1. 4

    TLDR: Most of the keyboard shortcuts here work basically in every software that reads input text.

    I daily use CTRL+L (clear screen) and CTRL+U (to cut everything before the cursor) in my shell.

    1. 2

      I use Ctrl-W (delete previous word) Ctrl-A (go to beginning of line) and Ctrl-R (search previous lines) a lot.

      1. 2

        I used exactly these 15 years long until I discovered that I can switch the VI mode on. Now the first line that I type when logged in on a (foreign) Linux box is “set -o vi”. I hope all terminal REPL applications would use readline so that I could use VI mode line editing everywhere. But that’s not everywhere the case.

    1. 1

      Interesting. But can this really be called a computer? If I understood the article, it seems to have built for one program, economy simulation.

      1. 1

        It’s an edge case, there’s no right or wrong answer. It’s a device that computes, but it’s not a general-purpose computer or a stored-program computer.

        1. 2

          This is a hoax: that will show a dialog, that says it is a hoax. A hint that this is a hoax is already in the URL - 1st of April 2013.

        1. 25

          Spectre PoC: https://gist.github.com/ErikAugust/724d4a969fb2c6ae1bbd7b2a9e3d4bb6 (I had to inline one #DEF, but otherwise works)

          1. 5

            I’ve tested it with some success on FreeBSD/HardenedBSD on an Intel Xeon. It works on bare metal, but doesn’t work in bhyve.

            1. 4

              oh god that runs quickly. terrifying.

              1. 3
                $ ./spectre
                Reading 40 bytes:
                Illegal instruction (core dumped)
                

                That was kinda disappointing. (OpenBSD on Hyper-V here.)

                1. 10

                  It worked for me on OpenBSD running on real hardware.

                  1. 1

                    That was kinda disappointing. (OpenBSD on Hyper-V here.)

                    perhaps it was the cache flush intrinsic.

                  2. 2

                    I’m impressed how easy it is to run this PoC - even for somebody who didn’t do C programming for years. Just one file, correct the line

                    #define CACHE_HIT_THRESHOLD(80)

                    to

                    #define CACHE_HIT_THRESHOLD 80

                    then compile: gcc -O0 -o spectre spectre.c

                    run:

                    ./spectre

                    and look for lines with “Success: “.

                    I am wondering if there is some PoC for JavaScript in the Browser - single HTML page with no dependencies containing everything to show the vulnerability?

                    1. 2

                      I’ve been playing quickly with the PoC. It seems to work just fine on memory with PROT_WRITE only, but doesn’t work on memory protected with PROT_NONE. (At least on my CPU)

                    1. 13

                      LWN’s write-up was at the right level for me. I’ll read the papers when I have time. https://lwn.net/SubscriberLink/742702/83606d2d267c0193/

                      PS: go subscribe to LWN, it’s great.

                      1. 7
                        1. 2

                          This is the one that finally made me understand it, well on a conceptual level.

                        1. 9

                          They completely blew it. All those polls were for nothing. It’s just a T470 with a 7 row keyboard: http://www.omgubuntu.co.uk/2017/09/retro-thinkpad-image-2017

                          It’s the same crappy 16:9 screen like all the other laptops today. I hear all the time that nobody makes 4:3 or 16:10 screens anymore, yet Apple sells 12.9’’ and 10.5’’ 4:3 tablets and 12’’, 13.3’’, and 15.4’’ 16:10 laptops without any issue. All with high quality IPS screens, most of them wide gamut even.

                          1. 3

                            Poor chassis choice. Retro ThinkPad enthuiasts are either into the smaller models (600X, 701C, X300, the entire X series for that matter) or the really huge ones (A-series, 700 series) - making it T470 based makes no one happy.

                            1. 4

                              Um, plenty of my “retro ThinkPad enthusiast” friends love their T40 and T60 series models, which are comparable in physical size to today’s T400 series models (~13in by ~9in).

                              Speaking for myself—who got into the game too late to be much a “retro ThinkPad enthusiast”—I like my X220. I don’t especially care for my T450s daily driver, but that has little to do with the form factor (which I think is fine), and everything to do with the keyboard, lack of ThinkLight + lid latch + ports in the back, and the 16:9 (rather than 16:10) display.

                              If the “ThinkPad Retro” had a 16:10 display, it would be perfect for me, modulo what we haven’t heard about what ports it’ll have. By the way, since it hasn’t been linked in this subthread, here is the image of the “ThinkPad Retro” that Lenovo accidentally leaked.

                              1. 1

                                I agree with you - though I had older Thinkpads, including the X60s. I must say, that I love my T450s a lot - I like the form factor of the laptop, but I would prefer a better keyboard and more vertical screen. I have to say that I started to like to have that much horizontal space, as I am able to edit two programs side by side.

                                Thanks for the photo - I like the keyboard, especially the big ESC key :-)

                                1. 1

                                  FWIW I edit three files side by side in my 15” MacBook Pro, and I still have better vertical space than the T450 in about the same physical package.

                                  1. 2

                                    I do not know anything about MacBooks, but the T450s, is only 14”, so it’s normal that a 15” has more vertical and horizontal space. To have a 15” in the same overal size like the T450s, this sounds very interesting. But in any case Mac will never be for me - I need the TrackPoint, a good keyboard and Linux.

                              2. 2

                                Exactly, it makes no sense. Plus that 16:9 screen.

                                1. 3

                                  The worst part is that when sales are slow, they’re going to blame it on “oh, the enthusiast market isn’t willing to put their money where their mouth is” instead of on the horrible screen, and we won’t see things like this happen again.

                            1. 2

                              I’m running a Thinkpad X1C 3rd Gen for work and it’s good enough, although my team has System 76’s Galago Pro from this year, which seems better in almost every way except battery life. I would expect that for ultrabook-style Linux laptops, either the next revision of the Thinkpad X1C, or whatever home-spun design System 76 comes up with (current Galago Pros are based on another OEM’s hardware) will be pretty much perfect. The next Dell XPS 13 is another potential contender, as I have seen them work amazingly as Linux laptops over the last 2 revisions.

                              Again that’s ultrabook-style laptops. I still don’t feel my sweet spot is served by existing laptops, and it comes down to a market segmentation issue. To get a slightly larger/thicker laptop, with a little more battery, and a little better cooling that can support a better processor (i.e. a 7700HQ instead of a 7600U) almost all the OEMs I have looked at require you get a dedicated Nvidia GPU as well. Said GPU will operate in a hybrid/switchable manner, the Linux experience for which I neither like, nor want.

                              My current hope is that AMD will offer a version of Ryzen mobile paired with enough integrated GPU “oomph” to allow higher-powered CPU laptops to eschew a hybird-dedicated GPU.

                              For those who like the thin-and-light laptops, it’s is already approaching a golden era for Linux laptoppery.

                              1. 3

                                although my team has System 76’s Galago Pro from this year, which seems better in almost every way except battery life

                                I’m watching System 76, but until now they don’t having keyboards comparable with the ones of recent ThinkPads (the older ThinkPads had even better ones), not even talking about the missing TrackPoint. So, I would like to extend your sentence to: almost every way, except the missing trackpoint, an excellent keyboard and battery life.

                                I’m waiting for the X62

                                1. 1

                                  That keyboard criticism is fair. I also was never a rabid devotee, despite using Thinkpads for most of the laptops in my life. I like them better than “clickpad” touchpads, I suppose, but it’s not a strong feeling.

                                  I use my laptop docked ~75% of the time anyway, so while I like the TrackPoint and nicer keyboard, I don’t notice those as greatly these days. Keyboard would outweigh the touchpad v. trackpoint debate in importance (for me).

                              1. 4

                                As additional context https://www.win.tue.nl/~gwoegi/P-versus-NP.htm:

                                This page collects links around papers that try to settle the “P versus NP” question (in either way).

                                And later it has a collection of chronological milestones about the problem.

                                1. 10

                                  I think Standard ML ought to be considered a contender. It’s also a very small language, but can be compiled to extremely efficient code. It’s principal advantage is that there is a complete formal semantics for it—there is no “undefined behavior.” There isn’t a lot of passion for it these days but I often wonder if things would be nicer if it had caught on. I really like the module and functor system.

                                  1. 9

                                    I think most of Standard ML’s good ideas are in more widespread use in the form of OCaml. Standard ML does have a full program optimizing compiler in the form of MLton, but I don’t think there’s an equivalent for OCaml. That being said, I’m not sure OCaml is as performant as C, and it’s also started to gather some cruft as it gets older. It would be interesting to see a “fresh start” ML-style language designed for this day and age.

                                    1. 3

                                      Not quite whole program optimization but kinda close is the flambda version of the OCaml compiler. What would you consider cruft in OCaml? In my experience the cruftiest parts are actually the oldest parts, the newer things are quite alright.

                                      1. 3

                                        I think that the functor syntax is a little messy, especially for multi-argument functors. Relatedly, the new support for first-class modules is great, but it’s a little hard to figure out the first time around. I also really wish that there was support for first class constructors (I think Standard ML has this), and though the new ppx stuff is really cool, I think the resulting extensions can be a little ugly.

                                        1. 1

                                          Hmm, now that you mention it, these are all valid points, thanks. Curiously, even OCamls predecessor, Caml Light had first class constructors. For OCaml there are a number of “solutions” to this, but the fact that there are multiple already illustrates the fact they are missing from the core language.

                                    2. 3

                                      Especially with MLton compiler.

                                      1. [Comment removed by author]

                                        1. 5

                                          Maybe http://www.ats-lang.org/ ?

                                          It allows not only functional programming. Here the section “What is ATS good for?”:

                                          ATS can greatly enforce precision in practical programming. ATS can greatly facilitate refinement-based software development. ATS allows the programmer to write efficient functional programs that directly manipulate native unboxed data representation. ATS allows the programmer to reduce the memory footprint of a program by making use of linear types. ATS allows the programmer to enhance the safety (and efficiency) of a program by making use of theorem-proving. ATS allows the programmer to write safe low-level code that runs in OS kernels. ATS can help teach type theory, demonstrating both convincingly and concretely the power and potential of types in constructing high-quality software.

                                          1. 2

                                            Are the dependent types really that readable to people who have a hard time with C? I wouldn’t suggest it for ease of use unless talking to someone who worked with theorem provers complaining about speed of extracted code.

                                            1. [Comment removed by author]

                                              1. 2

                                                Probably even more so for 8-bit coders who might not imagine a world past assembly or C. Much less ATS on their hardware.

                                                https://github.com/fpiot/arduino-ats

                                            2. 2

                                              So there’s a lot of fine print on this.

                                              Let’s compare Haskell or OCaml to C and Python. The compiled FP languages are all going to be less code than C and better performance than Python. I would argue that they are likely to perform similarly to the C code, and they are likely to be less code than Python as well. I think most of the cost of FP is up-front: you have to learn it and figure out how to apply it. You can definitely make programs that outperform C, and it will usually be less work than writing them in C. But the tradeoffs are already set in a good place.

                                              I think people tend to overestimate C’s performance. First, C is not the performance ceiling of all programs. Many programs are amenable to cheap parallelization, which is difficult to do in C but easy in Go or Haskell. Second, to write C is itself a lot of work. Getting to the same level of completion with C is often more work than getting there in other languages. The time you save getting to working with OK performance is time you can spend on improving performance of a working program with other languages.

                                              What do you do if you get to completion with C and the program still doesn’t perform? You have to tear out a substantial chunk of C and rewrite it. But if you profile your code (which you should do anyway) you will probably find that only a small chunk of it actually has performance ramifications. This is why there are programs that are ostensibly written in Python that perform so well. It’s easy to profile the code, find the critical section, move that section out to C and use it as a library from some other language. Well, you can do that from OCaml or Haskell too. And often it is that glue code that unites your critical section with the real world, that is both tedious to write in C and error prone, as well as unlikely to matter from a performance standpoint.

                                          1. 2

                                            Is there a way from an install of 0.12.0 to update to 0.13.0? And in case there is a way, with what commands can I do it?

                                            1. 3

                                              There is a short video presenting this: https://www.youtube.com/watch?v=z_01ha1uS6Y&feature=youtu.be

                                              1. 4

                                                Because the example is so well prepared, I just tried it out and was somewhat surprised that it would not use more than 1 CPU.

                                                To make it use 4 CPUs on my system I had to compile it with:

                                                stack ghc --resolver lts-7.14 --install-ghc --package conduit-extra -- --make -threaded echo.hs
                                                

                                                And then run it with:

                                                ./echo +RTS -N4
                                                

                                                Then you can see that with every new connection and long input it will use more and more CPU.

                                                1. 3

                                                  Good point, thank you! I’ve added an update to the blog post about this.

                                                1. 2

                                                  In one of the comments there is a pointer to a forum discussion:

                                                  This is being discussed in https://groups.google.com/forum/#!forum/mozilla.dev.security.policy topic: “Nation State MITM CAs?”

                                                  1. 3

                                                    I mostly agree with this, but have two nitpicks.

                                                    ARM is a RISC architecture, so I’d actually move that one to “yes”. I’m not sure I buy the excuse it’s “not RISC-y enough”. At the very least it deserves to still be a “maybe”.

                                                    Second, I’d leave “formal methods” as a “no”. My understanding of formal methods is that they’re used at a higher level than type checking and static analysis: proving an algorithm will terminate, proving it won’t allocate memory, etc. If static analysis and type checking count as formal methods, I think it would have been a “maybe” back in 1999 and a “yes” now.

                                                    1. 1

                                                      This is what the article says regarding ARM:

                                                      If there’s any threat to x86, it’s ARM, and it’s their business model that’s a threat, not their ISA. And as for their ISA, ARM’s biggest inroads into mobile and personal computing came with ARMv7 and earlier ISAs, which aren’t really more RISC-like than x86. In the area in which they dominated, their “modern” RISC-y ISA, ARMv8, is hopeless and will continue to be hopeless for years, and they’ll continue to dominate with their non-RISC ISAs.

                                                      For me it’s as well a surprise that “ARMv7 and earlier ISAs” are not real RISCs.

                                                      1. 2

                                                        Slightly off topic I admit, but I don’t understand why people still use Thinkpads given how much Lenovo has repeatedly betrayed their customer’s trust with malware/spyware. Is there no better option or something? (What about Linux on a Mac?)

                                                        1. 6

                                                          I used to run Linux on an Apple laptop; I switched because I was tired of the “Apple tax”, branding, and general hostility to Linux. The 3rd gen X1 Carbon was close enough in build quality that I wouldn’t feel like I was lugging around a trashy plastic toy. I’ve tried to write this a few different ways to make it sound more objective but, really, the features of most laptops are more than sufficient for me, I was looking for a piece of hardware that exudes a comfortable quality. I want this thing I spend so much time working and playing on to feel good: a nice keyboard, a case that resists torsion, little attention-to-detail features. Maybe I am a sucker for a 5% stiffer case and half the number of trashy Intel stickers, but it feels like a world of difference.

                                                          Other manufacturers are far behind Apple and (most models of) Lenovo in build quality. The Lenovo stories have all broken since I ordered mine and are pretty disconcerting. I really hope folks like System76 and GNU-approved sytems like Purism can compete in a few years when I’m shopping again (or I find the time and energy to build a laptop with an eInk display).

                                                          1. 1

                                                            A bit late, but those vendors are basically based around rebranding ODM systems. They usually focus on cheaper gaming laptops for resellers to brand, and as such, it’s cheap as possible to fit specs in.

                                                          2. 3

                                                            Same reasons as pushcx - ordered before the Lenovo stories appeared. Lenovo is on my boycott list since. Additionally, I depend on a trackpoint with physical buttons and an excellent keyboard - there is just no other alternative out there. Other than this, to my knowledge and experience ThinkPads had pretty good Linux support. My current laptop is a T430s - I hope it will keep working until there is a viable alternative.

                                                            I am too observing the GNU-approved systems like System76 and Purism, but unfortunately they have not yet options for my keyboard requirements.

                                                          1. 4

                                                            Nice. Would be great if there would be selection criteria for trackpoints and the type of trackpoint buttons, if it’s possible to chose the keyboard layout during purchase, and if the keyboard is centered, i.e. without the separate number block.

                                                            1. 2

                                                              I just followed Lenovo’s instructions [0] to uninstall SuperFish on a friend’s computer (Lenovo Yoga 2, Win 8.1). These instructions are NOT sufficient. After uninstalling SuperFish through the normal windows uninstallation program, and the Root CA certs for IE and Firefox, suddenly none of the HTTPS sites worked! The browser complained (rightly), that the the certificate is wrong because it is signed by SuperFish.

                                                              I had to do some research to detect, that there is still a service called VisualDiscovery, which is activated on startup. Looking in the properties I can see that it starts “C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe”. I stopped it and now it works as supposed. But I still have to find a way how to uninstall this stuff.

                                                              I’m a Linux guy, but I find it crazy, that after uninstalling VisualDiscovery/SuperFish there are still executables and a service remaining on the disk! This is crazy.

                                                              [0] http://support.lenovo.com/us/en/product_security/superfish_uninstall

                                                              1. 1

                                                                Wow, that would be really great to have an open source laptop with hardware switches for camera, mic, wifi, bluetooth and usb!

                                                                For me personally a trackpoint, with 3 physical buttons (like in the older thinkpads) is a must-have. Unfortunately the design doesn’t include it. I will send an email and ask them.

                                                                1. 1

                                                                  It’s heart warming to see from time to time articles about Unix history. My take-away points from this article:

                                                                  When asked what that funny name meant, Ken said it was obvious. It stood for the editor command that it simulated, g/re/p (global regular expression print).”

                                                                  .. and ..

                                                                  Today fgrep and egrep existed solely for compatibility to enable the use of ancient scripts that used direct invocation of fgrep and egrep. The proper way to use them today is grep -F and grep -E.