Threads for pwelch

  1. 1

    I use Quiver and back up the files from it with a simple bash script each day that pushes to a private repo.

    BoostNote is a similar app that’s cross platform if you’re not on a Mac.

    Jrnl is nice if you’re looking for a command line tool.

    I like that they have published data formats so you can easily back them up or export the data to something else later.

    1. 18

      I’ve already configured my own DNS settings, and I resent Firefox overriding that without asking me. Furthermore, I trust my ISP more than I trust Firefox, Mozilla, or CloudFlare.

      This is the type of thing that will eventually make me stop using Firefox (again).

      1. 8

        Do you mind if I ask which ISP you trust more than Mozilla?

        1. 3

          I too already configured my own DoH settings (because I saw the writing on the wall) and I hope Firefox doesn’t overwrite them. I set up my own DoH server at home (yes, I run DNS, but I’ve been doing that for nearly twenty years now).

          1. 4

            Hope you don’t mind me asking, but how does running your own DoH server help? All the underlying DNS queries from it could be mapped to you with very high probability. Or is there some mechanism to tunnel underlying DNS to an upstream to mask that?

            1. 2

              You can just cache entries. So even if you visit some page later the request was already made, so you will leak less information about yourself.

              1. 6

                Isn’t that also true when not using DoH at all?

                1. 1

                  Yup. It’s amusing to see just how many DNS queries a web browser makes.

              2. 2

                It all comes back to me. But given that TLS still leaks the server name (TLS 1.3 fixes that, but it’s not everywhere yet) it’s not that big of an issue with me. I’ve been of the opinion (since 1989 when I first came across the Internet) that anything done on the Internet is public by it’s very nature—even encryption still leaks the IP address you are connecting to [1]. Yes, there’s TOR, but that’s still vulnerable to privacy attacks.

                [1] One the one hand, you have the crowd that decries the every increasing centralization of the Internet. On the other hand you have the crowd that decries the PII that leaks out (like an IP address). It’s like people want decentralization with total privacy. I’ll just say “Good luck with that.”

                1. 2

                  Centralization makes it so that one party can see everything and the rest can see near to nothing. Decentralization makes it so that many parties can see some things each, but it takes a lot of effort to see everything.

                  A privacy model based on centralizing is doomed from the start, because there’s only a single line of defence. It is easier to hack/bribe/subpoena one very strong party than it is to hack/bribe/subpoena many weaker parties.

        1. 31

          The Dell XPS series has a firmware so bad that its engineers should be strung up in the town square for building it

          Perhaps this is nitpicking, but language like this really rubs me the wrong way. It’s short sighted because it assumes it’s all the engineers fault. It’s the kind of language I might expect from somebody with zero people skills and new in the industry, not from somebody who has been around for a while. There’s no place and time where suggesting we hang people because of their work should be acceptable.

          Setting that aside, I don’t understand what the point of this post is. It’s literally just a rant about laptops, but there’s no conclusion or anything. That’s of course fine for a personal blog, but I think such content does not belong on lobste.rs. I flagged the post for this reason.

          In terms of laptops, the X1 Carbon series is pretty good. Support is a bit iffy here and there (e.g. the microphone does not work until Linux 5.5), but this is true for pretty much any laptop that came out in the last two years or so. I had a X1 Carbon 3rd generation that worked perfectly, and recently replaced it with a Gen 7 since my Gen 3 was due for a replacement. They’re a bit expensive, but the X1 series is a good series.

          1. 5

            language like this really rubs me the wrong way

            Oh, please! This is obviously an over the top exaggeration used as a rhetorical device. Nobody is asking to kill anybody here. This is a common device in the English language, used often for fun, that even a non-native speaker as me was not confused about.

            1. 13

              This is essentially the same as saying “It’s just a prank!”, which is about the worst excuse for anything.

              1. 5

                No. It is just colorful language, and perfectly appropriate for a personal, light-hearted, blog post.

                1. 3

                  No. The 90s wants its Torvalds back. This is never appropriate. Even if you’re joking. It’s a personal attack whether it’s a joke or not. Imagine being on the receiving end of this. Imagine walking up to one of the XPS engineers and saying this to their face!

                  This blog post isn’t light-hearted - it’s full of spite - and “personal” is at its limits when you’re a high-profile developer publishing something on the Internet. So, overall, no.

                  1. 4

                    No. The 50s wants its censure back. Fortunately, Monty Python showed us that it is ok to say “fuck” in TV, even on a funeral, and to mock religion. Regardless of whether some people is offended.

                    1. 5

                      There is a huge difference between saying “fuck”, mocking religion, and suggesting that we hang people (and for laptops out of all things).

                      I’m also unsure where you see the censorship here. Nobody is telling Drew he can’t share his opinion. But just as Drew is free to share his opinion, so are others free to hold him accountable for that; especially when he suggests we physically attack a group of people.

                      This brings me to something important and often misunderstood: the right to free speech does not give you the right to say whatever you want without repercussions. Instead, it simply means the government can’t prosecute you for expressing an opinion within the boundaries of the law. I’m pretty sure that suggesting we hang people is not only tasteless, but potentially also outside of the boundaries of free speech.

                  2. 1

                    how is this blog post light-hearted, it’s called “fuck laptops”

                    1. 6

                      how is this blog post light-hearted, it’s called “fuck laptops”

                      It is light-hearted precisely because it is titled “fuck laptops”. The profanity right at the title is a clear indicator that the content of the post is not going to be extremely serious, and it will use a certain amount of hyperbole. When you say that “you are dying to go to that restaurant” nobody in their right mind is going to call a suicide line. Likewise, if I say that you should be tarred and feathered for misunderstanding such an obvious joke, nobody is going to accuse me of hate crime, death threat or intimidation.

                      1. 6

                        Do you find it in the least bit strange that, in the face of multiple commenters disagreeing with your disagreement with one of the most upvoted comments on this post, your argument consists of statements like “Oh, please! This is obviously . . .”, “even a non-native speaker as me was not confused about”, “the title is a clear indicator that the content of the post is not going to be extremely serious”, and an analogy to “such an obvious joke”?

                        Doesn’t it seem like your argument that “it’s obvious” isn’t likely? If the case you’re stating was as obvious to others as it is to yourself, you wouldn’t have to make the case to so many different commenters as well as upvoters.

                        Just to be clear, I’m not saying that Drew should or should not use the rhetorical style that he did. I think he has a fair point when he says that he doesn’t post this kind of thing to lobsters and he’s just writing for himself. tptacek made a similar point about his writing on HN – he feels limited in what he can write since any random thought he posts to his blog will make it to HN.

                        1. 3

                          Isn’t it obvious in this case that your argument that “it’s obvious” cannot possibly be correct?

                          I guess everybody understood the joke, including some people who just wanted to make a fuss about it.

                        2. 1

                          Swearing in a blog post is not a universally-understood signal that its contents are not supposed to be taken seriously.

                  3. 4

                    The point was also that the language was used to make engineers look bad without knowing the circumstances.

                    Overall the tone in the post is unfriendly and offensive, a bit more than necessary for a rant.

                  4. 3

                    My 2016 or 2017 era XPS13 model 9360 no touchscreen is perfect.

                    • kensington lock so i can take a pee at a conference without needing to carry my laptop in like a weirdo.
                    • sleep on screen shut and resume wokrs and has done since day 1
                    • 2 usb A ports & a usb c port that can drive external display and GB network
                    • onsite repair warranty seriously this was amazing when they came round and replaced the keyboard -all day battery use while coding and sysadmin if i dont crank brightness to full -dreaded coil whine never bothered me
                    • has gone completely in bios and video driver update
                    • all of the above works on FreeBSD its my daily laptop except the SD card
                    • i replaced whatever wifi it came with an intel 8265 which is adequate

                    Pity the whiners are banging on Drew. Write your own display drivers then. Its his blog so whatever its hardly controversial and the exaggeration is not imo excessive.

                    1. 2

                      Perhaps this is nitpicking, but language like this really rubs me the wrong way. It’s short sighted because it assumes it’s all the engineers fault. It’s the kind of language I might expect from somebody with zero people skills and new in the industry, not from somebody who has been around for a while. There’s no place and time where suggesting we hang people because of their work should be acceptable.

                      This. For what it’s worth I agree.

                    1. 13

                      I have https://www.brother-usa.com/products/hl3170cdw, which seems to work quite nicely with generic printer drivers on my NixOS system, and has specific drivers for the other Linux systems I’ve used in the past (e.g. Arch).

                      When researching this very question a couple of years ago, I found that Brother seems to make reasonably-priced and Linux-compatible printers, and so far I haven’t been disappointed on either front!

                      1. 9

                        I’ll second the Brother recommendation. I purchased an HL-L2370DW a little over a year ago ($80 at Best Buy on Black Friday). After configuring it onto my wi-fi network, all the machines in my house detected it and offered it in their print dialog boxes right away without any further configuration. This includes one running Xubuntu 18.04. The CUPS drivers included with the distro were all I needed. “Laser”, automatic duplex, and wireless. It’s been working nicely ever since.

                        1. 3

                          I have an HL4150-CDN. It’s not very recent (2012) but still works without any issue. When it was new, there were some issues with Brother’s dialect of Postscript (BR-Script), leaving you with either a slow open source driver or a fast proprietary one. But it now works without any issue with the driver shipped by CUPS. Newer models are now driver-less and understand PDF, so this shouldn’t be an issue anymore.

                          1. 2

                            Adding my vote for Brother. I’ve had one for years and it’s been solid. Plus they have drivers for the major OSes including Linux.

                          1. 3

                            Brew bundle is indeed very nice, albeit occasionally slow. I’ve generated two Brewfiles (one for Darwin and one for Linux kernels) and integrated them in my dotfiles in order to maintain consistency across different machines. I can think of a few ways to improve it (for instance, pin brew bundle to a file and update it automatically whenever software is [un|in]stalled,) but all told, quite happy with it.

                            1. 1

                              I’ve done the same thing. A Brewfile in my dotfiles makes it really easy to keep my machines in sync.

                            1. 3

                              I like apps that allow me to export the data easily and also keep the data in a git repo.

                              I mainly use Quiver but have used Jrnl & Boostnote in the past.

                              My workflow is currently:

                              • A folder for each quarter of the year (2019Q1)
                              • Create a date entry note for each day
                              • Keep standup notes, debugging, research, etc
                              • Run a small script that creates a backup each night and pushes to a private git repo
                              1. 3

                                I’m in the “doesn’t hurt to cover the camera camp”. I run mostly Macs and prefer the SpiShutter: https://www.spishutter.com/collections/spishutter-product/Spishutter

                                They also work on some newer PC models. They look better than a sticker and make it easy to show the camera for when you need to take a video call.

                                1. 1

                                  ActionMailbox looks really interesting

                                  1. 2

                                    It is. Definitely not for every use case, but when needed, it’ll be very helpful. I covered it in a screencast a few weeks ago. https://www.driftingruby.com/episodes/using-action-text-in-a-rails-5-2-application

                                  1. 7

                                    I find this site helpful when looking for a new VPN (though they are not free): https://thatoneprivacysite.net/vpn-section/

                                    1. 5

                                      Consider using ProtonVPN if you’re not sure about which. Their incentives are at least aligned with you vs shady folks and governments. Just be sure to use the jurisdictions that don’t cooperate a lot with the U.S.. Traffic will be slower but less odds of secret warrants.

                                      1. 7

                                        Mullvad is very well reviewed on That One Privacy Site, and that review was one of the reasons I decided to use it. I’ve been using it for about a year now without problems and without ever giving them any real information about myself.

                                        1. 2

                                          I’ve never tested it, though I’d like to – they claim that you can mail them cash and they’ll convert it from whatever currency you send and credit it to the account you specify (which is just a number). Given that almost any service will require an email (they don’t) or a credit card (which prepaid cards can get around) or paypal (…), this is a pretty good sign.

                                          1. 1

                                            I didn’t try the mail-them-cash option, but rather paid in bitcoin, which was straightforward enough.

                                    1. 14

                                      Can someone explain to me why this article is getting so many upvotes since this is basically only telling to think about before introducing kubernetes? The article links to another article of hers, Building Container Images Securely on Kubernetes, which is way more interesting in my opinion.

                                      Edit: formatting

                                      1. 7

                                        The author is respected for their knowledge in this area and has done a lot for the community.

                                        1. 24

                                          Basically, having one of the highest authorities on containers say that people are overthinking how they approach containers is a nice thing to hear, particularly as people have to fight overgrown infrastructure.

                                          1. 3

                                            ^ This

                                          2. 4

                                            Although I’m about separation architectures, I did like her write-up listing many security practices that container tech are using with a nice, little chart. I saved it in case I ever wanted to follow-up on them to use as extra layers, do work improving them from high-security perspective, or (most likely) share them with anyone using containers who could benefit. Just an example supporting your point.

                                        1. 28

                                          Julia Evans, Alice Goldfuss and Jessie Frazelle.

                                          1. 8

                                            I’m very jealous at Julia’s ability to lay stuff out so clearly. Her zines are very informative and are extremely easy to digest given how much I find out in them. I’m very convinced that being able to break down stuff in this way contributes a lot to being able to pull off stuff like rbspy

                                            1. 1

                                              +100

                                            1. 7

                                              My usual desktop

                                              I’m on OS X, and use a tiling window manager called ChunkWM with a hotkey daemon.

                                              There’s NeoVim with a variety of syntax/editing plugins on top right, a currently active PDB session on bottom right, various IRC channels and servers via Weechat on bottom left, and Mutt top left.

                                              With the combination of hotkey daemon, window manager, and the variety of CLI-based tools I use, I essentially never use my trackpad/mouse. Not shown is Firefox with a vim-like set of keybindings so that I can navigate with the keyboard.

                                              I’m also a huge motorsports fan, so the wallpaper usually rotates between various Formula 1 or World Endurance Championship scenes.

                                              1. 4

                                                How do you find ChunkWM? I’ve batted around the idea of installing it on my Mac at home, because I am a fan of tiling, keyboard-driven wms when forced to spend time in X; but I worry that it’d end up being a case of fighting the platform, a neither fish-nor-foul hybrid that manages to combine the worst of both worlds.

                                                1. 4

                                                  It’s actually not that bad – there are a few configuration-level things that you need to setup to get things working smoothly, but once it’s going I really don’t have to touch it. I’m actually a bit lost when I need to use a computer that is not my own due to all the built-up muscle memory from the skhd hotkeys.

                                                  But, it does have some flaws.

                                                  1. When switching between single monitor & multiple monitors, sometimes windows don’t reposition themselves correctly and I have to hide all windows and then bring them to the foreground to get the chunkwm daemon to recognize them and resize them. It’s not a big deal, but it can be jarring the first time it happens to you. Also, this seems to have almost disappeared in the most recent versions of ChunkWM.
                                                  2. When resizing windows, you can sometimes see redraw artifacts (edit: on further thought, this might be an issue with iTerm2 - I don’t ever see redraw artifacts on non-console windows). You can even see that in my screenshot that I took (it looks like an extra letter in the self parameter in the top right window, first line). The artifacts disappear when the window in question has to redraw itself again for some reason (e.g. you typed some text), but is supremely annoying.
                                                  3. The default keybindings in skhd might be a tad annoying for non-English keyboards. I know when I need to type French accented characters, I have to go a circuitous route due to the use of the option key as the main skhd modifier.
                                                  4. Some menubar applications will need to be added to the chunkwmrc config file as a “do-not-touch”, since chunkwm tries to tile floating menubar windows that appear, and it really just goes a bit nuts. This seems to have been resolved in the most recent versions of chunkwm, but I’m still a bit wary about it.

                                                  Overall, though, for software that is at 0.4.x level of completeness, I’m very happy with it, and deal with the warts because the productivity it provides me is worth so much.

                                                  The author of the software has gone through a few iterations of building these hotkey daemons & window managers for OS X, and seems to have taken a lot of knowledge and experience from past implementations.

                                                2. 2

                                                  Another tiling window manager: https://www.spectacleapp.com/.

                                                  1. 1

                                                    +1 for Spectacle

                                                1. 1

                                                  I use Quiver Notebook. It stores everything in files that I can easily add to a git repo (Keybase).

                                                  If people don’t want to buy Quiver I normally recommend Boostnote or Jrnl.sh since they both store files in a way that can easily be added to version control or exported to another format.