1. 2

    One more bug on ethereum, at which point they will understand that ethereum is definitely a bad idea ?

    1. 1

      What in Ethereum is a bad idea? I personally think the implementation is not without flaws but the project seems pretty cool.

      1. 7

        Because it assume the ethereum contracts are programs set in the stone and managing money without control. And to do so you must have free of bug programs. Such programs only exists in a very limited extent, as for example limited programs done for bitcoin.

        Each contract which has a vulnerability show that the assumption of bug free program don’t stand.

        Without bug,ethereum would be a splendid idea, but this condition don’t hold and as such, anybody putting money on any smart contract is very likely ot lose it. And as basically the whole ethereum promise is that the smart contract work as their creators says so. it is basically a scam.

        1. 1

          “not without flaws” is an interesting way of spelling “a garbage fire of bad ideas in which it is almost impossible, even for experts, to write correct code”.

      1. 6

        You know you’re getting the good stuff when you see a paragraph like this:

        This post represents a lot of research and brute-force attempts at trying to do this. I have had to assemble things together using old resources, reading kernel source code, intense debugging of code that was last released when I was in elementary school, tracking down a Heroku buildpack with a pre-built binary for a tool I need and other hackery that made people in IRC call me magic. I hope that this post will function as reliable documentation for doing this with a modern kernel and operating system.

        1. 4

          Other gems from that article:

          This is about where things get really screwy. Networking for a user mode Linux system is where the “user mode” facade starts to fall apart. Networking at the system level is usually limited to privileged execution modes, for very understandable reasons.

          However, there’s an ancient and largely unmaintained tool called slirp that user mode Linux can interface with. It acts as a user-level TCP/IP stack and does not rely on any elevated permissions to run. This tool was first released in 1995, and its last release was made in 2006. This tool is old enough that compilers have changed so much in the meantime that the software has effectively rotten.

          It’s not immediately crashing, so I think it should be good!

          I have no idea how his Slackware system works fine with slirp but my Ubuntu and Alpine systems don’t, and why the binary he gave me also didn’t work; but I got something working and that’s good enough for me.

        1. 5

          Is it weird that I look forward to these releases but still mostly stay pinned to testing in my sources file?

          1. 3

            Not necessarily, because as soon as buster is stable, more updates should be expected, since the freeze will be over.

            1. 3

              Rule 1 of tracking testing: Don’t for the love of all that’s holy track testing in the weeks immediately following a release. Any other time, it’s probably more stable than anything else out there but things can get a bit hairy as all the pent up changes that have been held back for the stable release flood into the pool.

              1. 1

                I don’t know, I’ve been pinned to testing for years and I’ve never had a problem.

          1. 2

            Just don’t do this on any computer which ever runs untrusted code.

            Especially don’t do it if you browse the web on such a computer with Javascript turned on.

            1. 2

              Yes! Forgot to add the satire tag. Added. :-)

              1. 1

                I have computers that don’t ever run javascript. I’m bookmarking this. I haven’t heard of most of these arguments… Did the author miss any?

                The idea could be expanded to include gcc flags, right?

                1. 1

                  I would suggest not and just trust the kernel maintainers. There may be very specific reasons for why the kernel is optimized the way it is. Sometimes over optimization actually introduces security vulns because compilers get too smart for their own good.

                  1. 1

                    Oh, let me try again.

                    The kernel command line arguments shown in this post appear to deliberately disable important security features in favor of performance. (Are none of these ‘free’ to enable? I don’t know how much work the author put into selecting this specific list.)

                    Just for fun, using a computer disconnected from the internet… Can we push this idea further?

                    Are the binaries in popular contemporary linux distros compiled with compiler options that favor security over performance? That is, are there compile-time choices we can make to favor performance over security?

                    I’d like to imagine this line of thought could actually be meaningful in some hypothetical situation. Like using old hardware to play HD video (on a machine not connected to the internet) or something.

                    1. 1

                      Sure, link everything into the kernel and avoid syscall and context switch overhead.

                      1. 1

                        That sounds good. As I understand it, context switches are very expensive.

                        But, that’s a lot more work than changing some parameters, right? What would a utility like grep even look like after ‘linking everything into the kernel’?

                        tedu, are you talking about putting a bunch of kernel into a grep binary, or putting a bunch of grep application into the kernel?

                        (This line of conversation would rightly be classified as a thought experiment, right?)

                        1. 1

                          (This line of conversation would rightly be classified as a thought experiment, right?)

                          I suspect it would be classified as trolling.

                          But having a unibinary system would be fascinating, offer very little by way of runtime customization (let alone programming any compiled language), and have miserable separation between user accounts (if you maintain a mostly POSIX compatible interface).

                          1. 2

                            Unibinary. Ok, so, we’re talking about putting the functionality of applications into the kernel. Yes, the downsides you describe make sense. Though, customization is still possible through self-modification.

                            …I’m certainly not trying to have any kind of negative impact on anyone. I am, I’ll admit, trying to get something out of folks. I want to know how computers work. Actually, I guess I want to know how compilers work–in practice. I seem to know how compilers work in theory.

                            Moreover, I have believed for some time that my various CPUs spend a lot of time and heat on tasks that are somehow adjacent to whatever task I ask of them. More and more I am biased towards leaner systems that do less.

                2. 1

                  That’s computer, right? How much of that command line even applies to my intel-free devices?

                  1. 2

                    The spectre mitigations apply to everyone that does branch prediction.

                1. 5

                  I was talking to a friend today who works in a high-assurance workplace (think defence / safety critical systems / nuclear engineering etc). They have a nifty Docbook based system where /all/ the documentation for their systems is contained within the source code & they can generate PDFs documenting the system (including state chart diagrams and all that kind of thing) from the sources which they can submit to their client / regulator whenever they want. I’ll have to see if they can document how they go about it.

                  Setting this up was a huge improvement on their previous “do everything by hand in word documents” approach.

                  1. 1

                    I assume that the PDFs contain nothing that isn’t just straight from the docbooks, would that be fair?

                    1. 1

                      I think they auto-generate statechart diagrams & that kind of thing from text in the source.

                  1. 3

                    Now I’m going to have to dig out all my olf CSP references to compare & contrast.

                    1. 2

                      Try with SPIN. It’s based on CSP. Lots of academic and industrial use.

                      1. 5

                        I was the sole developer of FDR for a number of years :)

                        1. 2

                          That FDR? I didn’t even know about it for some reason! That’s pretty awesome. Thanks for the link. Even more awesome that it got parallelized.

                          1. 3

                            I was FDR2 for some time - FDR3/4 was mostly put written by a very talented postgrad at the department, but sizable chunks of that are mine too.

                          2. 1

                            omg you are super cool can I pick your brain on FDR and CSP please?

                            1. 1

                              Any time…

                      1. 34

                        I’m very strongly in favour of objective, civil, polite discourse. I don’t think anything is gained by penalising people if their tone is a little abrasive.

                        To be blunt (in full acceptance of the irony here) I would much rather that people post abrasive content than risk them self-censoring for fear of appearing “unkind”. I’m afraid that lobste.rs would cease being a haven for constructive discussion, and become some sort of Stepford-esque echo chamber instead.

                        1. 46

                          You can disagree with something without being a jerk about it. I think that’s something we should all aspire to.

                          1. 11

                            I agree (and think that “being a jerk” is quite a different thing to “being abrasive”, but maybe that’s just my reading of the terms).

                            However, I’ll take “abrasive and correct” over “nice but wrong” any day of the week, and I fear that encouraging downvotes over tone will result in the loss of some of the former.

                            1. 7

                              I’ll take “abrasive and correct” over “nice but wrong” any day of the week, and I fear that encouraging downvotes over tone will result in the loss of some of the former.

                              Fortunately, these are not the only two options. An ideal solution would discourage the “abrasive and correct” in favor of the “non-abrasive and correct.” In such an environment, “nice and wrong” comments are welcome because they spark informative discussions.

                              1. 2

                                Which is why a downvote, as they’re currently implemented, isn’t a good solution. Some sort of separate flag might be, though. Provide an easy way for readers to nudge posters to edit their posts for tone.

                                1. 1

                                  “Nice and wrong” comments that require other people to expend effort to correct them are not kind.

                                  1. 6

                                    The “incorrect” flag covers those, however.

                                2. 4

                                  Perhaps the “unkind” vote should have zero affect on karma, but still deprioritize the comment? That way it’s less likely to generate feelings of defensive?

                                  1. 4

                                    Being unkind seems very karma-related to me

                                    1. 4

                                      It could just be some CSS that provides visual feedback from the downvote action to the voter. Like a big red mechanical button that isn’t wired up to anything, but feels satisfying to press.

                                  2. 6

                                    You certainly can. But anger and frustration, like other human emotions, have circumstances where they are objectively justified and reasonable. One would say that in software development, for example, we aren’t really facing the questions of life and death, and getting worked up about something like that is silly. I agree that a lot of anger in comment sections is, indeed, silly – but not all of it.

                                    Let me bring an example. Recently I found out that one company, which is developing a technology which have been my main “specialisation” since 2012, have decided to move around different modules and in the process deleted documentation for one of it - so from new version on, instead of automatically generated API specification, with all classes and methods, I would have to refer to guides, organised by topic. This change is completely unnecessary, and will make my day-to-day work much harder. I spend 8 hours a day, 5 days a week, at my job, and something that they have done will make me a little bit more miserable, every day. And they don’t even have any reason for it. And a forum post that I’ve written, with detailed explanation of the issue, and then tweeted at them, have gone without a single reply.

                                    Now, if I would encounter the person who was responsible for this decision here in the comments in a relevant thread, I think that venting my frustration, while staying civilised, would be an appropriate response. Don’t you?

                                    1. 6

                                      And yet, being direct is often seen as being unkind. I’m strongly against ranking people on kindness – in addition to being very vague, the norms are highly cultural.

                                      I sometimes wonder if we’d be better of getting rid of votes entirely, and rely on people using their words.

                                      1. 6

                                        highly cultural

                                        But surely we’re seeking to build a lobste.rs culture?

                                      2. 2

                                        100% agreed. In my experience you’re also more likely to effectively get your argument across. However, it is a skill that requires effort to learn and apply – at least in my case.

                                        1. 1

                                          but you can’t guarantee that people will interpret your politeness as such

                                        2. 38

                                          I would much rather that people post abrasive content than risk them self-censoring for fear of appearing “unkind”. I’m afraid that lobste.rs would cease being a haven for constructive discussion

                                          The opposite is also true: some people stop posting after too many negative interactions, which also reduces participation.

                                          You call it “censorship”. Frankly, I’m starting to strongly dislike this term. It’s carelessly thrown around far too often. Every community has social norms, and online communities are no exception. If I’m an asshole to my friends then at some point they’ll start shunning me. If I join a football club (or scout group, or choir, or whatever) and act like an asshole then sooner or later I’ll be asked not to come next week. Would you call this “censorship”? I wouldn’t.

                                          I stopped posting on /r/programming at reddit after being called a “moron”, “idiot”, “retard”, accused of having an IQ lower than 65, was told that I “fucking suck at making software (and I guess generally anything)”, was told that my opinion was “hates speech” in two separate recent incidents (both over a technical disagreement, wtf?!), and just general unconstructive/aggressive/belittling/etc. word choice.

                                          It’s not that I’m that sensitive, but if you spend a lot of time writing a weblog post, or make some software, and you get told any of the above (which are all real quotes) then that’s … not great. It’s not that I get angry or “offended”, but it’s also not fun and if it happens a few times I’ll stop coming back (as happened on /r/programming). I think most people participate in these communities just for the fun of it. Sure, you also learn new stuff, but I think fun is an important – if not the most important – part for many.

                                          Constructive discussion can only happen if everyone feels like they can participate without the fear of being mistreated (belittling, aggressive replies, insults, etc.) If there is such a fear, then I will guarantee you that some people simply won’t post at all.

                                          I’m not sure (yet) if a flag is a good idea here for other reasons (I’ll make another top-level comment about that), but I do (strongly) disagree with your sentiment.

                                          1. 18

                                            I definitely use this site less over time because of the loud frequent posters who often carelessly put down people with insensitive wording. When I was junior I was able to justify spending the emotional energy listening to technically correct jerks, but nowadays it’s pretty rare that I get anything other than anger out of their childish communication. I only come on lobste.rs now when I’ve got pretty high emotional buffers, because otherwise it’s likely to just make me feel worse.

                                            1. 7

                                              I’ve only been here for a few months, so I can’t comment on Lobste.rs specifically, but I can comment on two general observations:

                                              • Often >90% of the problems come from ~1% of the people.
                                              • As a community becomes larger, it becomes harder to manage because mods don’t see most of what’s going on (making it harder to identify patterns).

                                              In many ways it’s the same as traffic; if you drive or cycle home you may encounter 100 drivers, so if just 1% is reckless driver then you’ll meet one most days. Also, like traffic, it’s hard to completely remove these people unless they commit gross offences. You can break traffic laws and be reckless for pretty much your entire life, and suffer very few consequences.

                                              Most of us act like an asshole sometimes; I know I do; I have pretty strong feelings about certain political topics, and sometimes I just have a bad day. But I’m not consistently an asshole. I think they key here is not to look at individual comments too much, but rather at long-standing patterns. There are just a few mods here, and they probably don’t see most of what’s going on. So the ability to see things like “hey, this user is responsible for 28% of all unkind flags” is the critical bit.

                                              I don’t know if this needs to be tied to downvoting. Could just be a separate flag. I don’t think it matters too much, as long as there’s an admin panel to see an overview.

                                            2. 6

                                              This is exactly what happened to Slashdot too. The loudest, most aggressive users gradually took over the comment section, and the more rational voices left. That site is now a quagmire of hate speech. I think it is a good idea to get ahead of it on this site, because it could happen here too. I like the discussion environment of this site, and I don’t want to lose yet another community.

                                              I think that the idea of shadowbanning from reddit could be combined with the stack overflow style of flagging bad behavior. If nobody can see abusive or trollish comments, then they don’t accumulate comments and effectively don’t exist (i.e., not rewarding bad behavior). Those users will either correct their behavior or stop posting altogether.

                                              1. 3

                                                I’m sorry you experienced that behaviour. I have myself, largely for holding unpopular political opinions[1] . It’s even more fun when people attack those positions in a social situation, before realising that someone in the group actually holds them :)

                                                The behaviour you describe crosses way beyond “abrasive” to downright abusive. I’d be okay with a flat out ban in the case of someone who called another poster a retard, for example.

                                                By “abrasive” I mean posts that might be terse, strongly critical, or dismissive. That is, posts that have issues with tone. Things that could be charitably interpreted as well intentioned.

                                                [1] I guess you’d call them Objectivist, for want of a better term. Strongly socially and economically liberal. The former is common in Australian tech circles, the latter rare. People here usually assume party-political alignment, so if you’re say in favour of open immigration, they assume you’re also in favour of progressive taxation.

                                                1. 1

                                                  The reddit example is of course much more extreme than anything I’ve seen here; but it does clearly illustrate the point that people can stop posting (“self-censor”) due to lack of moderation, too.

                                                  By “abrasive” I mean posts that might be terse, strongly critical, or dismissive. That is, posts that have issues with tone. Things that could be charitably interpreted as well intentioned.

                                                  A good rule-of-thumb is whether a comment makes you go sigh, “eh”, “pff”, or something similar, either by actually saying it or saying it “in your head”. You can be critical of what someone said and not evoke such a response. My previous comment was critical of your post, but I don’t think if evoked a “pff” response (or at least, I hope it didn’t!) but it’s not hard to imagine that it could with some stuff rephrased.

                                                  I know this is murky and unclear, but that’s the way language works, especially in a global community with different cultures, etc.

                                                  I think the key thing here is that “abrasiveness” accumulates. If you encounter an abrasive comment on occasion then that’s okay. Most people are abrasive some of the time (I know I am); that’s just the way things work. The problem is when people are abrasive most of the time, and you encounter abrasive everywhere you look.

                                                  I don’t think singular abrasive comments are a problem, or that people should be punished for it. But if they’re constantly making them then there is a problem that should be addressed. Also see my other reply in this thread: https://lobste.rs/s/xnjo8g/add_downvote_reason_unkind#c_kqtuqr

                                                  Analogy: Lobste.rs keeps track of “self promoters”; people who frequently post links to their own websites. Is this preventing people from submitting links to their own site? Not really; but it does help keep track of people who spam links too frequently. I think a potential “unkind flag” should work the same way.

                                                2. 2

                                                  “Censorship” is certainly an overused weasel-word nowadays. Moderation is (generally) not censorship.

                                                3. 9

                                                  Just to clarify, this kind of “bluntness” is of course perfectly acceptable. If you’d labeled my suggestion a “crap idea” on the other hand…

                                                  1. 4

                                                    And that’s the rub, isn’t it? I have no problem with having my ideas called crap, but don’t like calling people “crap”. Others might be more sensitive than you, and then you have a ratchet that moves in only one direction, as people say less, challenge each other less, and so on.

                                                  2. 4

                                                    Just to piggy-back on this a bit. I wholeheartedly applaud the heart behind this suggestion, I prefer that the tone be kept civil and polite here. However, kind/unkind might be a bit too subjective and might unwittingly stifle conversation. My concern is that for one person, a simple disagreement with an idea could be deemed “unkind” regardless of tone. My skin might be a little thinner, so my unkind trigger finger might be more prone to fire. I think troll covers abrasive behavior and perhaps some kind of flag could be used to alert moderators when issues arise and tone sinks too low in a conversation.

                                                  1. 2

                                                    Let’s consider you’re a reckless dude who thought a swap partition is unnecessary or just forgot about it during installation. Worry not, at least if you’re on linux

                                                    # cd /
                                                    # dd if=/dev/zero of=/pagefile.sys bs=1G count=8
                                                    # chmod 600 /pagefile.sys
                                                    # mkswap /pagefile.sys
                                                    # swapon /pagefile.sys
                                                    # $EDITOR /etc/fstab #optionally
                                                    
                                                    1. 4

                                                      Hmm, I wonder where I have seen that filename before :)

                                                      This approach is quite nice because it makes it easy to resize the swap. One downside is that suspend-to-disk won’t work if the disk is encrypted.

                                                      1. 1

                                                        This is extra fun especially on CoW filesystems like ZFS: you’re out of memory and need to swap… and you reach into the filesystem to write… whoops the filesystem needs more memory for itself…

                                                        1. 1

                                                          Apparently it’s (probably) reliable if (and only if) you turn all the ZFS features off & make sure to pre-allocate the file on disc. So no compression, no checksums, no data cache. Turn on any of those and you’re going to get deadlocks under memory pressure though.

                                                          (The FreeBSD people have run into exactly the same problem for the same reasons.)

                                                          1. 1

                                                            Gp has an interesting point re:cow filesystems - and you probably shouldn’t use a zfs file for swap. Otoh zfs also is a volume manager - using a zvol should be fine. However, it appears Solaris special-cased swap (avoiding dead-lock, trading for the option of swap bit rot…). So it appears one would be better off with a separate partition for now:

                                                            https://github.com/zfsonlinux/zfs/issues/7734

                                                            1. 1

                                                              zvol swap on FreeBSD is not fine, I have deadlocked that :D

                                                        1. 39

                                                          We need a name for this pattern around network protocols: “Embrace, Capture, Break away, Lock-in”

                                                          • Embrace a communication standard
                                                          • Capture: attract a large user base
                                                          • Break away: break backward compatibility and/or provide a worse UX for those outside of your walled garden
                                                          • Lock-in: corner in the userbase

                                                          Google did this with Google Talk vs XMMP, email (try running your own mailserver), AMP, RSS…

                                                          1. 14

                                                            Email is still mostly unmolested if you understand the security and spam context; it’s not that google made it impossible to run your own smtp server, but in order to do so and not get flagged as spam, there are a lot of hoops to jump through. IMHO this is a net benefit, you still have small email providers competing against gmail, but much less spam.

                                                            1. 15

                                                              Email is mostly unmolested because it’s decentralized and federated, and a huge amount of communication crosses between the major players in the space. If Google decided they wanted to take their ball and go home, they would be cutting of all of Gmail, Yahoo mail, all corporate mail servers, and many other small domains.

                                                              If we want to make other protocols behave similarly, we need to make sure that federation isn’t just an option, but a feature that’s seamless and actively used, and we need a diverse ecosystem around the protocols.

                                                              To foster a diverse ecosystem, we need protocols that are simple and easy to implement, so that anyone can sit down for a week in front of a computer and produce a compatible version of the protocol from first-enough principles, and build a cooperating tool, to diffuse the power of big players.

                                                              1. 9

                                                                So how do you not get flagged for spam? I want to join you. I run my own e-mail server and have documented the spam issue here:

                                                                https://penguindreams.org/blog/how-google-and-microsoft-made-email-unreliable/

                                                                The only way to combat Google and Microsoft’s spam filters is sending my e-mail, texting my friend say, “Hey I sent you an e-mail. Make sure it’s not in your spam folder.” Usually if they reply, my e-mail will now get through .. usually. Sometimes it gets dropped again.

                                                                I have DKIM, DMARC and SPF all set up correctly. Fuck Gmail and fuck outlook and fuck all the god damn spammers that are making it more difficult for e-mail to just fucking work.

                                                                1. 3

                                                                  Forgive the basic question: do you have an rDNS entry set for your IP address so a forward-confirmed reverse DNS test passes? I don’t see that mentioned by you in your blog post, though it is mentioned in a quote not specifically referring to your system.

                                                                  It’s not clear who your hosting provider (ISP) is, though the question you asked them about subnet-level blocking is one you could answer yourself via third-party blacklist provider (SpamCop, Spamhaus, or many others of varying quality) and as a consequence work with them on demonstrable (empirical) sender reputation issues.

                                                                  1. 8

                                                                    Yes I’ve been asked that before and haven’t updated the blog post in a while. I do have reverse DNS records for the single IPv4 and 2 IPv6 addresses attached to the mail server. I didn’t originally, although I don’t think it’s made that big a difference.

                                                                    I’ve also moved to Vultr, which blocks port 25 by default and requires customers explicitly request to get it unblocked; so hopefully that will avoid the noisy subnet problem so often seen on places like my previous host, Linode.

                                                                    I think a big factor is mail volume. Google and Microsoft seem to trust servers that produce large volumes of HAM and I know people at MailChimp that tell me how they gradually spin up newer IP blocks by slowly adding traffic to them. My volume is very small. My mastodon instance and confluence install occasionally send out notifications, but for the most part my output volume is pretty small.

                                                                    1. 8

                                                                      Email is inherently hard, especially spam filtering; Google and Microsoft just happen to be the largest email providers, so it appears to be a Google or Microsoft problem, but I don’t think it is.

                                                                      E-mail was once the pillar of the Internet as a truly distributed, standards-based and non-centralized means to communication with people across the planet.

                                                                      I think you’re looking through rose-tinted glasses a bit. Back in the day email was also commonly used to send out spam from hijacked computers, which is why many ISPs now block outgoing port 25, and many email servers disallow emails from residential IPs. Clearly that was suboptimal, too.

                                                                      Distributed and non-centralized systems are an exercise in trade-offs; you can’t just accept anything from anyone, because the assholes will abuse it.

                                                                      1. 4

                                                                        Cheap hosting is very hard to run a mailserver from because the IP you get is almost certainly tainted.

                                                                        Having valid rDNS, SPF & DMARC records helps.

                                                                  2. 13

                                                                    It’s also not really a Google issue; many non-Google servers are similarly strict these days, for good reasons. It’s just that Google/Gmail is now the largest provider so people blame them for not accepting their badly configured email server and/or widely invalid emails.

                                                                    I’ve worked a lot with email in the last few years, and I genuinely and deeply believe that at least half of the people working on email software should be legally forbidden from ever programming anything related to email whatsoever.

                                                                    1. 2

                                                                      In other words, Google didn’t have to break email because email has been fundamentally broken since before they launched GMail.

                                                                      Worse, newer protocols like Matrix and the various relatives of ActivityPub and OStatus don’t fix this problem.

                                                                      1. 7

                                                                        Matrix, ActivityPub and OStatus don’t fix Email? Well it’s almost as if they are trying to solve other problems than internet mail.

                                                                        1. 3

                                                                          You completely and utterly missed the point.

                                                                          Mastodon, Synapse, and GNU Social all implement a mixture of blacklists, CAPTCHAs, and heuristics to lock out spambots and shitposters. The more popular they get, the more complex their anti-spam measures will have to get. Even though they’re not identical to internet mail (obviously), they still have the same problem with spambots.

                                                                          1. 11

                                                                            Those problems are at least partly self-inflicted. There’s nothing about ActivityPub which requires you to rehost all the public content that shows up. You can host your own local public content, and you can send it to other instances so that their users can see it.

                                                                            Rehosting publicly gives spammers a very good way to see and measure their reach. They can tell exactly when they’ve been blocked and switch servers. Plus all the legal issues with hosting banned content, etc.

                                                                            1. 3

                                                                              You’re acting as if that ONE problem (abusive use) is THE only problem and the rule and guide with which we should judge protocols.

                                                                              While a perfectly reasonable technocratic worldview, I think things like usability are also important :)

                                                                              1. 9

                                                                                In general, you’re right. A well-designed system needs to balance a lot of trade-offs. If we were having a different conversation, I’d be talking about usability, or performance, or having a well-chosen set of features that interact with each other well.

                                                                                But this subthread is about email, and abusive use is the problem that either causes or exacerbates almost every other problem in email. The reason why deploying an email server is such a pain is anti-spam gatekeeping. The reason why email gets delayed and silently swallowed is anti-spam filtering. The reason why email systems are so complicated is that they have to be able to detect spam. Anti-backscatter measures are the reason why email servers are required to synchronously validate the existence of a mailbox for all incoming mail, and this means the sending SMTP server needs to hold open a connection to the recipient while it sifts through its database. The reason ISPs and routers block port 25 by default is an attempt to reduce spam. More than half of all SMTP traffic is spam.

                                                                                If having lots of little servers is your goal, and you don’t want your new federated protocol to have control under a small number of giant servers, then you do need to solve this problem. Replicate email’s federation method, get emails emergent federation behavior.

                                                                        2. 5

                                                                          XMMP has a lot of legitimate issues. Try setting up a XMMP video chat between a Linux and macOS client. I’d rather lose my left arm than try doing that again.

                                                                          1. 7

                                                                            Desktop Jingle clients never really matured because it wasn’t a popular enough feature to get attention.

                                                                            These days I expect everyone just uses https://meet.jit.si because it works even with non-XMPP users and no client

                                                                            1. 0

                                                                              I just got jitsi working w/ docker-compose meet.dougandkathy.com – not headache free, but no way I could build it myself

                                                                            2. 1

                                                                              Audio, video and file transfer is still very unreliable on most IM platforms. Every time I want to make audio or video call with someone we had to try multiple applications/services and use the first one that works.

                                                                              1. 0

                                                                                Microsoft Teams does this pretty well, across many platforms. Linux support is (obviously, I guess) still a bit hacky, but apparently is possible to get to work as well.

                                                                            1. 6

                                                                              That repo is pure nostalgia fest for me, even though I skipped the 80s text adventure scene. I played a lot of the games that were released in the 90s on the back of Graham Nelsons work building a compiler for the z-machine & have all of these infocom games on a CDROM (released by Activision at some point) which is somewhere in the loft.

                                                                              All these games were being referenced by people within the scene all the time; it’s fantastic to have all this detail about them finally available to everyone. I hope they stay up & we shift the acceptable position on availability of copyrighted data for the sake of historical analysis away from ‘the copyright owner gets to insist that absolutely everything must stay locked up forever regardless of the wishes of everyone else’.

                                                                              1. 8

                                                                                Andrew Plotkin’s blogpost on the topic.

                                                                                Twitter thread on the release from Jason Scott of textfiles.org

                                                                              1. 4

                                                                                Similar to JordiGH I know about the dangers of agent forwarding, but how exactly am I supposed to do the work I need to do on remote machines without it? Namely, I need to be able to e.g. git clone private repos using the creds on my laptop when I’m on a remote host. What other solution is there?

                                                                                1. 12

                                                                                  Use more different keys. The key to run git clone should not be the key to become root on the database server.

                                                                                  1. 4

                                                                                    That’s a use case I haven’t hit, personally. You could invoke ssh-add with the -c flag so that ssh asks for confirmation before the key is used. On macOS, you’ll probably need something like theseal/ssh-askpass for the prompting to work.

                                                                                    1. 2

                                                                                      Or use gpg-agent with a yubikey. With tap confirmation enabled on the yubikey :)

                                                                                      1. 4

                                                                                        This is actually only of limited use. The attacker waits for you to attempt a connection, then uses that opportunity to have your agent auth their connection. Then, oops, network interruption and you disconnect.

                                                                                        1. 2

                                                                                          I always found the GPG setup too much of a faff. Using PKCS#11 with OpenSSH directly is much easier. I wrote up a howto (mostly for my own sanity): https://github.com/jamesog/yubikey-ssh

                                                                                      2. 3

                                                                                        You can’t do that without SSH agent forwarding, but there are other options and remediations:

                                                                                        You can clone locally and scp it to the remote host, or you can turn on SSH agent forwarding only for a very brief period of time while the clone is happening, then log out immediately after it completes and reconnect without forwarding. You should not do forwarding by default.

                                                                                        Edit: upon further reflection, turning on agent forwarding for a short amount of time isn’t that much better than having it on regularly since the compromised host can be set up to watch for incoming connections and automatically hijack your agent as soon as you connect so I don’t recommend that.

                                                                                        1. 2

                                                                                          In some cases it can be worthwhile to generate key material on the remote host itself, then authorise that material to pull the repo you need. GitHub can do this with, I think, “deploy keys” – and if you have gitosis, or whatever, you can obviously do whatever you like.

                                                                                          1. 2

                                                                                            is ProxyJump enough?

                                                                                            1. 6

                                                                                              No. That lets you login to a third machine via a second machine, but not from the second machine.

                                                                                              You are on apple. You login to banana, a public host. You want to access carrot, a private host reachable from banana. Proxy lets apple login and access carrot. But a shell on banana can’t connect to carrot. Forward lets banana access carrot.

                                                                                              If, for example, you want to transfer a file via sftp from carrot to banana, your choices are agent forwarding and a direct transfer, or a proxy and downloading to apple and uploading back to banana.

                                                                                              1. 1

                                                                                                You could also use SSH TCP forwarding on the apple-banana connection to make it so that you could use apple as a ProxyJump host from banana. So your connection would go banana->apple->banana->carrot. But that’s pretty convoluted, and is basically just an optimization of the “download to apple and upload back to banana” plan.

                                                                                            2. 1

                                                                                              Separate keys for git authentication & login?

                                                                                            1. 1

                                                                                              Could do with an ordered list of links to the articles in the README.md, as otherwise the reader has to go to the summary file to read them in order, but Github shows the README by default.

                                                                                              1. 2

                                                                                                This layout just satisfy gitbook requirement. I think you can read https://nanxiao.gitbooks.io/perf-little-book/content/.

                                                                                                1. 1

                                                                                                  Ah, awesome. Maybe link to that instead?

                                                                                              1. 6

                                                                                                An oldie, but still a goodie. See also which Simon Tatham’s co-routines in C library which (ab)uses Duff’s device to hopefully useful effect.

                                                                                                1. 3

                                                                                                  That @ thing looks remarkably perl-ish.

                                                                                                  1. 2

                                                                                                    This seems great in lots of ways, but also brings the obvious side effect that your employer is now able to watch every single keystroke. No slacking off for you, lowly contractor!

                                                                                                    1. 2

                                                                                                      I can’t believe you guys beat microsoft to the punch on this, well done

                                                                                                      1. 1

                                                                                                        I imagine one exit they’ve planned for is MS simply buying them out.

                                                                                                      1. 9

                                                                                                        The whole systemd battle, Rice said, comes down to a lot of disruptive change; that is where the tragedy comes in. Nerds have a complicated relationship to change; it’s awesome when we are the ones creating the change, but it’s untrustworthy when it comes from outside. Systemd represents that sort of externally imposed change that people find threatening. That is true even when the change isn’t coming from developers like Poettering, who has shown little sympathy toward the people who have to deal with this change that has been imposed on them. That leads to knee-jerk reactions, but people need to step back and think about what they are doing. “Nobody needs to send Lennart Poettering death threats over a piece of software”. Contempt is not cool.

                                                                                                        So, everyone’s talking about the technical merits of systemd but I think this is actually one of the more interesting bits of the write-up.

                                                                                                        When I read people’s commentary on systemd, my first blush reaction is always “This just isn’t rational.”.

                                                                                                        Sure, people can make some good points, but I think you can learn a lot about people’s reactions to things by looking at the adjectives they use. “Bloated” “Crap” “Buggy” “Complicated” “awful” etc.

                                                                                                        Now, I don’t happen to enjoy some of the changes systemd has brought. I’m an old school UNIX guy and I miss being able to tail -f /var/log/messages to be sure, BUT I recognize that change is inevitable, and that if we want UNIX to continue to be a viable operating system choice it must continue to evolve.

                                                                                                        Whether or not you feel that systemd is the correct next step in that evolution is up for debate, but nothing lasts forever.

                                                                                                        1. 13

                                                                                                          Now, I don’t happen to enjoy some of the changes systemd has brought. I’m an old school UNIX guy and I miss being able to tail -f /var/log/messages to be sure, BUT I recognize that change is inevitable, and that if we want UNIX to continue to be a viable operating system choice it must continue to evolve.

                                                                                                          But – is this a positive evolution? What, in practical terms, was the ability to tail -f /var/log/messages actually holding back?

                                                                                                          These kinds of claims seem to presuppose that all change is an evolutionary good in-and-of-itself. Sometimes, frequently even, change can be a step backwards.

                                                                                                          1. 4

                                                                                                            That’s a valid question, and a very hard one to answer. Technology is both tool and craft, right?

                                                                                                            As a tool, I can tell you that SystemV init feels good in my hand. I could craft /etc/rc.d scripts in my sleep. Does that make SysV init superior to systemd?

                                                                                                            One of the accusations I see leveled at systemd is that it’s a solution without a problem, and that’s totally valid. Determining whether or not systemd is positive or negative evolution strikes me as a difficult problem and I suspect the answer will vary from person to person and use case to use case.

                                                                                                            1. 4

                                                                                                              This reddit thread linked by https://lobste.rs/s/hwsvmc/systemd_as_tragedy#c_zxl9it up the thread contains some of the problems that systemd was designed to be the solution for.

                                                                                                            2. 3

                                                                                                              Here is what Poettering wrote:

                                                                                                              Why doesn’t the journal generate traditional log files?

                                                                                                              Well, for starters, traditional log files are not indexed, and many key operations very slow with a complexity of O(n). The native journal file format allows O(log(n)) complexity or better for all important operations. For more reasons, refer to the sections above.

                                                                                                              Why do you guys reinvent the wheel, again? Why not just add what you need to existing syslog? If you just clean up your log formatting, syslog should be fine!

                                                                                                              Well, sometimes improving an existing solution is the way to go, but when the changes necessary are too major a reinvention is a good thing, if it is done for the right reasons, and provides good compatibility with previous solutions. We believe we are doing it for the right reasons, and we try hard to provide greatest possible compatibility.

                                                                                                              And no, just fixing the log formatting won’t get you much. Not even the most basic requirements like binary blobs or sensible structured logging. Let alone stuff like indexing or proper access control.

                                                                                                              1. 4

                                                                                                                Yeah, and he also wrote:

                                                                                                                Finally, you are actually wrong in believing that systemd was an abomination.

                                                                                                                1. 4

                                                                                                                  Is there a list of important operations on log files?

                                                                                                                  1. 6

                                                                                                                    Well, for starters, traditional log files are not indexed, and many key operations very slow with a complexity of O(n)

                                                                                                                    Very slow, huh? [1]

                                                                                                                    I have never heard of anyone complaining that plaintext logs took too long to search. grep has always been fast enough for any problem I’ve ever seen or heard of. You’d have to have hundreds of GBs of logs (or a very slow platter disk).

                                                                                                                    The only situation I can imagine a situation involving hundreds of GBs of logs is in a distributed system. And at that point, it probably is worth using something like ELK or Splunk to do log aggregation…

                                                                                                                    It’s yet example of a “problem” that no one has that systemd attempts to solve. And the solution is quite poor, in my opinion.

                                                                                                                    [1] I also hate when devs grandstand with Big-O notation. Yes, it’s useful in some cases as a high-level comparison of various algorithms. But performance of any real world application is improved by instrumentation and benchmarking. Not thinking really hard.

                                                                                                                    1. 2

                                                                                                                      Fwiw, I would much rather have Systemd and perhaps some helper do the log aggregation for me if that meant that we could burn all the world’s ELK stacks with fire.

                                                                                                                  2. 3

                                                                                                                    I basically do the tail -f /var/log/messages both at home and at work (I’m a developer). I have a system set up to get a live feed of syslog output, which is also color coded (warnings are yellow, debug messages blue, errors red, etc). and typically have a terminal set aside for this view. Most of my work is writing server software, so when debugging, I can see its output during testing.

                                                                                                                    I can see problems that happen in real time. It’s also interesting to see how Mac OS-X is closing down over time (WARNING! THIS EXECUTABLE YOU WROTE IS UNSIGNED! WARNING! WARNING!). And there’s an attempt to ssh into my box. And I just noticed that my UPS monitoring software is down.

                                                                                                                    Granted, I’m only monitoring a few servers, not hundreds of them. But I find it fun to just watch the logs flow by (oh look, com.apple.CDScheduler is spewing debug messages again).

                                                                                                                  3. 5

                                                                                                                    People realize that journalctl can replicate the tail follow behavior as well, right? Honestly journald is basically my favorite systemd feature.

                                                                                                                    1. 3

                                                                                                                      I suspect a huge amount of the grar over systemd could have been avoided if the systemd developers had written up a short cheat sheet with all the common use cases for the tools systemd replaced shown as systemd commands to smooth over that initial “argh! why has everything changed for no reason!” response.

                                                                                                                      tail -f /var/log/syslog => journalctl -f
                                                                                                                      etc etc
                                                                                                                      

                                                                                                                      (Maybe there was one & I just never saw it?)

                                                                                                                  1. 3

                                                                                                                    Ideally, all these custom allocators would be updated to include ASAN support - you can mark any allocated memory as ‘allocated, but poisoned as far as ASAN is concerned’.

                                                                                                                    1. 4

                                                                                                                      I’m not sure this is the best way.

                                                                                                                      Some of these applications (including Apache) have Valgrind support. Which well, works for Valgrind, which was once the tool to use for these things, but it’s clearly outperformed by ASAN today.

                                                                                                                      It seems like a better approach to just have a “make every allocation a real call to malloc” mode, which will work for all current and future tools in that space.

                                                                                                                    1. 19

                                                                                                                      The author isn’t alone. I’ve gone back to Linux after over a decade as an avid Mac user.

                                                                                                                      Now if only I could figure out why every major Linux distro is pig piling into the Gnome project when it seems to be having very serious design and stability issues….

                                                                                                                      1. 12

                                                                                                                        In GNOME’s defense, as far as I know, it has the best accessibility for people with disabilities, especially blind people who need a screen reader. KDE’s page on testing with a screen reader says to just use GNOME for now. As far as I know, the lighter-weight desktop environments, window managers, and other such utilities generally don’t support this kind of accessibility at all. So it makes sense for a distro with a general audience to default to GNOME.

                                                                                                                        I don’t mean to start a DE flame war; I’m just stating what I believe to be a fact. If I’m wrong, please correct me.

                                                                                                                        1. 8

                                                                                                                          This is kind of symptomatic of the slowly improving but still not amazing state of LInux desktop accessibility.

                                                                                                                          Gnome itself doesn’t provide any kind of full screen zoom. I’m partially blind and NEED that in order to do anything useful with a computer. Like. At all.

                                                                                                                          Ubuntu started providing full screen zoom (as well as screen reader support right from the login dialog) in a recent-ish release - 17.something maybe, so kudos to them for that.

                                                                                                                          KDE provides super awesome very smooth key chorded full screen zoom out of box.

                                                                                                                          And, to be fair, I WANTED to love Gnome, I literally tried for MONTHS to get it running and filed a ton of exceedingly detailed bugs even practically begging for potential work-arounds to no avail.

                                                                                                                          This is where I wish I were retired already because I’d LOVE to strap on my rusty C hip waders and dive in there to fix all these issues, but alas I’m not there yet and can’t :) So it’s KDE for me.

                                                                                                                          1. 2

                                                                                                                            Ah, I wasn’t familiar with the state of screen magnification in the free desktop environments. I’m not a partisan, just an interested observer for now.

                                                                                                                            1. 2

                                                                                                                              Can’t you use X.org’s zoom mode to magnify the screen & scroll around?

                                                                                                                              1. 2

                                                                                                                                That’s only part of what a full-featured screen magnifier for visually impaired people does. Another very useful feature is automatically tracking the current keyboard focus, or the caret in an editing context. @feoh Does your current magnification solution do this? Note that this feature is typically implemented by consuming the same accessibility API that a screen reader uses.

                                                                                                                                1. 1

                                                                                                                                  I didn’t know such a thing existed. How does one invoke it? I can’t find any reference to such a thing online.

                                                                                                                                  1. 5

                                                                                                                                    Back in the days of yore it was common to have several resolutions defined in xf86.conf - and later Xorg.conf - between which you could switch using CTRL ALT Keypad-+ and CTRL ALT Keypad_-. X11 would render to the maximum resolution, if one of the lower display resolutions was chosen the monitor would display a viewport on the X11 root window which would scroll with the pointer, no further configuration necessary. This made it possible to run programs which needed a higher resolution than the video subsystem could display - handy on those laptops with 800x600 screens - but is also offered the possibility to make the screen more readable for those who needed such. It is called ‘Virtual display’ and still exists:

                                                                                                                                    https://www.x.org/releases/X11R7.7/doc/man/man5/xorg.conf.5.xhtml#heading13

                                                                                                                                    1. 3

                                                                                                                                      Ooh I actually remember this!

                                                                                                                                      But tell me, at least in the Linux world, who messes around with X1186Config these days? :) (Or whatever it’s called now.)

                                                                                                                                      involuntary shudder as I flash back to 20 years ago and that moment of SUPREME TRIUMPH when I finally got X to fire up on my monitor/video card combination. It was like some kind of horrid rite of passage. Thank goodness we’ve moved on from that :)

                                                                                                                                      1. 3

                                                                                                                                        The mere fact that you generally don’t have to configure anything is a good thing but I’d say an even better thing is that it is still possible to do so for those who feel the urge. This could be an example of such an urge…

                                                                                                                                        1. 2

                                                                                                                                          “The good old days.”

                                                                                                                                          I used to rock fvwm2.

                                                                                                                                          1. 2

                                                                                                                                            fvwm2 & rxvt! :)

                                                                                                                                      2. 4

                                                                                                                                        I use arandr, but no doubt there are other ways to do it — it’s just a wrapper over xrandr.

                                                                                                                                        I use it to manage multiple screen layouts, but I just tested, and it can set a higher-than normal resolution which is quite restful on the eyes.

                                                                                                                                        I didn’t play with it long enough to figure out how to scroll around, but I know I’ve done that in the past.

                                                                                                                                    2. 2

                                                                                                                                      Gnome itself doesn’t provide any kind of full screen zoom

                                                                                                                                      Huh, that’s odd. Even Weston does. You know, the reference compositor that’s not intended to be usable by end users at all.

                                                                                                                                      1. 1

                                                                                                                                        My Gnome accessibilty settings dialog includes a “Zoom” feature, one of whose options is “Full Screen Zoom”. I take it that this isn’t the same as the “full screen zoom” you need?

                                                                                                                                        1. 1

                                                                                                                                          I don’t know. Given that I can’t get Gnome 3 running on Ubuntu on my laptop I haven’t been able to test it very much, but it certainly sounds like the right thing.

                                                                                                                                    3. 2

                                                                                                                                      XFCE works reasonably well if all you want is a “normal” window manager. LXDE works too if you want even less visual effects and baked-in functionality.

                                                                                                                                      1. 3

                                                                                                                                        Neither provide any kind of full screen zoom for the visually impaired :( I’m sure you could figure out how to layer in Compiz but KDE comes with one out of box.

                                                                                                                                        That said both XFCE and i3 (not a desktop, I know :) are fantastic and were I not visually impaired I would definitely consider them.

                                                                                                                                      1. 5

                                                                                                                                        If as a website user I’m looking at a drop-down list of Polish cities, I want to see Łódź somewhere between Lublin and Malbork, not somewhere after Zamość.

                                                                                                                                        1. 2

                                                                                                                                          Is the database the right place to solve that? What if a German user asks for a list of German cities? Do we create a separate table for every country?

                                                                                                                                          1. 2

                                                                                                                                            In Postgres, you can use collation-aware sorting at the query level (like this: SELECT * FROM regexp_split_to_table('abcćdeęfgoöä', '') s (l) ORDER BY s.l COLLATE "de_DE.utf8";), at the column level (if, for example, you have table “products” and columns “german_name”, “russian_name” and so on) and at the database level. The server will use the most specific one. Indexes can be sorted according to a collation, too, so you can have multiple indexes on the same column but with different collations.

                                                                                                                                            1. 1

                                                                                                                                              If you’re generating a per-country city list, sorting that list (what max ~ 200 entries?) by locale specific string sort order should be trivial. Unless you’re in a world where switching locale is extremely heavyweight?

                                                                                                                                              1. 1

                                                                                                                                                Yes, in many cases it’s the right place. I believe one of the most common applications will be pagination + ordering. If you can’t do ORDER BY ... LIMIT ... at the database level and expect meaningful results then the alternative is fetching all rows, ordering them in the app, and slicing the resulting array to get the results you want. For larger data sets this isn’t feasible.

                                                                                                                                                The problem of handling multiple locales in a single app is definitely interesting and I don’t have an easy answer. It’s easy to enforce some order on the rows but it doesn’t mean it’ll make sense to the user.