoin (esp w/ Lightening), Ether, Dai, and Zcash. I’m on Linux and Android. What app? What exchange (esp easy conversions between them)? What is trustworthy? What tutorials do yall give people for deposit, buy, and withdrawl? And what general-purpose sites become my new stores or whatever that accept payment?

                                                                  1. 3

                                                                    Hey Nick! Pleasant surprise to see a reply from you; I assumed this thread was dormant by now.

                                                                    I don’t have a great answer for your offline-only situation, but here are some thoughts:

                                                                    1. You could hand someone a paper wallet with the exact amount of bitcoin in it that you want to transfer. This isn’t ideal, because the wallet creator could have a copy of the private key. You need to withdraw from that wallet as soon as possible.
                                                                    2. OpenDime is a hardware wallet designed to be handed off, but they cost $13 each. Because the private key is only stored inside the device, it’s more trustworthy than a paper wallet. It also includes software for checking the balance.

                                                                    It’s funny that you mention checks because I can hardly think of a less secure way to transact. When I learned that checks have your account number in plain sight, with no authentication mechanisms for deposit/withdrawal, I was shocked.

                                                                    Overall the offline situation isn’t well-addressed by bitcoin, but I’m not sure that it needs to be. Credit cards also require an internet connection. The new stipulation is that you need a smartphone or PC. I think this is reasonable. In catching up to the developed world, Africa skipped over the card/check stage and went straight to mobile payments.

                                                                    Regarding light wallets, I definitely believe that people ought to run their own full nodes. Light wallets are still useful because they can run on lightweight devices and connect to your full node running at home. There isn’t enough room for the blockchain on my phone, so I must use a light wallet on that device.

                                                                    MakerDAO is certainly interesting. It is complicated, but I like how it brings all that financial sausage to the forefront. Banks are just balance sheets: assets matched against liabilities. So it is with Maker. One important note: Maker relies on the value of Ethereum for collateral purposes. It can’t exist independently of valuable collateral.

                                                                    There are many different visions of what cryptocurrency is and should be. My favorite narrative is uncensorable e-gold. The most common other narrative I encounter is e-cash: an amalgam of “bank the unbanked”, “free/cheap payments”, and “non-volatile store of value”. DAI is a pretty good e-cash, but I want e-gold. I believe bitcoin has the best monetary policy of any currency (including physical gold), and I am able to stomach today’s volatility. That’s obviously not true of everyone.

                                                                    Spending just one paragraph on the e-gold narrative, I’ll focus on the stock-to-flow ratio. Gold and silver have historically been the best reserve assets because of their scarcity. All newly-mined metal deposits dilute the existing supply, which requires new saving to offset the supply increase or the price will drop. Gold’s stock-to-flow is over 60x. Silver is in second place with around 20x. This means that given the same yearly savings rate, gold will be 3x as valuable as silver. The superior stock-to-flow ratio means gold actually attracts much more investment and commands a significantly higher price than silver. Bitcoin started with a very high emission rate, which has slowed down over time. Every 210,000 blocks (about 4 years) the rate of bitcoin creation is halved, which is highly correlated with an increase in bitcoin price. After the next halving, bitcoin will have a better stock-to-flow ratio than gold.

                                                                    Here are falsifiable predictions I expect will be borne out in the coming few years:

                                                                    • Cyclical corrections have a 85-90% price drop. We are at or near the bottom for this cycle.
                                                                      • Failure = a price drop below $2k (weak failure) or $900 (strong failure)
                                                                    • The absolute cyclical low will be made before the May 2020 halving.
                                                                      • Failure = a new low after the halving
                                                                    • The old peak price of $20k will be surpassed after the next halving but before the end of 2022.
                                                                      • Failure = no new all-time-high by the end of 2022
                                                                    • The next peak price will occur before the end of 2023.
                                                                    • There will be another bubble burst after the next cycle peak, followed by yet another >80% drawdown.

                                                                    It is harder for me to champion bitcoin’s e-cash narrative because it’s not something I personally prioritize. I would rather transact entirely in bitcoin than repeatedly cross through crypto-fiat gateways, which admittedly have a lot of friction. Speaking of which, I wasn’t aware that you could pay with cryptocurrency on AliExpress; how are you managing that?

                                                                    I like escrow and chargebacks being available. The possibility of them plus reputation helped in two cases. Had to use it for real in one.

                                                                    Chargebacks are nice to have in a spending asset, but not in a savings asset. I think it’s important that base-layer money is not susceptible to chargebacks or other seizure. Consider how many businesses charge less for payment in cash. In addition to credit cards’ transaction fees, they also have a chargeback risk. This is even more important on the international stage. It is very scary to Russia and China how the USA is willing to interrupt SWIFT payments as a political weapon, or reassign ownership of a central bank account as in Venezuela. Those two nations are currently focused on acquiring physical gold, but it underscores the same property: protection against asset seizure.

                                                                    Escrow services are available for bitcoin, although not many long-lived or reputable ones. Another option is a 2-of-3 multisig wallet, which only requires two of three keys to release the funds. That building block would allow you to implement escrow with your own trusted 3rd party.

                                                                    My favorite cryptocurrency software (entirely FOSS, of course):

                                                                    • Electrum - Rather than generate an inscrutable private key, Electrum helps you generate a seed word phrase which is much easier to write down and remember. You can save wallet data in an encrypted file, or re-enter your seed phrase if you’re using an amnesiac OS such as Tails.
                                                                    • bitcoind - The reference full node implementation by Bitcoin Core.
                                                                    • lnd - One of several Lightning Network node implementations. Pierre Rochard wrote a thorough guide to setting up lnd, including a GUI node launcher and screenshot-supplemented instructions. Note that lightning is still experimental; it works and is incredibly fast, but you should only use it with small amounts while it gains maturity.
                                                                    • Samourai Wallet - A light wallet with support for very cutting-edge features, especially those which help with privacy. Integration with OpenDime. They plan to sell plug-and-play full nodes which can be paired to your light wallet.
                                                                    • Wasabi Wallet - A light wallet that implements “trustless coin shuffling with mathematically provable anonymity: Chaumian CoinJoin”. All outgoing payments are shuffled with other Wasabi users. Supports Tor and other privacy features.
                                                                    • Metamask serves well as an Ethereum hot wallet. It also works with ERC20 tokens such as DAI.

                                                                    Electrum was the target of a phishing attack. It’s probably a good idea to use GPG to verify any/all of the above software if you plan on using it to handle large sums.

                                                                    I don’t know of any completely-open hardware wallets apart from OpenDime, which isn’t exactly designed for everyday spending. Trezor and Ledger are the two most popular hardware wallets, and they are mostly open-source. They support a multitude of coins, including BTC, DAI and the others you named.

                                                                    I don’t like most exchanges, I merely tolerate them. USD to BTC conversion typically requires going through KYC/AML laws and involves a fee. I am marginally satisfied with Coinbase. The regular UI is simplified and has a 1.5% to 3% fee. If you login to Coinbase Pro and set a limit order below market price, then there is no fee but you’ll have to wait for your order to fill. Another US alternative is Gemini.

                                                                    Bisq is a decentralized fiat-to-BTC exchange that looks promising, but the liquidity just isn’t there yet. I hope it grows and will be paying close attention.

                                                                    In case you missed it, check out my other comment where I respond to the per-transaction energy cost.

                                                          2. -2

                                                            Perhaps you didn’t see, but I edited my comment with a link explaining why the media blitz about Bitcoin and the environment is politically motivated fake news as usual. I can dig up more links on that subject if you would like.

                                                            Re the risks associated with holding your own keys (as you should), sure:

                                                            • Backups
                                                            • Multisig
                                                            • Paper wallets
                                                            • Social key recovery (we are seeing several wallets with this feature)
                                                            1. 9

                                                              Perhaps you didn’t see, but I edited my comment with a link explaining why the media blitz about Bitcoin and the environment is politically motivated fake news as usual.

                                                              The first link I posted, the Digiconomist one, was a rebuttal to that very Hacker Noon article. It’s not like I didn’t know about it.

                                                              Re the risks associated with holding your own keys (as you should)

                                                              Most people suck at IT. They are aware of this, and make the conscious choice to avoid being in charge of their own security wherever possible. Hence keeping all their coin in exchanges. Hence consulting companies who offer to take care of all of it for a fee.

                                                              1. 1

                                                                What exactly about that article did you find convincing? The ease with which one can measure Bitcoin’s energy consumption?

                                                                That isn’t an argument about why Bitcoin is bad. It’s an argument in favor of Bitcoin over the existing financial system.

                                                                1. 11

                                                                  Well, lets compare this throughput per CPU or watt in regular banking to what the Bitcoin network does with the piles of mining hardware it references. It’s taking over a thousand times the hardware, each one uses several times more energy than a regular server, and the result is way fewer than 2+ million transactions a second non-blockchain tech hits.

                                                                  So, the system is clearly using a mind-boggling amount of energy to do a tiny fraction of the same work. Even having mutually-suspicious parties rerunning the same workload on databases checking security 10 times over still doesn’t get hardware/energy usage nearly as high or transactions nearly as low. Bitcoin is just, by design, higher energy for lower work than other tech optimized for throughput and/or energy.

                                                                  Also note that Im using a strongly-consistent database. Might be able to do what I described with one of the eventually-consistent, key-value stores. They’re usually way faster.

                                                                  1. 1

                                                                    So, the system is clearly using a mind-boggling amount of energy to do a tiny fraction of the same work.

                                                                    You’ve shown no evidence of this so far. Comparing Bitcoin to FoundationDB makes no sense at all.

                                                                    I’m more than willing to cede the point if I see a remotely fair comparison for the services provided, but I’ve yet to see anyone do one.

                                                                    1. 6

                                                                      I said in how banking normally does it. The transactions would be in regular databases checked by multiple banks and/or regulators. I used 10 in my example.

                                                                      Tiny fraction of your model. Get robbed way less with insurance up to certain point. Chargebacks helped me deal with bad merchants. Stolen cards had me liable for nothing or $50 max. My wallet device is free and easy to make.

                                                                      Bitcoin sucks in comparison.

                                                                      1. 4

                                                                        lets compare this throughput per CPU or watt in regular banking to what the Bitcoin network does

                                                                        I said in how banking normally does it.

                                                                        Even if we ignore everything outside of the USA, “how banking normally does it” requires thousands of armoured Loomis Fargo trucks, tens of thousands of climate-controlled brick-and-mortar locations, half a million tellers commuting to work…
                                                                        …all of which was left out of the Bitcoin vs. DB comparison.

                                                                        The energy cost of a Bitcoin transaction is (relatively) easily apparent because effectively all of the energy Bitcoin uses is directly tied to transaction processing. By contrast, the energy cost of a “normal bank transaction” is harder to compute because a large portion of it is effectively an externality.

                                                                        1. 5

                                                                          “ requires thousands of armoured Loomis Fargo trucks, tens of thousands of climate-controlled brick-and-mortar locations, half a million tellers commuting to work…”

                                                                          Bitcoin is bootstrapped by and interacts with that system. So, it uses all of that, too, on top of its own energy use. They exist together until nobody ever brings a dollar to or from the Bitcoin ecosystem. That’s always left out of Bitcoin supporters’ comparisons. Apples to oranges, though, since all that isn’t required if our alternative system ditches cash. Now, let’s design an apples to apples alternative since, like Bitcoin, we’re free to come up with arbitrary designs for alternatives.

                                                                          “Bitcoin vs. DB comparison.”

                                                                          Money is just numbers in databases at the Federal Reserve and all its banks. The centralized alternative would just be these databases I describe saying how much money you have. Then they describe the changes in the transactions. That’s all it takes if we’re just talking moving money around. There’s online banks with no branches or cash. There’s platforms like Venmo for digital transactions. If you don’t want physical cash, then we can indeed create online banks without all you describe or payment providers like Venmo/Paypal.

                                                                          In my model, decentralized checking just requires a standardized way for them to exchange logs, multiple parties running checks (hashes/sigs/comparisons), and standardized ways to deal with problems (the security protocols). Throw in a number of participants in different countries, mostly with laws stipulating damages on certain types of fraud or bank scams. All contractually agree to follow the rules of the distributed, checking scheme with high damages for failures. All of that can be built on ultra-fast, commodity tech. Some components of such tech were also formally verified for correctness by various CompSci and industrial projects. So, over time, it can be made more trustworthy than the highly-complicated schemes for decentralized payments. Still wins out by far in the apples to apples comparison.

                                                                          Oh yeah, one other thing: many people don’t want their day-to-day money in something they can’t understand. Most people can understand the basics of how a credit/debit card uses their money in a ledger. They get it pretty quick. The description of the Lightning Network looks like a pile of complicated gibberish by comparison. They’re not going to understand that at all. So, the model basically reduces down to trusting a third party for them. What they’re already doing with their banks with some legal protections for common ways banks will screw them. They also know from media reports on various losses and scams that they effectively have no protection on Bitcoin side. So, they’ll choose the thing they understand which works really well with a maximum, legal loss of $50 per card.

                                                                          1. 1

                                                                            many people don’t want their day-to-day money in something they can’t understand.

                                                                            Are you telling jokes now?

                                                                            The description of the Lightning Network looks like a pile of complicated gibberish by comparison

                                                                            The Lightning Network is child’s play to understand compared to the criminal fraud the Federal Reserve is.

                                                                        2. -7

                                                                          I said in how banking normally does it. The transactions would be in regular databases checked by multiple banks and/or regulators. I used 10 in my example.

                                                                          Wow, I had no idea that I could compete with the international banking system and provide the same service (or in the case of Bitcoin, better), by running a simple RDBMS.

                                                                          You’ve really opened my eyes. I’m sure there are others here who are also wondering why they didn’t think of this before. You deserve some sort of award, really.

                                                                          1. 6

                                                                            I said transaction processing part. Stop trolling. Besides, your side claims to compete with international banking using just a slow/energy-hungry protocol, some mining hardware, and some software. Much wilder claim than mine which builds on banking’s own fundamental mechanisms: databases, networking, and some custom software.

                                                                            1. -2

                                                                              Stop trolling.

                                                                              Here is a conversation about Bitcoin’s energy usage, and you come along saying that an RDBMS can do what Bitcoin does.

                                                                              I’m not the one who’s trolling here. :)

                                                                              1. 8

                                                                                I said multiple parties running an RDBMS and/or logs checking each other can do what Bitcoin does. Running transactions within the financial institutions using regular databases (can already do that). Anything shared that has to be trustless can be provided as a log with signed hash to those checking it. All the checkers hash the log, check sigs, look for any risk patterns they’re interested in, and update a shared state probably with some human review of that part.

                                                                                It takes way less energy and time to do some database transactions, share logs, and crypto-check them… all stuff our CPU’s and networks are optimized for I’ll add… than to do the equivalent using a protocol designed to take more time and energy. Why do you keep leaving that off if you’re not trolling or in denial mode? It’s designed to require extra work. That’s for the security of the protocol given its difficult goals operating in decentralized environment with less trust. More difficult than traditional, banking risks which allow centralized designs and third parties with efficient protocols.

                                                                                Unlike Bitcoin designing for extra work, centralized generation with decentralized checking using just hashes and sigs can leverage those efficient protocols. Those are designed for maximum efficiency or good efficiency with some loss due to security functions (i.e. fraud monitoring). Whatever they want. We have everything from ultra-fast DB’s on server clusters to fast ones running on embedded boards with QNX. We have networking cards doing line-rate crypto for traditional protocols and algorithms over networks up to 10Gbps (affordable ones at least). Each generating or verifying party can use cheap-per-GB storage like Backblaze pods with 480TB of storage. Using Viza statistics as example, one Pod per year or a few years should do it.

                                                                                I’ll also add we have decades of investment into how to secure these things. We know how to do it. Some of these components have even been formally verified in the past. There’s all kinds of veterans to hire on fraud prevention and legal side. The crypto-currencies are more complex protocols than receive/store/log/sign/check. They have more unknowns. So, they use more energy, move more slowly, are harder to secure, and are having big failures since they’re new. So, they’re worse until proven better. That simple.

                                                                                1. 1

                                                                                  I said multiple parties running an RDBMS and/or logs checking each other can do what Bitcoin does.

                                                                                  Well, what else do you want me to say? You’re simply mistaken about that. 🤷‍♂️

                                                                    2. 7

                                                                      Herein the author ignores that even with his own optimistic 25 TWh per year energy consumption estimate, the Bitcoin network still has an average per transaction electricity footprint of 300+ KWh (processing 81 million transactions in the whole of 2018). Even with a bizarrely optimistic emission factor of 10g of CO2 per KWh (note that pure hydropower may have an emission factor of 4g/KWh), that’s still a carbon footprint of 3 kilograms of CO2 per transaction. By comparison, a VISA transaction has a carbon footprint of 0.4 grams (a factor 7,500 difference).

                                                                      That part.

                                                                      1. 3

                                                                        You can measure the total energy used for bitcoin mining, but I’m not sure it makes sense to do a per-transaction analysis. Energy consumption has no correlation to transaction throughput.

                                                                        The only thing that hashpower affects is chain security. The more energy is spent on mining, the more expensive it is to conduct a 51% attack. Energy spent on mining doesn’t affect transaction throughput except in the very short term, before a “difficulty adjustment” ensures blocks are released at a steady 10 minute cadence.

                                                                        Visa-level scaling is not achievable with on-chain transactions. The firehose of transaction data would grow the chain too quickly for all but the beefiest servers to process. On the other hand, a constrained flow of data keeps bitcoin decentralized. Weaker computers with slower internet connections can still participate and validate transactions.

                                                                        Bitcoin’s transaction bottleneck was never the energy consumption, but the growth in ledger size. We are working around that limitation with the lightning network, which only writes to the blockchain when opening or closing a payment channel. It’s possible to make thousands of lightning payments with only a few hundred bytes actually hitting the blockchain.

                                                                        Lightning’s UX still needs improvement, but I am optimistic on the transaction throughput.

                                                                        1. 3

                                                                          Thanks a lot for posting this comment.

                                                                          It’s no secret I am not a Bitcoin/cryptocurrency proponent but I believe this site deserves technical discussions over name-calling and conspiracy mongering.

                                                                        2. 1

                                                                          That part demonstrates the author doesn’t understand Bitcoin or the current financial system well enough to properly compare them.

                                                                          VISA does not do settlements. It is a payment network. You compare it not to Bitcoin (which is incapable of scaling to anywhere near Visa’s transaction throughput), but to things like the Lightning Network.

                                                                          I could point out a variety of other glaring issues but it’s time for lunch.

                                                                          1. 4

                                                                            The ACH Network does settlements. It processes 25 billion transactions a year.

                                                                            Bitcoin maxes out at 210 million transactions per year (I multiplied 7 tps by 31557600 seconds per year)

                                                                            If ACH took as much power per transaction as Bitcoin does, it really would be an ecological disaster.

                                                                            1. 0

                                                                              You didn’t mention how much power the ACH network uses. It’s also a poor comparison (though a better one than VISA).

                                                                              1. 13

                                                                                I can’t find a place where they publish that info. So let’s massively overestimate:

                                                                                If the entire net electricity produced by the United States (321,879,000,000 kWh per year) went into the ACH Network, then it would take 12 kWh per transaction. That’s still less than Bitcoin’s 300 kWh per transaction.

                                                                                1. 5

                                                                                  Also good: worldwide electricity production circa 2018 was about 26,000 TWh… So if Bitcoin took 25 TWh to process 81,000,000 transactions, migrating ACH to Bitcoin would result in a 300x increase in power usage assuming perfect scaling, to 7500 TWh — a third of the entire world’s electricity production. Assuming the more realistic 43 TWh number for Bitcoin, that works out to roughly half of the entire world’s electricity production to support the ACH Network’s transaction volume on Bitcoin.

                                                                                  But actually Bitcoin would just fall over.

                                                                                  1. 1

                                                                                    Bitcoin uses less energy than that, and it uses exactly the correct amount of energy for what it does.

                                                                                    Your making nonsensical comparisons doesn’t change that fact. You should be able to tell that the comparison is inappropriate because Bitcoin cannot scale to ACH’s size, so saying things like “it would just fall over” should be a clue that these are different systems doing different things.

                                                                                    Try to use ACH in the way we use Bitcoin. You can’t.

                                                                                    1. 3

                                                                                      Bitcoin uses less energy than that, and it uses exactly the correct amount of energy for what it does.

                                                                                      That blog post claims that econ 101 proves Bitcoin must use exactly the energy it needs to because it is P2P and anyone can mine (and if it didn’t use exactly the energy it needed to, anyone mining and using too much energy would go out of business).

                                                                                      This is incorrect for two reasons:

                                                                                      1. Econ 101 does not give a timeframe under which irrational behavior collapses, even as it insists it will. Repeatedly driving cars into walls is a decentralized operation, and yet the fact that it is one doesn’t make it a valuable use of energy, and even if a tulip mania arose for crashed car bodies it would be an incredibly wasteful way to transfer value.
                                                                                      2. Even taking the blog post seriously, its fundamental premise is wrong. It claims that Bitcoin can be mined by anyone, so it is impossible to extract rents. But Bitcoin cannot be profitably mined by anyone: you need capital expenditures for dedicated mining rigs, and real estate near extremely cheap power. Bitcoin is hardly “decentralized”: because of this economic imbalance a few Chinese mining pools (who can get cheap electrical power, or in some cases are rumored to actually be Chinese power companies shedding excess electricity) control an estimated 60% of the mining power, which by the way is more than enough for a 51% attack. You’ve shifted your trust from regulated financial institutions with global operations and enormous government and private sector oversight to a few unregulated groups operating in China.

                                                                                      FWIW, I don’t have strong opinions about cryptocurrency in general: I just think proof of work is untenable, because it quickly degenerates to “proof of ability to buy specialized hardware and get cheap electricity,” which is not really more efficient or trustworthy or anything compared to the traditional financial system.

                                                                                      1. 0

                                                                                        You know, I think this comment (the second part of it) is the closet thing I’ve seen to a legitimate criticism of Bitcoin in this entire thread, and that includes the Schneier essay. Kudos to you! 👏

                                                                                        Let’s jump through some of the things you said:

                                                                                        regulated financial institutions [..] government and private sector oversight

                                                                                        This is a laughable claim. We all know these institutions are “regulated” in name only, and have no discernible oversight.

                                                                                        Bitcoin is hardly “decentralized”

                                                                                        It is true that Bitcoin has a mining-concentration problem in China. But, true as that may be, I still trust it over the criminal and unregulated banks who have run amok on this planet.

                                                                                        Why? Well, because even in spite of this threat to its decentralization, Bitcoin continues to perform its duties and provide the services it claims it provides — as advertised.

                                                                                        If and when that stops being true, I will certainly disavow it.

                                                                                      2. 1

                                                                                        it uses exactly the correct amount of energy for what it does

                                                                                        It would use the exact “correct” amount of energy, as defined by pure economics, if it hadn’t undergone an investment bubble that allowed miners to sell 1 BTC for more than it’s actually worth.

                                                                                        But that’s an economic argument. We’re not economists, and this isn’t a forum for economics. It’s a tech forum, so I’d rather stick to the question of whether it’s possible for Bitcoin to handle as many transactions as other settlement networks, not the question of whether bitcoin miners are behaving in an economically rational way.

                                                                                        Try to use ACH in the way we use Bitcoin. You can’t.

                                                                                        Why not? What exactly do you mean by “the way we use Bitcoin?”

                                                                                        1. 3

                                                                                          so I’d rather stick to the question of whether it’s possible for Bitcoin to handle as many transactions as other settlement networks

                                                                                          The answer is no. ACH is centralized, Bitcoin is decentralized. That is why.

                                                                                          For payments, the Lightning Network lets you securely and in a decentralized way conduct business at arbitrary transaction rates, at close to $0 fees, and without this energy usage you’re so concerned about for some reason (I say that because the concerns are bogus when you study them in depth).

                                                                                          Why not? What exactly do you mean by “the way we use Bitcoin?”

                                                                                          You might as well ask why does Bitcoin exist at all?

                                                                                          As I said before, ACH is centralized. Bitcoin is decentralized. I cannot use ACH to send payments to people in countries all over the world without an immense amount of hassle, wasted time, and extremely high fees.

                                                                                          With Bitcoin, I don’t even need an account. I don’t need to build a building and staff it with bank tellers. I don’t need to step foot in that building. It’s painless. And on top of that, I don’t have to worry about Bank theft (“asset forfeiture”) or mystery fee gouging or spam in my mailbox or Bank bailouts funded by taxpayers. Bitcoin is anti-tyranny, pro-freedom.

                                                                                          1. 1

                                                                                            The answer is no. ACH is centralized, Bitcoin is decentralized. That is why.

                                                                                            Most decentralized networks scale to more traffic than their centralized counterparts.

                                                                                            For payments, the Lightning Network

                                                                                            The Lightning Network doesn’t do settlements, so it’s not a fair comparison to the ACH.

                                                                                            You might as well ask why does Bitcoin exist at all?

                                                                                            That’s a very good question. Money is a tool used by society for allocation. Do we really want human resources to be strictly governed by “what the database says”, regardless of whether people know that the money was acquired by stealing someone’s private key? Is “the government goes completely rogue” a part of anyone’s realistic threat model? It’s not like a military coup is going to care what the blockchain says anyhow; they’ll just offer not to shoot you in lieu of payment.

                                                                                            I cannot use ACH to send payments to people in countries all over the world without an immense amount of hassle.

                                                                                            You’re complaining about the existence of anti-money-laundering tooling, you dork.

                                                                                            1. 3

                                                                                              Most decentralized networks scale to more traffic than their centralized counterparts.

                                                                                              Not decentralized consensus networks, which is what we’re talking about.

                                                                                              The Lightning Network doesn’t do settlements, so it’s not a fair comparison to the ACH.

                                                                                              ACH is centralized, Bitcoin is not, so that also isn’t a fair comparison.

                                                                                              Do we really want human resources to be strictly governed by “what the database says”, regardless of whether people know that the money was acquired by stealing someone’s private key?

                                                                                              There is no incompatibility between Bitcoin and the legal system as far as theft goes. If anything, Bitcoin probably gives you more evidence to bring a legal case against someone who stole your funds.

                                                                                              1. 3

                                                                                                ACH is centralized, Bitcoin is not, so that also isn’t a fair comparison.

                                                                                                Special Pleading. I’m done.

                                                                                                1. 0

                                                                                                  I don’t see how, I clearly justified the significance in the other paragraphs. That you ignored them is on you, not me.

                                                                                              2. -1

                                                                                                anti-money-laundering

                                                                                                Like the ~$23 trillion unaccounted for by the Pentagon?

                                                                              2. 6

                                                                                You totally ignored notriddle’s points.

                                                                            2. 2

                                                                              I know you’ll dismiss me by invoking some fallacy you can press my comment into, but saying

                                                                              … is politically motivated fake news as usual.

                                                                              really don’t help your point.

                                                                          2. 7

                                                                            He’s not telling people that have found that blockchain solves their problems that it doesn’t. He’s telling the general audience that it’s most likely not right for them.

                                                                            1. -4

                                                                              He’s telling the general audience that it’s most likely not right for them.

                                                                              As someone mistaken about most of what he says, he’s not in a position to tell anyone anything about public blockchains.

                                                                              1. 4

                                                                                I didn’t say anything one way or the other about whether he’s right, just that you’re saying he’s saying something that he’s not and calling him arrogant for it.

                                                                            2. 5

                                                                              That’s your refutation: that Bitcoin only uses 25-35Twh/year? And then that some people believe bitcoin solves problems so it is arrogant to say otherwise? Ok then.

                                                                              1. -1

                                                                                That’s not the refutation at all. The refutation is that Bitcoin uses less energy than the current financial system. Pretty good refutation if you ask me.

                                                                                It’s not my problem if people insist on ignoring that point and repeating that Bitcoin makes it easy to measure its energy usage, it’s theirs.

                                                                                1. 7

                                                                                  Bitcoin does a tiny fraction of what the current financial system does. You could similarly argue that your oil burning 1976 chevy impala uses less gasoline than the current transportation system. I give up on you: if you really believe your arguments, you are squarely in the target audience for the ponzi scheme.

                                                                                  1. -2

                                                                                    Yes, best give up. I am not convinced by weak and ignorant arguments, no matter how often they’re repeated, or how big of a mob repeats them, especially online.

                                                                                    Like this comment. Dude says nothing and gets 16 upvotes for it. That’s the type of quality discussion only Lobsters can be proud of. I’m not convinced I’m not talking to paid trolls.

                                                                                    1. 5

                                                                                      I’m not convinced I’m not talking to paid trolls.

                                                                                      Aren’t you the one who offers blockchain consulting, and would therefore have an interest in protecting the systems’ reputation?

                                                                                      1. 1

                                                                                        Aren’t you the one who offers blockchain consulting, and would therefore have an interest in protecting the systems’ reputation?

                                                                                        I do offer blockchain consulting, I do have an interest in protecting the system’s reputation (when it fairly deserves to be protected). None of that makes me a paid troll.

                                                                                        Being a paid troll is being paid to troll, i.e. things like creating sock puppet accounts to upvote comments that contain nothing of substance, in order to protect a criminal financial system.

                                                                                        Rational self-interest, arguments based on reason, and investing in something you believe in on its merits is completely different.

                                                                                        1. 3

                                                                                          I wasn’t saying you’re a paid troll, assuming such a thing seems ununderstandable in the first place. I was just saying that it seems that you have a fundamentally economical interest in the Blockchain, that would probably guide you’re incentives.

                                                                                          It’s not like you can just change your mind and assume people will say “he admits that he was wrong about blockchains, what he invested time and labour into, but he’s just as credible as he was before”. Me, a nobody, on the other hand managed this, since I was never too vocal about my support, so changing my mind wasn’t hard.

                                                                                          Btw, do you know where to apply when I want to get paid for opposing bitcoin? Any banks or other financial institutions you can recommend from experience?

                                                                                          1. -1

                                                                                            It’s not like you can just change your mind

                                                                                            Sure I can. I am always interested in the truth first and foremost. Even you can convince me to change my mind by making a compelling argument. ^_^

                                                                                            Btw, do you know where to apply when I want to get paid for opposing bitcoin? Any banks or other financial institutions you can recommend from experience?

                                                                                            Lol, being a tool isn’t hard. It just requires a willingness on your part to be subservient.

                                                                                            1. 3

                                                                                              Even you can convince me to change my mind by making a compelling argument. ^_^

                                                                                              I’m quite sure that you know more about it, after all you’re in the business of selling Blockchain ideas. I don’t see why either you or me should waste time for unpaid sophistry.

                                                                                              Lol, being a tool isn’t hard. It just requires a willingness on your part to be subservient.

                                                                                              Well yeah, but I don’t know where to start. Since you mentioned that people are paid to promote anti-bitcoin talking points, I was assuming you have some evidence that you help me? Like specific people actually paying specific real people?

                                                                                              1. -2

                                                                                                Yes, do a search on:

                                                                                                • government propaganda and troll farms
                                                                                                • psyops
                                                                                                • CIA infiltration of news organizations and fake stories
                                                                                                1. 4

                                                                                                  Sadly none of these terms gave me any conclusive points to find someone willing to pay me for commenting on the web.

                                                                                                  Are you sure that you have absolutely no direct and verifiable links to sources offering money in exchange for promoting anti-blockchain ideas? Not just vague references or suggestions on where to look. If you feel better, please use any of the methods listed here to send me the link to the person or persons willing to pay money: https://zge.us.to/

                                                                                                  Hope you can help me.

                                                                                                  1. -3

                                                                                                    I showed you the door, only you can step through it. If you’re not trolling you should have no problem doing that. Send in your resumé to the organizations I mentioned, don’t be a chicken shit troll. They’re more than happy to hire folks like you. :)

                                                                                        1. -2

                                                                                          You sound like an excellent prospect for playing 3 card monte.

                                                                                          1. 1

                                                                                            Ad hominem doesn’t convince me of your arguments either. :)

                                                                                  2. 2

                                                                                    Thanks for the link addressing(and debunking) the “bitcoin is destroying the environment” argument. Pretty damning stuff which I will be pointing out in future discussions regarding this issue.

                                                                                    1. 2

                                                                                      Contrarianism gets clicks, no matter how unfounded.

                                                                                      1. 13

                                                                                        Oh no: false promises and hype of cryptocurrencies gets both clicks and massive investment by all kinds of people. No matter how unfounded. Then, this expert on risk whose watched many hype cycles wrote a risk assessment telling people to avoid this one. It got less clicks than a lot of popular content on Lobsters but did get higher-than-average clicks. That’s usually a sign I should pay closer attention to it because it might not be a fad.

                                                                                        Of course, it isn’t like David Gerard’s articles haven’t been demolishing cryptocurrency BS here on a regular basis with more citations. This stuff didn’t come out of nowhere.

                                                                                        1. -2

                                                                                          Lol, David Gerard is a troll who posts laughable arguments that convince only people who haven’t studied the subject.

                                                                                          false promises

                                                                                          Name one?

                                                                                          1. 3

                                                                                            There’s one person in this thread who comes across as a troll (though I doubt they’re consciously trolling, rather deluding themselves because they’re invested in the cryptocurrency pyramid not collapsing just yet). It’s not David Gerard.

                                                                                            1. -5

                                                                                              Powerful, convincing, technical arguments, and totally not emotional rhetorical devices.

                                                                                              *Yawn.*

                                                                                    1. 3

                                                                                      Personally, I’d define them entirely by whether they support nesting or not. Option/Optional/Maybe all support nesting, while Null/Nullable/Pointer do not support nesting. Distinguishing between sound and unsound ones just comes down to whether the language has a strong type system.

                                                                                      1. 5

                                                                                        This article’s history is wrong. The first video game was not 1971’s Computer Space. It’s 1958’s Tennis for Two, which actually had considerably different controls from Pong (despite also being a tennis game, it’s arguably closer to Angry Birds).

                                                                                        1. 1

                                                                                          Tennis for Two was predated by Nimrod, a computer that played the game of Nim in 1951. It didn’t “draw pictures on a screen” though (it lit up lights). OXO played Tic-Tac-Toe by drawing pictures on a screen in 1952, six years before Tennis for Two. All the way back in 1947, the Cathode-ray-tube amusement device let you try to hit a target (drawn on a plastic overlay) by twiddling knobs; it drew a picture on a screen but wasn’t run on a computer.

                                                                                          Just like there are many candidates of “first computer” depending on how you define “first” and “computer”, there are a lot of candidates for first “video” “game”…

                                                                                          If we require that the game be electronic, draw a picture on a screen, and run on a general-purpose computer, the earliest one that I can find is OXO

                                                                                          (Why yes, I am fun at parties…)

                                                                                          1. 1

                                                                                            Interesting! I hadn’t heard of that one. My first thought was that 1962’s Spacewar was the first video game, but it looks like Tennis for Two has it beat.

                                                                                          1. 3

                                                                                            It’s funny that when you use native applications (like Mail and Calendar on a Mac) instead of cross-platform LCD things like Thunderbird, these problems go away.

                                                                                            1. 4

                                                                                              Windows, Linux+XDG, and macOS all have better abstractions than “get a byte, get a byte, get a byte-byte-byte”. But they’re not portable, and they don’t work over the Internet, so they don’t get used.

                                                                                            1. 1

                                                                                              The fact that Chrome is going to cripple ad blockers is feature enough to drive me away from Chrome.

                                                                                                1. 8

                                                                                                  I’m sorry, but I don’t understand the need for the SATA and VGA connections (and four audio ports; because a sysadmin is going to have such heavy, sophisticated needs in the sound department 😒). You have to carry around cables for the things anyway, so I’m not sure what the advantage of having dedicated ports and carrying around the cables is over having more USB-C ports and carrying around adapters. And the SATA and VGA ports take up so much surface area on the side and so much depth area inside the case that the whole thing is kind of a PITA (to the point where there are skeptics on the site surrounding whether the ports’ layout is actually possible).

                                                                                                  And I’m speaking as someone who would LOVE the peripheral-mode on my laptop so I can use it as the keyboard and monitor for a rack server temporarily. That shouldn’t be hard with just USB-C ports on the device itself, though.

                                                                                                  Personally, I’d rather have a laptop with twenty USB-C ports and appropriate adapter-cables in the box. And a much bigger screen, but that’s because my eyesight sucks.

                                                                                                  1. 3

                                                                                                    Interesting how much this is down to personal taste. I assumed without even thinking about it that literally nobody apart from Apple accountants and designers liked the trend of forcing customers to buy and carry adaptors around, so as to streamline their manufacturing processes/slash their costs/increase their margins even further, as well as progress ever faster to the design nirvana of total simplicity (i.e. there’s nothing there).

                                                                                                    Personally I really dislike it. It’s the main reason I’m still with my 2013 Macbook Pro, even more than the daft keyboards and missing escape keys etc. Setting aside the extra cost (on top of the fact that the computer price never seems to go down even though they stripped out all those devices in favour of just a USB bus), having to use more adaptors is just more baggage and more stuff, with more scope to go wrong and more expensive to replace, than just cables. It reminds me of computer music days with loads of outboard - I’d often avoid buying things with wall-wart power adaptors because why not just give me a kettle cable like every other piece of kit does?

                                                                                                    So on a computer, yep, I want proper display outputs, proper ethernet, SD card, basic audio I/O and USB, at a minimum. Anything else is just making more hassle and more time & financial cost for me. Apple did it pretty much perfectly on the MBP with HDMI & Thunderbolt; subsequent iterations seem to be just to keep the unit-shift churn going, and all the other companies follow suit, partly because Apple designs are of course beautiful, and partly because “wait, you mean we can get away without all those expensive components too? SWEET”.

                                                                                                    1. 2

                                                                                                      I was specifically talking about VGA, SATA, and the audio ports. You have to carry the VGA cable anyway, since you’re not leaving the servers hooked up to monitors. You might as well just screw the puck to one end and leave it there. It’s one less end where I have to mess with those stupid twist-things. It’s the same deal with SATA; unless you plan to dig the other end of the cable out of the machine’s motherboard, you want to carry around a spare, which you can again just leave the adapter attached to. And as for audio… give me one system administrator use case for line-in.

                                                                                                      Yeah, I would like the SD card slot. Just sticking the card into your laptop is obviously better than carrying around a reader. I can also appreciate Ethernet in a data center setting, since you probably pull the plug off of one non-USB-C device and stick it into your machine, and Ethernet plugs aren’t enormous.

                                                                                                      And USB-A and headphones tend to have the cable baked into the peripheral itself, so it’s useful to accept those directly. Now that I think about it, amend my suggestion to: five USB-C, five USB-A, an SD card reader, a headphone jack, and Ethernet. And please don’t stick all of the A’s or C’s on one side.

                                                                                                      1. 1

                                                                                                        I’m fully down with that amendment :-)

                                                                                                    2. 1

                                                                                                      Dongles mean you need to plan ahead. Accepting any wires means the people you are helping probably already have the needed cable

                                                                                                    1. 7

                                                                                                      My big side projects are never actually “done”. They’re released, warts and all, and I fix the warts in a roughly complaint-driven way.

                                                                                                      1. 14

                                                                                                        This fellow seems to be defending the use of systemd; it gets the job done, he argues. But even he won’t defend the attitude of its creator. When anyone says “systemd” the first thing that comes to mind for most people is outrageous arguments, name-calling, and vitriol on both sides.

                                                                                                        I’m somewhat hopeful that if we’ve learned anything in the time since systemd gained wide adoption, it’s that we can’t continue to ignore bad behavior from project leads. Ignoring social factors because you think the technology is solid is not a good strategy. Even Linus has realized this now.

                                                                                                        1. 0

                                                                                                          We only should care about social attitudes when a project has no more technical issues to resolve. Until then, the technology should come first, always.

                                                                                                          1. 9

                                                                                                            Not only will there always be technical issues to resolve (meaning we will never get around to the social issues), but software artifacts are an embodiment of social attitudes the same way any other work of engineering is (which means that our technical choices still be influenced by social ones).

                                                                                                            SystemD is centralized and monolithic because its governance is centralized around a single BDFL. It follows a design that is as consistent as its creator’s vision is. It replaces several daemons, which are inconsistent and don’t talk to each other very well because they were created by people with different visions who didn’t talk to each other very much.

                                                                                                            In other words, a compiler project with five teams will produce a five pass compiler. News at 11.

                                                                                                            1. 6

                                                                                                              “which means that our technical choices still be influenced by social ones”

                                                                                                              One of favorite examples: assignment being := vs = (or just not = vs =). The original ones used = for equality with a different symbol for assignment. One guy tweaking a language for an important project had a personal preference to use = for assignment. When it took off, we’ve been having = vs == errors ever since. Many designs followed the = pattern just assuming it made engineering sense or would be familiar. Just a social choice with long-term effects.

                                                                                                              1. 2

                                                                                                                Exactly. We will always have technical issues to resolve, and never get to social issues. We work with technology. Social issues are not relevant in technical forums. To use an extreme example, I will watch movies starring Kevin Spacey despite his personal checkered past, since I watch movies to be entertained, not for some meta purpose.

                                                                                                                Technical choices grow from our social understanding, but those choices can not be judged by that social understanding any more than software written by a black man, white man, Muslim, Jew, or Christian can be judged on the merits of the author’s beliefs or culture.

                                                                                                                SystemD provides a case study in how organizational groups effect the software produced, surprising nobody and shedding no light on the technical merits or problems with the monolithic approach. Argue why SystemD should be done differently or the same way, don’t stop your examination with the team that built it.

                                                                                                                1. 2

                                                                                                                  surprising nobody and shedding no light on the technical merits or problems with the monolithic approach.

                                                                                                                  But shedding light on the technical merit of a monolithic organization. Because there is a technical output, it is relevant to technical forums.

                                                                                                                  If a reader here see this and starts to ponder how they want to structure their next project community, because it will have an impact on the kind of technical architecture that will naturally grow out of it, then the discussion was a productive one on a technical forum.

                                                                                                              2. 4

                                                                                                                I wish we could do this. Unfortunately, technology is there for humans to use, to try to serve human goals, so completely decoupling the two is not feasible.

                                                                                                                On a more practical level, if I’m reporting an obvious mistake in a piece of vital infrastructure that I’m being paid to deal with, and offer to put my time into fixing it if someone who knows what they’re doing can give me a big of guidance, I really don’t want to get told “working as intended” and have to spend hours arguing otherwise.

                                                                                                                1. 1

                                                                                                                  Would you have any qualms about using reiserfs?

                                                                                                                  1. 3

                                                                                                                    It’s practically unmaintained as I understand it, so yes, I’d have qualms about trusting it with my data.

                                                                                                                    1. 2

                                                                                                                      Though it didn’t say it explicitly, it seems pretty obvious to me that the question wasn’t about trusting it with your data, it was about the author being convicted of first-degree murder of his wife. Even if the filesystem were maintained, would that not give you pause before using it?

                                                                                                                      1. 2

                                                                                                                        I understood the point. No, even though the author has definitely killed his wife, the software is not necessarily bad.

                                                                                                              1. 5

                                                                                                                I’m currently in the middle of rewriting a bunch of Elixir FP-ish code from a “functional” approach to look more OOPy, because the maintenance burden is just beyond stupid.

                                                                                                                Everybody talks about how magical functional programming in, but nobody seems to be really speaking up yet about functional programming as she is practiced:

                                                                                                                • “functional” programming means, programs with loads and loads of functions! yay!
                                                                                                                • “functional” programming with pattern matching, where if enough of something matches, hey, we can run it through the function! no need for types! (looking at you, Elixir maps)
                                                                                                                • “functional” programming where clever tricks with apply and map and reduce and filter and lambdas/closures substitute for clean, documented methods
                                                                                                                • “functional” programming where instead of fixing an interface and automatically getting to see where to clean up your objects, you chase through the entire pipeline of functions where the objects get shoved and look for where you’ll have to expand/contract things
                                                                                                                • “functional” programming where people just grab functions off of unrelated domain modules and use them because they need a one-off display function
                                                                                                                • “functional” programming where other people decide to duplicate the same function in multiple places because they never had to think about the domain

                                                                                                                For all of its very many excesses, it’s so much easier to partition and expand on an OOP codebase than this “functional” nonsense. To wit:

                                                                                                                “Young developer, go forth and create a new widget object, conforming to the widget interface. You can extend BaseWidget and just update the display method and price estimating function. Serialization is handled by that class already.”

                                                                                                                Compare with:

                                                                                                                “Young developer, we’re adding a new widget type. You’ll need to learn about the overloaded functions in the cost module, in the display module, and update all the tests accordingly. You’ll also need to either use the serialization library, or you’ll need to manually add those overrides to the code. Oh, also, make sure you don’t set the market_price in your arguments, or something else will match on that and you’ll need to refactor that too, or maybe it’ll just fail silently.”

                                                                                                                OOP has so many problems, but I find it so much easier to get the size of a system and the page in and page out the parts I need into my working memory than to trace spaghetti for hours. I’m sick of people touting FP as a silver bullet when most of the shooters are cross-eyed.

                                                                                                                1. 8

                                                                                                                  I’ve long wondered when we’d figure out how to write FP so poorly we undo all of it’s supposed benefits. The same thing happened to OOP.

                                                                                                                  Unfortunately, there are very few computing paradigms out there for all the Medium thinkpieces that need to be written about how X paradigm is the worst.

                                                                                                                  1. 2

                                                                                                                    Maybe programming isn’t the answer. Maybe we should just roll the clock back and have desks upon desks of people pushing paper around. It’d give more jobs for people that are not qualified to program, and reduce homelessness.

                                                                                                                    Of course, that’d make it harder to concentrate wealth in the hands of founders and execs and investors, but since I’m not seeing much of that, fuck’em.

                                                                                                                  2. 7

                                                                                                                    Almost all of those bullet points are arguments in favor of static typing. Not arguments in favor of object oriented programming.

                                                                                                                    I’m speaking as someone who is terrible enough at programming to have written spaghetti code in both styles. It’s spaghetti code. Of course it sucks, and you don’t realize how much it sucks until several months later when you have to re-remember your terrible “design” choices, and, worse, have to extend it in a way that you did not plan for.

                                                                                                                    1. 3

                                                                                                                      Static typing helps a great deal, but being able to define classes of objects and duplicate and tweak them is enormously useful–vulgar OOP isn’t totally wrong. Being able to communicate via messages, dispatch messages, inspect messages, store and replay messages–theoretical (Kay-esque) OOP also has a lot to offer.

                                                                                                                      I agree on the spaghetti code, but again will point how exasperating it is to see people celebrating FP as a cureall when most of the common devs seemingly can’t be trusted to scale it beyond a few tutorials. At least with OOP stuff you get a coloring book and if the devs are smart enough not to eat the crayons they can produce something that looks like the source material.

                                                                                                                      1. 3

                                                                                                                        In other words, functional isn’t a programming paradigm. It isn’t a template for designing your system; it’s just a synonym for “computation without mutation and without backtracking*.” Which happens to contradict vulgar OOP, which has mutation, but that doesn’t change the fact that the proper counterpart to OOP would probably be something like Reactive Programming or Data-Oriented Design.

                                                                                                                        * With backtracking would be logic programming.

                                                                                                                    2. 6

                                                                                                                      What has convinced you that the team that made your list of mistakes when attempting to follow the FP paradigm will do any better when attempting to follow the OOP paradigm?

                                                                                                                      1. 4

                                                                                                                        Most programming problems are people problems. You’re only going to get truly good code if you commit to paying for it, up to and including formal code reviews wherein people can say “no, you can’t do that.”

                                                                                                                        Also: unityped functional programming is a special type of Hell. Learned that from my one (small) Clojure project and will never do it again.

                                                                                                                        1. 2

                                                                                                                          This perfectly sums up the nagging feeling I’ve been having about FP, but haven’t been able to express. I have only ever heard people laude FP as a better paradigm, but I always felt that it would be so difficult to maintain the projects I see at scale in the real world and I see how difficult OOP is… I do not envy the hacks that are in place for large FP codebases. I can grok a OOP codebase (hell I can grok dissassembly), but the moment someone has given me FP code I spend more time trying to keep the entire thing in my head. To this day I don’t think I’ve been able to understand a single decently sized FP codebase.

                                                                                                                          1. 1

                                                                                                                            There’s benefits and costs to both paradigms but the idea that either is “unusable” or “doesn’t scale” is genuinely laughable. The fact that you don’t use it, so you can’t figure out how to use it, isn’t actually any kind of argument for anything. Typed functional programming has been around since 1973, C was invented in 1972. People both less and more talented than either of us have used both OOP and FP, strongly and dynamically typed for decades at both small and gargantuan scales.

                                                                                                                            1. 4

                                                                                                                              I said that entirely from my personal perspective and meant nothing of offense, your reaction and tone is exactly the reason that I tend to avoid even discussing my hesitation about programming paradigms. This could (and most likely is) be an entire failing on my end, but I have actively tried to learn and read large projects from both and friendlysocks experience mirrored mine. I wasn’t trying to slander, just merely mention that I struggle personally massively with the paradigm more than most everything in computer science. I can’t use it. I can’t understand how it scales to large teams.

                                                                                                                              1. 3

                                                                                                                                In my experience it’s harder to teach an OOP programmer FP than a beginner. Part of this I believe has to do with how learning new paradigms is inherently humbling. The things that made you feel smart before now make you feel dumb. Dynamic typing for example makes me think, “Well I don’t know how anyone makes anything useful with this.”. In reality though the reason I feel this way is almost certainly because I’m missing pieces of knowledge of how to use languages like that effectively.

                                                                                                                                I think you could use it with practice. I think you could learn how to scale it to large teams. It’s okay that you don’t want to do or learn how to do either of those things but I wouldn’t internalize that decision as an inability. The people who are using functional programming at scale almost certainly aren’t smarter than you, just more patient and willing to feel dumb. Or more likely they didn’t happen to deep dive into an entire other paradigm where their previous intuitions are less useful.

                                                                                                                                While your post may have hurt my feelings to an extent and I’m sure that leaked out in my tone, my overarching goal was to dispel illusions of inadequacy.