1. 4

    Reading this, it occurs to me that one of the secret strengths of Emacs is that it too reifies user interaction: every single thing you see happen on-screen is a Lisp command which the user can look up, read documentation on, read source of, edit and override (there are some low-level parts of Elisp written on C, but even those can be read, edited and changed, albeit with more difficulty).

    The advantages are all those indicated by the article. And, as the article notes, one is not limited to using a command line to enjoy them (although a Lisp REPL can be a powerful way to do so).

    1. 4

      I think a main distinguishing feature for GUIs vs CLIs is who uses which. If the same crowd that uses Emacs or Vim would use (and contribute to) more GUI software, it would quickly grow to support pervasive scripting and history.

      1. 7

        Many parts of at least GUI emacs is very GUI-like - it has buttons, advanced interfaces like magit, and so on. Obviously it’s not all “GUI-like”, but I do think that Emacs is a good example of what happens if the people that use CLI creates GUI software. The only limiting feature is that Emacs was made a long time ago, and its scars reveals that.

        1. 5

          Emacs is GUI software! It can be profitably used using just the menus and toolbar. I turn them off, but I imagine many people never do.

          1. 1

            I’m not sure about that, it would require the right design to begin with for a certain mentality to want to contribute without losing the legacy they already are proficient in. I’m not sure how a GUI awk would look like in our GTK/Qt/Electron world, if anything because you’ve always got those who have to go out of their way to create a “innovative” look and feel. HTML is probably the closes we’ve gotten to anything like this in real world applications, when considering user scripts, though I don’t think it was worth it.

            1. 2

              I think Applescript (on Mac) or ARexx (on AmigaOS) are better real-world applications. HTML with user scripts is basically screen scraping.

          1. 2

            my spidey-senses tingle seeing curl ifconfig.me in a script to automate ssh access - I get why it’s part of the process, but it seems scary to rely on an external service over HTTP to get the IP address to whitelist.

            Is there no good cross-platform way to get an external IP address that doesn’t expose quite so big a MitM target?

            1. 2

              You can pretty easily set up a vm somewhere and using a very simple nginx config, achieve something similar but “self hosted”.

                  location /ip {
                      default_type application/json;
                      return 200 "{\"ip\":\"$remote_addr\"}";
                  }
              

              Ref: I originally encountered the idea here

              1. 1

                Why not “$remote_addr”? Would also be an equally valid json response.

                1. 1

                  Or even just $remote_addr. Not everything needs to be JSON after all!

                  1. 1

                    Because it was what I wanted. Definitely do whatever meets your own needs though, for sure.

                2. 1

                  Not only is there no cross-platform way, there’s no way period (assuming consumer routers, at least). If you want to know how you look from the outside you’re going to have to ask someone.

                  1. 1

                    Woes of IPv4 exhaustion and NATs. You can just parse json ipconfig2 output if your IPv6 configuration isnt pathological though. That’s what I do for my dynamic DNS script and setting AAAA records.

                  1. 2

                    This sounds very cool, and for non-cryptographic use it is probably great, but for crypto use ‘I made it fast first, then tried to pass some tests for randomness’ is a real red flag. There are some great uses for non-CSPRNGs, particularly high-speed ones. Wonderful to see more work in this space but I would not recommend use in crypto.

                    Maybe remove the ‘crypto’ tag?

                    1. 8

                      Debian. The OS/distro is not the correct layer for experimentation.

                      1. 5

                        Fellow Debian user here. I think there is room for experimentation at the distro and even OS levels, but … not at my day job, and not on my personal machines until I retire.

                      1. 2

                        Debian.

                        I used Red Hat from 1998–2010 or so, Ubuntu from 2010 to 2011 or 2012, and Debian since (numbers are a bit fuzzy, and part of the Red Hat time was Fedora).

                        I like that Debian comes from a traditional Unix sysadmin background; I appreciate the stability of the system (I love computers, and I use them for fun as well as work, but I am not as interested in spending a weekend chasing down depa for a broken system as I was in my youth); and I also appreciate the Free Software focus. If you’re used to Ubuntu, Debian is Ubuntu without the flakiness; if you’re used to Red Hat, Debian is Red Hat with more-pleasant tooling (that’s a matter of opinion, of course).

                        I would love to take a look at Guix SD sometime. And maybe Arch someday — I love the Arch wiki. Seems like a great community. But with Debian I can get work done, and that’s what is important.

                        1. 1

                          It’s a little shocking that gtk+ & IUP rely on silently dividing by zero. That seems like something one should guard against even if using a language like C.

                          1. 1

                            I think SBCL is the only Lisp that seems pay attention to trapping these kind of exceptions.

                            1. 5

                              +1, although I recommend the Type-S variant.

                              1. 2

                                Yes, I have the original at home, and I tried to bring it into the office, and my co-workers wanted to kill me. I ended up getting a type-S variant for the office and keeping my other one at home. I absolutely love this keyboard!

                              2. 3

                                I have multiple keyboards, but my favorite for working is a Topre Realforce 87u which uses similar switches, while also giving arrow keys.

                                1. 2

                                  My favourite variant is Drop’s Tokyo 60

                                  1. 2

                                    I can second this. I recently got the Tokyo60 and have been absolutely loving it.

                                    1. 2

                                      I want to see what you’re talking about but everything I click on there wants my email address.

                                      1. 1

                                        Sorry, for some reason drop requires an account to view products. I’ll link you an image instead.

                                    2. 2

                                      I use this keyboard for work and absolutely love it. I’m grateful CTRL is in the CAPS LOCK position.

                                      1. 1

                                        I’m currently typing this from a Happy Hacking Keyboard Pro 2, and I enjoy it for the most part. But I do miss the lack of physical arrow keys.

                                        1. 1

                                          I used an HHKB Lite2 for years and years (over a decade, I believe): it has an inverted-T in the lower right. They are an odd rectangular shape, which I imagine is why I have never seen a mechanical keyboard with the same feature. I thought it was basically the perfect layout for a long time.

                                          An under-appreciated feature is the placement of the ESC, \, ~ and BS keys. Once you’re used to it, you really don’t want to go back.

                                          There are only one and a half problems with the HHKB. The first is the CTRL key. Yes, replacing Caps Lock with something useful is good, and yes that location is far better than way out on the left and right corners. But it is not ideal for touch-typing, in which one should press modifiers with the opposite hand.

                                          The second half-problem is the staggered key layout. I believe that a non-staggered (‘ortholinear’) layout may be more ergonomic.

                                          These days I am experimenting with the Boardwalk and XD75 layouts, but with heavy inspiration from the HHKB. I have Hyper, Super (GUI or ‘Windows’), Alt, Ctrl, Raise to the left of the space bar and Lower, Ctrl, Alt, Super & Hyper to the right. The Caps Lock location is used for Compose — since it is not a modifier, having a single version is okay.

                                          For arrow keys on the Boardwalk I have Lower+EDSF (like WASD, but fingers never leave the home position). On the XD75 the arrow is in the centre.

                                          I know for a fact that I do not want to go back to a full-size board with a keypad, and I know I want to stick with mechanical keyswitches. I may someday want to get into something even more ergonomic, such as a split keyboard or Ergodox.

                                        2. 1

                                          I have used this, as well as a Realforce 87U, for a few years each. Both are great but these days I prefer the Leopold FC660C (with Type-S switches). Specifically with the Hasu PCB Mod, which is also available for the HHKB2, one can turn the board into the custom tool of programmers’ dreams.

                                          1. 1

                                            Does anyone find value on missing the F keys or the arrow keys?

                                            1. 4

                                              the form factor being small has value, because it means the device takes up less physical space on your desk and is much more portable. It’s very easy to toss into a bag with a laptop, because it’s only going to be as wide as the laptop itself.

                                              The problem with the missing arrow keys is that in order to use the arrow keys you have to use a chorded combination (with the fn key to the right of the right shift). That’s fine when you’re using the arrows on their own, and the key combos are easy to learn and remember and use. Where it falls down is when you want to use the arrow keys and press other keys simultaneously that do NOT want the fn key held down, which is a struggle for games that use arrow keys. That’s the only situation in which I’ve found it bothersome, but that may be more of an issue for me than most since I’m a game developer.

                                              1. 3

                                                I personally use a fullsize + ten-key WASD v2, which is pretty good. The whole tiny keyboard thing (people are unironically making 40% size boards on /r/mechanicalkeyboards) makes very little sense to me.

                                                I miss my old huge compaq keyboard, with F13-F24 on a strip down the left side :)

                                            1. 1

                                              I miss clean protocols and truly native clients, but it’s hard to imagine that we’ll ever see their like again. It’just too seductive to implement atop the browser.

                                              1. 3

                                                I’m installing Linux from Scratch (LFS) for the first time (in a VM, not as a daily driver). I have a vague idea to build an experimental system atop the Linux kernel, and LFS seems like a decent way to get a small core of functionality.

                                                Part of my vague idea involves replacing init and other low-level tools, so we’ll see how it goes!

                                                1. 5

                                                  Nokia 101 (phone booth replacement, if I’m outside. holds my private phone number) motorola one vision (pretty much my “landline”, stays in the office. holds my public phone number)

                                                  I do not like home banking or even email on my phone: with the first holding my money and the second many, many online accounts, it would be a single point of failure, should someone pick it from my pockets or should I lose it.

                                                  Mobile Websites are not for me: I’m almost 50 and my eyes clearly show age, I hate dumbed down mobile versions of websites, and I have given up on taking all the adblocking and privacy efforts twice.

                                                  1. 3

                                                    I do not like home banking or even email on my phone: with the first holding my money and the second many, many online accounts, it would be a single point of failure, should someone pick it from my pockets or should I lose it.

                                                    I feel the same way, and it’s interesting to me that more tech-savvy folk do not also. I don’t even have an email client on my laptop; I only do email from a desktop. I guess in this modern age, people have grown so attached to their digital lives that they’ve accepted that having silicon parasites on you 24/7/365 is just considered normal.

                                                    1. 2

                                                      What do you do with your laptop? Staying connected is my main use case for a laptop these days.

                                                      If I am away from my desk and can get someone who’s working for me unstuck by firing up my laptop and helping them over email or chat in less time than it would take me to get back to my desktop once or twice a year, I’ve paid for my laptop and justified keeping it nearby most of the time. I could make a slightly less direct argument for using it to help someone I’m working for.

                                                      1. 1

                                                        My big use case is maps, public transit directions and/or Uber, looking up locations (e.g. restaurants or museums) and light web browsing to kill time in transit.

                                                    1. 49

                                                      Kind of annoying that you have to read thru a third of the article to get to the important part:

                                                      Is Flow open source?

                                                      No. […]

                                                      1. 19

                                                        It is this part of the answer that I find more interesting: “There’s no current plan for that as we don’t have a large corporation backing our development. “

                                                        It just makes me sad. Open source was supposed to destroy the corporations, not empower them! It was to bring freedom to the development world, not leave it at the mercy of big money operators.

                                                        Nothing new, no big comment. Just lamenting :( (though the khtml legacy may be interesting - and it is LGPL… perhaps we have that to thank for the openness we do still have at least)

                                                        BTW I also hate the name “Flow”. Gah I can’t wait for this era of names to come to an end.

                                                        1. 14

                                                          Open source was supposed to destroy the corporations, not empower them!

                                                          Was it? I always thought that free software was about empowering the users — raising then up, not dragging anyone down.

                                                          1. 8

                                                            Open source has always been about empowering the corporations from the beginning, and free software has always been about preventing corporations from exploiting users, which under the current capitalist system amounts to destroying or crippling them.

                                                            1. 1

                                                              yeah i was being kinda loose to fit the star wars meme.

                                                              But open source is basically corporations taking over the free software idea and twisting it for their own benefit. So I should have said “free software” of course but eh the article said “open source”.

                                                            2. 10

                                                              This is a weird attitude. I’m all for open source and have been working on open source full time for several years.

                                                              But just because someone starts an important/interesting project doesn’t mean anyone should demand it be open source.

                                                              The obvious response is: Start your own open source browser project, and recruit or pay the 100+ developers it will take over decades! If it were easy or cheap, we’d see a lot more of these types of projects.

                                                              1. 5

                                                                I don’t demand it, I just would prefer not to run some person’s code nobody can read.

                                                              2. 8
                                                                1. 4

                                                                  It is this part of the answer that I find more interesting: “There’s no current plan for that as we don’t have a large corporation backing our development. “

                                                                  Well, imagine they release it today: people will report issues, create PRs, ask for features, etc.

                                                                  Responding to that in a vaguely timely fashion takes up a lot of time. If you’re a small company, you may not want to spend the time/money.

                                                                  1. 15

                                                                    You don’t have to have an issue tracker, or forums, or accept contributions, or even have source control.

                                                                    It’s open source if you dump a tarball once per release.

                                                                    1. 7

                                                                      I’ve worked on open source without a public bugtracker. We were flamed for that. “Not really open source” etc.

                                                                    2. 5

                                                                      More than that, they want to sell it.

                                                                      1. 2

                                                                        I would like Flow to be open source, but I don’t care enough to do anything about it. If I really wanted to make it happen, here’s how I’d go about it:

                                                                        1. Find enough developers who will commit to maintaining it properly
                                                                        2. Approach Ekioh and ask them to make a deal
                                                                          • They would benefit from additional contributors without paying maintenance costs
                                                                          • They will probably want some cash too
                                                                        3. Crowdfund to raise the cash

                                                                        That’s pretty simplistic, I realize. But my point is just that license problems are business problems, and can sometimes be solved.

                                                                      2. 4

                                                                        I think it’s honestly a misdirection. There have been plenty of good open source projects with small businesses behind them. It’s like saying “Oh I can’t do the dishes tonight because I don’t have large corporation backing”.

                                                                        1. 12

                                                                          I’ve worked at one of those (one of the first to do it) and when I read that sentence it, I just nodded. “Yeah, can understand that.” What they mean is probably that they need income, every month, and they’re worried that by opening the source their existing business model is at risk and they don’t have an obvious replacement.

                                                                          The worst case is roughly: zero outside contributions, a wide user base that pays nothing and expects much, the user base does not contain prospective customers, and too many of the existing customers decide to stop paying and just use the free offering. With skill and luck it’s possible to devise a new business model and sales funnel that uses the width of the user base, but doing that takes time, and without a corporation backing it, how does one keep the lights on meanwhile?

                                                                          1. 4

                                                                            What they’re really saying is they don’t have the skill or finesse to pull it off. That’s fine, however plenty of small businesses have made great profits while open sourcing their products. You don’t “need” corporate backing, and I’d argue if anything it’s an obstacle rather than a benefit.

                                                                            1. 10

                                                                              The skill and finesse to pull it off is considerable, IMO it can be regarded as infinite unless you have two more things:

                                                                              • skill and finesse
                                                                              • luck
                                                                              • funds to last you through a period without income.

                                                                              Skill alone isn’t enough.

                                                                              A “large corporation” in this context is simply one that’s large enough to have one or more sources of income unaffected by the product being developed, and whose other income is large enough to carry a team through the product development phase.

                                                                              (I’ve worked at three small opensource companies and spoken to my counterparts at others.)

                                                                              1. 1

                                                                                Not saying your concern is entirely invalid, I think those things DO matter. I just also think the reality is probably somewhere between “It can’t be done” and “It’s trivial to do”. The idea that you can’t run an OSS business without backing by a major corporation is probably untrue. The idea that you can run an OSS business without capital, luck, or skill is probably also untrue. I personally found it upsetting that he was attempting to put it all on a lack of corporate backing instead of just saying it was a strategic decision to keep an edge on competition or something. I often find when people deflect blame on to things they can’t control they are often trying to sidestep the extent they do have responsibility or control over the situation.

                                                                              2. 5

                                                                                What fields were they operating in? Are they still prominent or even around? Were they ever prominent?

                                                                                Where did they get money? Corporate customers, side gigs or a big inheritance? Did they detour from their core paying business to do open source?

                                                                                How long did it take for them to become sustainable? Did they?

                                                                                What’s the proportion of “plenty” in comparison to the competition that didn’t make it? To the corporate-backed competition? To the competition that’s still around with the same premises?

                                                                                Not to come off as too much of a duck here, but all these questions are very important when saying someones have generally made money. Surely the response might warrant more of a study than a reply, but seeing how under-staffed and -paid open source is, I’m a bit triggered by negating legit concerns with “others done it”.

                                                                                1. 2

                                                                                  I’m a bit triggered by negating legit courses of action with “it can’t be done”, so… I doubt we’ll have a tremendously productive discussion. I think your questions around it are fair and reasonable but I think our stances and positions are too far apart to find the center in the comment thread. I’m not really interested in debating this out however I do appreciate that you took the time to come up with good challenges to my point.

                                                                          2. 1

                                                                            I’m curious about the name. What would have been your choice?

                                                                            1. 2

                                                                              Seeing as the company is named Ekioh, perhaps “Ekioh Browser Engine”, EkEng or EBE for short, or maybe a four letter word that isn’t already used by multiple software projects

                                                                              1. 2

                                                                                I probably would go Ekioh Browser - descriptive yet unique by including the existing company name. There’s just a trend right now to use fairly short, generic names. I imagine the marketers are like “we want to evoke a feeling” but I just want some decent idea of what it is and how it is distinct.

                                                                            2. 17

                                                                              Does the fact that the browser is not open-source mean that it is not bringing diversity to the market? I’d argue that browser diversity was in a healthier state when Opera had a proprietary engine than it is now that Opera uses Chromium and Blink.

                                                                              Don’t get me wrong, I’d much rather see this be open-source, but I don’t think the fact it’s closed source means it’s irrelevant.

                                                                              1. 40

                                                                                one thing to keep in mind is that privately controlled web engines can disappear without leaving a base for a community to develop, as with presto.

                                                                                1. 8

                                                                                  That’s a fair argument.

                                                                                  1. 3

                                                                                    Open source software can disappear, too, when the entire development team goes away.

                                                                                    I’m not aware of any open source that was

                                                                                    • developed by a smallish company
                                                                                    • opened
                                                                                    • received substantial contributions from outside

                                                                                    AFAICT, if something comes from a company and isn’t an obvious non-product like e.g. lepton, then outsiders regard it as that company’s product, and don’t spend their time developing that company’s product for free. A community does not develop.

                                                                                    I’d be thrilled to learn otherwise. Particularly how small companies might get others to develop their product for them.

                                                                                    1. 2

                                                                                      IIRC even the Mozilla codebase languished for quite a while, long enough for the company to go under before it got really picked up by a community. It was a last-ditch desperate effort, but still…

                                                                                      1. 2

                                                                                        Doesn’t Netscape/Mozilla/Firefox fit your criteria? Plan 9 also comes to mind.

                                                                                        1. 2

                                                                                          Wasn’t Plan 9 a Bell labs thing? That is to say, unless I misunderstand what you mean by “Plan 9” it was produced by one of the largest, most famous monopolies in US history. Or pretty much the opposite of a smallish company.

                                                                                          I would not call Netscape or AOL (depending on who you want to attribute the open source release to) smallish either… if memory serves they were worth $10 Billion or so at their peak. But that pales in comparison to Bell.

                                                                                          1. 2

                                                                                            Right. (The $10B is irrelevant IMO, the relevant number is about $2B according to Wikipedia.)

                                                                                            So from the point of view of the Flow people who might be considering going an open source route, there’s a distinct shortage of examples to learn from. A $2B company whose CEO regards as an “amalgamation of products and services” is hardly relevant.

                                                                                            Mozilla was founded with a ten-digit endowment from AOL. Fine for the users, but it makes Mozilla irrelevant as a case to learn from for teams without such fortune.

                                                                                            1. 1

                                                                                              (I was assuming that the poster I replied to was sincerely arguing that Netscape or Plan 9 would count as something from a small-ish company. If my sarcasm detector was miscalibrated, mea culpa.)

                                                                                              This is perhaps the only case in the world where I’d call a difference of $8B “splitting hairs” :)… I’m no more prepared to argue that a $2B company is small than I am to argue that a $10B company is.

                                                                                              1. 1

                                                                                                No, your rant detector was miscalibrated.

                                                                                                Some of these pseudo-arguments annoy me so very much. I wish opensource advocates would use real arguments, not shams that look good at first glance, but make open source look bad in the eyes of developers/teams that are considering going open source. 39 upvotes for something that silently implies that open source can’t/won’t disappear means 39 people who aren’t thinking as carefully as I wish opensource people would. It gets to me and I start posting rants instead of staying properly on-topic. Sorry about that.

                                                                                                1. 1

                                                                                                  sorry; i missed that you asked about “smallish” companies and i misunderstood the thrust of your argument. i guess you were arguing that it would be a risk for flow to open source their browser? i don’t disagree, but that’s different from the question of how much we should care about or support this effort, as people who care about browser diversity.

                                                                                                  are you trying to argue that free software can disappear without leaving a base for a community to develop? what line of careful thinking would lead you to that conclusion?

                                                                                                  1. 2

                                                                                                    The careful thinking is based on two things.

                                                                                                    First, an observation that the number of outside committers to a conpany’s product is extremely small. People don’t choose to use their own time to work on someone’s product — they find something else to work on. Because of that, the development team for any opensource product is overwhelmingly in-company.

                                                                                                    Second, source access is necessary but not sufficient for good software development. Much of what makes development practical is in the team. It’s drastically easier to develop software (both fixing bugs and developing new features) if you can speak to the people who’ve worked on it so far, ask questions, get answers.

                                                                                                    Both of those are rules of thumb, not laws of physics. If you however assume both to be absolutely true, then there’s no difference between a single-product closed-source company doing an opensource dump when it’s acquihired and an opensource company with a single opensource product. If you (more realistically) assume both things to be true with exceptions, then the difference is as large as the exceptions permit.

                                                                                                    You may compare threee scenarios for product/team/company closure, whether it’s an acquihire, bankruptcy, pivot or even things like the whole team going on a teambuilding exercise on a boat, and the boat sinking:

                                                                                                    • Open source company closes (any reason): New team may form from volunteers, continuity is lost.

                                                                                                    • Closed source company closes, dumps source on github: New team may form from volunteers, continuity is lost.

                                                                                                    • Closed source company closes, does not dump source on github: End of story.

                                                                                                    Ie. open source has advantages and some of them are IMO significant, but safety or continuity in the event of the team going away isn’t one of them. “Safety” and “continuity” are big words. A new team may spontaneously form, but that’s far from automatic, so there’s no safety, and and if it does form it hardly provides continuity.

                                                                                                    1. 1

                                                                                                      that all makes sense, and does not contradict the fact that open source products provide a base for community development, even if the base is just a source code dump. there may be a continuity barrier, but it can be overcome.

                                                                                                      for a browser engine, it makes a difference whether it is released like gecko, allowing forks and community development, or released like presto, where a pivot by a private company ends the possibility of further development.

                                                                                                      hopefully you see now that my argument was real and not a sham, and your wish for open source advocates to think carefully is fulfilled.

                                                                                                      1. 1

                                                                                                        Well, it provides a base in almost exactly the same way as, say, Mitro’s code dump did when it was acquired. Mitro could have opened the source earlier (it actually did so on the day as part of its acquihiring process), and I don’t see any reason why an earlier open source process would have provided more of a base.

                                                                                                        1. 1

                                                                                                          sure, but before a company does a code dump there is no assurance that they will if the company pivots or goes bust.

                                                                                                          1. 2

                                                                                                            True. However, do you think that’s a major aspect of uncertainty? I think the users you have in mind aren’t paying customers, right? Someone who isn’t a paying customer (who has no contractual relationship with the maintainers) can hope for continued development, support, years of unpaid service, but only hope, no more. There’s no assurance of bugfixes, of new features, of a port to the next OS version, of compliance with next years’s laws or the ability to read next year’s Microsoft Word files, or that the next version will be open source.

                                                                                                            It’s just one more item on the list of hopes.

                                                                                                            You’ve probably heard stories about companies who implement major new features and then leave them out of the open source tree? I heard about someone who did that with Catalina support recently. It was a tool often used by system integrators, can’t remember the name, but it’s said to be the only open alternative in its niche. For these system integrators, open source was basically a free trial. Once they had invested in that tool, deployed it widely, their customers upgraded to Catalina and they needed to react in a hurry.

                                                                                                            1. 1

                                                                                                              True. However, do you think that’s a major aspect of uncertainty? I think the users you have in mind aren’t paying customers, right? Someone who isn’t a paying customer (who has no contractual relationship with the maintainers) can hope for continued development, support, years of unpaid service, but only hope, no more. There’s no assurance of bugfixes, of new features, of a port to the next OS version, of compliance with next years’s laws or the ability to read next year’s Microsoft Word files, or that the next version will be open source.

                                                                                                              the same applies to proprietary projects so i’m not sure what you’re getting at.

                                                                                                              are you saying even corporate-led open source projects don’t provide a guarantee that the project will continue to be open source? that’s fine but again doesn’t contradict anything i’ve said. it’s still better than proprietary from the perspective of browser diversity because the latest open source release would still provide a base for community development.

                                                                                            2. 1

                                                                                              i must have missed the word “smallish,” whoops

                                                                                      2. 2

                                                                                        Even Internet Explorer, shitty as it was, using its own engine made the web more diverse and forced developers to at least keep some semblance of portability. With the arrival of Edge, they also went the Blink/Webkit path.

                                                                                        There are basically only two (or three, if you count Blink and Webkit as distinct) rendering engines left which matter. That’s truly sad.

                                                                                        So yes, seeing a new browser emerge is actually something that I find hopeful.

                                                                                        1. 2

                                                                                          With the arrival of Edge, they also went the Blink/Webkit path.

                                                                                          They did not do that with the arrival of Edge. They started Edge on its own engine and only just recently released a blink-based version.

                                                                                          IE may have initially encouraged some portability, but its net effect was quite the opposite. There were a lot of IE-only products by the time we saw version 6 or so.

                                                                                          1. 2

                                                                                            IE may have initially encouraged some portability, but its net effect was quite the opposite. There were a lot of IE-only products by the time we saw version 6 or so.

                                                                                            That was when IE had “won” the browser wars and had added nonstandard features which other browsers didn’t support. Once they’d killed off Netscape people didn’t have any incentive to run other browsers, and those extra features got used by developers, entrenching it further because of these IE-only products you mention.

                                                                                      3. 6

                                                                                        This is the only thing I was looking for too. Not sure how Flow is supposed to solve any of the problems posed by a lack of browser diversity if it isn’t open source.

                                                                                        1. 11

                                                                                          Any alternative implementation of web technologies that isn’t WebKit gaining a non-trivial market share is a positive for those of us concerned about browser diversity, regardless of whether that implementation is open-source or not.

                                                                                          1. 1

                                                                                            Android might be a point, but without Windows it will not get a non-trivial market share.

                                                                                        2. 3

                                                                                          Thank you, thats one of the first items I check

                                                                                          1. 4

                                                                                            Can you come up with a better way to sustain its development than “people paying for it”? Unfortunately, free software isn’t free to develop.

                                                                                            1. 1

                                                                                              I’m not complaining that they’re charging for it; I just wish the article was up-front about the licensing at the outset so I would know not to waste my time on it.

                                                                                          1. 3

                                                                                            Mickens is always funny, but in this case I don’t find him as persuasive as I imagine he would like. E.g. while cryptocurrency was definitely overhyped, maybe it is simpler/cheaper/easier/more ethical to fix the problems with cryptocurrency than with fiat monetary systems (I’m not arguing that’s the case, just that it’s possible). Or as another example, maybe developers do have a moral imagination, and maybe they disagree with James Mickens.

                                                                                            Mickens’s writing and delivery are hilarious (and I heartily recommend his early work), but I think that he’s not sufficiently challenging himself here.

                                                                                            1. 2

                                                                                              Agreed. There are a lot of comparisons in this video, but not necessarily good points. I don’t see how anyone can find this convincing, but maybe it could cause some to reflect on their views.

                                                                                            1. 5

                                                                                              Apparently we’re not supposed to TL;DR in story text, so here’s a comment:

                                                                                              Signal using Intel SGX to allow for secure backups in case you lose your device. Password-based encryption works, but offline dictionary attacks are problematic. So, password authentication into an enclave, with few attempts. However, you want to replicate the enclave without allowing parallel password guesses. So build a consensus protocol out of SGX attestation operations.

                                                                                              This is really cool, well-developed applied crypto research. Only major concern is how much it relies on SGX, which has been broken seven ways to Sunday.

                                                                                              1. 6

                                                                                                I am surprised by how much the folks at Signal trust SGX. Frankly I don’t understand it. I don’t believe that it’s been maliciously compromised — I just don’t believe that SGX is bug-free in both design and implementation.

                                                                                                Likewise, this secure value recovery proposal sounds neat and great, but also really complex. That complexity means lots of opportunity to fail. One of those clear failure points is SGX: if that fails then I believe the entire system fails completely.

                                                                                                1. 10

                                                                                                  A comment I read a few years ago stated that Moxie (at least) had absolutely no trust in the government but had no issue with large companies, making him actually typical American in this regard. I don’t like classifying people that way andI didn’t expect such a thing but it matches the reality pretty well: trying to protect against government spying but trust in Intel, in Intel SGX (*), cloud providers (Amazon, Google, Microsoft iirc), …

                                                                                                  (*) Trusting Intel SGX and publishing an article only a few days after https://pludervolt.com was announced is so unrealistic that it’s actually almost funny.

                                                                                                  1. 3

                                                                                                    It’s funnier when you consider Intel operates in a police state that can secretly compel backdoors and targeted surveillance. They’re also one of the most likely to be cooperating with that. That said, they currently use the secret capabilities for fewer targets than the broader, more-public enforcement goes after.

                                                                                                    1. 3

                                                                                                      Non-typo’d version of that link: https://plundervolt.com/

                                                                                                    2. 4

                                                                                                      That’s what I told Moxie. He also didn’t seem to know why there’s a preference for tamper-resistant HSM’s in these use cases.

                                                                                                      1. 2

                                                                                                        IIRC he also strongly trusted google, choosing to only work with GCM and nothing more. It took a huge amount of input from users and no less than 2 forks for him to finally support other means of message delivery that don’t rely on google.

                                                                                                    1. 1

                                                                                                      Y2K is fascinating to me as someone born afterward. Such a silly thing looking back, but I’m curious as to why many people found the mythical bug a serious issue. Perhaps it was that knowledge of computers was not yet ‘mainstream,’ and people just didn’t understand computer systems in general?

                                                                                                      1. 27

                                                                                                        It was a serious issue, and we fixed it.

                                                                                                        A lot of folks look at the fact pattern as: people said Y2K was a problem; we took them seriously and spent a lot of money addressing it; nothing happened — and therefore there was no problem to begin with. That’s just not the case: there was a problem, and those sums of money solved it.

                                                                                                        It’s though a bit cried ‘wolf!’ and the villagers banded together and drove it off, successfully defending their flocks — and then got angry at him, because the wolf didn’t eat any sheep.

                                                                                                        What really worries me is that the next Y2K issue won’t be fixed, and will result in death and destruction, precisely because folks think that the first one was a hoax.

                                                                                                        1. 6

                                                                                                          This, exactly. A couple weeks ago, my daughter was raving about the cleanliness of the floors in our house, as if this sort of thing happened naturally. I had to remind her that she’s just absent when I spend a lot of time taking care of home things like cleaning the floors. Not so different.

                                                                                                          1. 4

                                                                                                            What really worries me is that the next Y2K issue won’t be fixed, and will result in death and destruction, precisely because folks think that the first one was a hoax.

                                                                                                            I’m not really that worried about that; anyone who knows how computers work would find an argument like “These old machines count time as a 32-it number of seconds which overflows in a few years” convincing. When the entire IT department takes the issue seriously, I can only assume the people above that would let them so what they deem necessary to keep the critical systems running. This isn’t really something the general public needs to believe in to fix.

                                                                                                            Or maybe I’m just naive and people in charge don’t trust their IT staff to know what’s best for IT infrastructure.

                                                                                                            I’m worried about sporadic failures going forward due to the hacks intended to fix y2k though. If some people’s solution to y2k was to read all numbers below 20 as 20xx and all numbers above it as 19xx, because those 20 years ought to be enough to fix the issue properly…

                                                                                                            1. 3

                                                                                                              This is why good(and public) history sources are something I will always champion. A post this week comparing these attitudes on Y2K to the 1987 treaty banning CFCs really resonated with me, having grown up witnessing both events first-hand.

                                                                                                              Even here in Seattle where newcomers love the views: Metro didn’t start as a bus service and many of our beaches were unsafe for swimming until the 80s.

                                                                                                              1. 2

                                                                                                                I had no idea it wasn’t a hoax. Thanks for filling me in; I’ll go research it more for myself.

                                                                                                              2. 6

                                                                                                                There were some people who were scared that old computers running deep down in cold war nuclear silos might go haywire and launch missiles (I kid you not). I guess it’s the unpredictability of the whole thing that scared people, mostly. Nobody was able to tell exactly what would happen when these date counters would overflow, which kind of makes sense because overflow bugs can cause really strange effects.

                                                                                                              1. 1

                                                                                                                Evidence of an early proto-dark-theme, too.

                                                                                                                1. 2

                                                                                                                  Nitpick: Advent consists of the four weeks before Christmas (starting with Sunday), rather always starting on December first. (Source: https://www.fisheaters.com/customsadvent1.html)

                                                                                                                  (Yes, I know. This year Advent does start on December first. Your point?)

                                                                                                                  “First get your facts straight. Then distort them at your leisure.”
                                                                                                                  -Neil deGrasse Tyson (https://twitter.com/neiltyson/status/835938739784314880?lang=en)

                                                                                                                  1. 7

                                                                                                                    You are technically correct, but most advent calendars start from 1 Dec and end on Christmas Eve or Day.

                                                                                                                    Using the secular form (i.e. all days in December up to 24 or 25) prevents acrimonious debate about when, exactly, Advent Sundays fall. For example, according to the fount of all human knowledge:

                                                                                                                    In the Ambrosian Rite and the Mozarabic Rite, the First Sunday in Advent comes two weeks earlier than in the Roman, being on the Sunday after St. Martin’s Day (11 November), six weeks before Christmas.

                                                                                                                    1. 4

                                                                                                                      And in the Orthodox world the Christmas fast starts 40 days before Christmas!

                                                                                                                      1. 2

                                                                                                                        In the Ambrosian Rite and the Mozarabic Rite, the First Sunday in Advent comes two weeks earlier than in the Roman

                                                                                                                        I didn’t know that until today (I’m a member of the Roman Rite). However, this only strengthens the point that Advent is a religious thing and secularization is diluting the meaning of such names.

                                                                                                                        Using the secular form (i.e. all days in December up to 24 or 25) prevents acrimonious debate about when,

                                                                                                                        I’m not angry at anyone in particular over this. It would be nice if secular customs didn’t use religious names, but I think it’s a bit late for that.

                                                                                                                        1. 4

                                                                                                                          These rites were news to me too!

                                                                                                                          The creator of the project seems to have German Lutheran (cultural) roots, so the project was inspired by his memory those calendars. See this talk: https://lobste.rs/s/ay9oft/advent_code_behind_scenes

                                                                                                                          1. 2

                                                                                                                            See this talk: https://lobste.rs/s/ay9oft/advent_code_behind_scenes

                                                                                                                            I don’t know if I’ll watch the whole thing, but it’s good to know this was addressed. Thanks for the link!

                                                                                                                            1. 2

                                                                                                                              A big part of the talk was that the planned audience for this contest was ~70 people. Virality expanded that to 100K (?) during the first year. No doubt if this had been a corporate project it would have been focus-grouped and someone might have raised the issues with naming it after Advent.

                                                                                                                    1. 2

                                                                                                                      Rust and Erlang are not the only programming languages with a good concurrency model. C is not dead or dying. Type systems do not objectively make it easier to program. Dynamically typed languages are not on the way out, obsolete or in any way bad. People do not need parametric polymorphism in their fucking text editor extension language. Emacs does not need a fucking web browser to ‘keep up with the kids’ or whatever ridiculous reasoning is being given. And Visual Studio Code isn’t even remotely close to Emacs in any respect at all, it’s a text editor you can write extensions for, just like virtually every other popular text editor in history. Taking lessons from Visual Studio Code is like taking lessons from Sublime Text or any other momentarily popular editor that is and will be forgotten about within a couple of years.

                                                                                                                      What Emacs should be taking note from is not Visual Studio Code, it’s vim. Vim is everything Emacs is not: fast, ergonomic and with a language that’s PERFECT for writing very small snippets of but an awful pain to write extensions with. Emacs Lisp is what you get if you write commands to your text editor in a proper programming language (100s of characters just to swap two shortcuts) while Vimscript is what you get if you write extensions to your text editor in a command language (sometimes harder to understand than TECO).

                                                                                                                      Vim is also evidence that trying to fix extensions with bindings to extra languages is a terrible idea. Vimscript needs to be improved, not replaced. Emacs Lisp is the same: improvements are necessary, not its replacement with something else. It’s not just bad to replace Emacs Lisp entirely, adding a new language beside it and making Emacs Lisp ‘legacy’ also means that in order to access new parts of the Emacs infrastructure, extensions/modes need to be rewritten anyway.

                                                                                                                      The contention made that C needs to go to make contributing to Emacs more accessible is.. frankly insane. C is one of the most widely known languages in the world. It’s very easy and accessible to learn. Rewriting code parts of Emacs in an obscure, esoteric language like Rust is not going to make contributing to Emacs easier, it’s going to make it much harder. It should also be made quite clear that Rust is not a ‘guaranteed safe language’ as is claimed here. Not even close. It’s not at all safe. It literally has a keyword called unsafe that escapes all the safety that the language provides. Under certain conditions that are very easy to check Rust is totally safe, which is what it provides over C, and even outside those conditions, any spots that introduce unsafety are enumerated with grep -Re unsafe, but it’s absolutely untrue that Rust is safe, and any gradual move from C to Rust in Emacs would involve HUGE swathes of unsafe Rust to the point where it’s probably safer to do it in C++ than in Rust, simply because the infrastructure for checking C++ programs for safety are stronger than the infrastructure for checking Rust-programs-that-are-full-of-unsafe for safety.

                                                                                                                      A very statically typed language like Rust makes no sense for a text editor like Emacs. The strength of Emacs is that it’s insanely dynamic. It has a relatively small bit written in C, and most of it is actually written in Elisp.

                                                                                                                      1. 4

                                                                                                                        Yeah, I very much disagree with his desire to get away from a real Lisp. The value proposition of Emacs is very much about having a dynamic, dynamically-typed, dynamically-scoped (yes, I am aware of the optional lexical scoping) Lisp extension language.

                                                                                                                        You are right that vim makes simple things simple, but man-oh-man is VimScript a hideous misfeature of an extension language. I do think that Emacs could probably stand to have some more sugared ways to do some basic config out of the box — use-package is an example of improved keybinding, for example.

                                                                                                                        I wouldn’t mind a Rust-based runtime, but what I would really love to see is a Lisp-based runtime: a core in Common Lisp, with a full Elisp engine to run all the code from the last fourty-three years, and with full programmability in Common Lisp.

                                                                                                                        But then, I’d also like to see an updated Common Lisp which fixes things like case, pathnames, argument ordering and a few other small bits. And I want a pony.

                                                                                                                        1. 3

                                                                                                                          Lisp is probably one of the few things that makes emacs actually interesting, and I’m not even an emacs user or a lisp user…

                                                                                                                        2. 3

                                                                                                                          It literally has a keyword called unsafe that escapes all the safety that the language provides

                                                                                                                          This is not true, and this (very common) misunderstanding highlights the fact that one should think about – for lack of a better term – marketing, even when creating the syntax for a programming language. unsafe sure makes it sound like all the safety features are turned off, when all it does is allow you to dereference raw pointers and read/write to mutable static variables – all under the auspices of the borrow checker, that is still active.

                                                                                                                          1. 2

                                                                                                                            It is true. As soon as unsafe appears in a program all safety guarantees disappear. That’s literally why it’s called ‘unsafe’. The rust meme that it doesn’t take away all the guarantees ignores that.

                                                                                                                            It turns off enough safety guarantees that you no longer can guarantee safety…

                                                                                                                        1. 14

                                                                                                                          I don’t like the direction he wants to go with HTML and web integration. If I want webmail and web chat and perfect HTML rendering, I’ll open my browser. I don’t think the core of Emacs should be bogged down with a browser engine. I understand that some people want to use Emacs for everything, but at the end of the day it is supposed to be a text editor and not a web browser.

                                                                                                                          It’s easy enough to say “Just turn it off”, but it’s bound to be a security mess, bloat the memory use, and make the code base even more complicated, so there are side effects even for people who don’t want these features.

                                                                                                                          1. 13

                                                                                                                            at the end of the day it is supposed to be a text editor and not a web browser.

                                                                                                                            It’s supposed to be an operating system; more of a Lisp Machine refugee camp, making do with what’s available on Unix.

                                                                                                                            1. 2

                                                                                                                              Maybe, but the modern web is a product of Unix, continued on with technical compromises and consumer friendliness. If Emacs were to become a text browser, sure I would not have to leave Emacs anymore, but the product would really not be the computational environment built on free software any more – rather it would just be reduced to another, probably sub-par browser.

                                                                                                                              1. 2

                                                                                                                                Done right, I think that it would very much not be just another browser, and done right it need not be sub-par. I can easily imagine a Lisp-extensible editor with enough knowledge of HTML, JavaScript and CSS to be indistinguishable from Firefox or Chrome.

                                                                                                                                What I can’t easily imagine is the FSF, GNU or the Emacs project itself having the resources to build such a thing. And sadly, no-one with those resources cares enough about Lisp or Emacs to do it either.

                                                                                                                                1. 1

                                                                                                                                  I can easily imagine a Lisp-extensible editor with enough knowledge of HTML, JavaScript and CSS to be indistinguishable from Firefox or Chrome.

                                                                                                                                  If it’s indistinguishable, what’s the point?

                                                                                                                              2. 1

                                                                                                                                Guixsd already exists, and uses a better lisp!

                                                                                                                              3. 4

                                                                                                                                I don’t think the core of Emacs should be bogged down with a browser engine.

                                                                                                                                Emacs already has a web browser and if you haven’t noticed it by now then I doubt a new one getting added is going to bogg anything you already use down.

                                                                                                                                1. 3

                                                                                                                                  I know, and I use it almost every day. I have it set as my default browser in Emacs. I use it to open Org mode web links, browse documentation, do web searches/research while working, and occassionally use github and sourcehut. It’s nice because I can avoid the distraction of Slack, email, Lobste.rs, and the rest of the web.

                                                                                                                                  I guess my argument is that Eww already supports the right amount of HTML for a browser embedded in a text editor. Obviously, very much IMO.

                                                                                                                                1. 3

                                                                                                                                  I still can’t get why there’s no competitive implementation of Org, especially without Emacs dependency.

                                                                                                                                  1. 1

                                                                                                                                    There’s an Android App. I think there are some Vim implementations?

                                                                                                                                    1. 1

                                                                                                                                      While Turing-completeness means one can do anything in one language you can in another, it doesn’t mean that all languages are equally productive, and it doesn’t mean all environments are equally productive. Emacs and Elisp make a great, productive pair.

                                                                                                                                      Also, among Org Mode’s features are the ability to execute Elisp with Emacs: a compatible implementation would thus need to include a whole Emacs.

                                                                                                                                      1. 1

                                                                                                                                        It’s not that hard to imagine using a subset of org mode that doesn’t include executing elisp. Most org files I’ve seen don’t even have elisp. Perhaps you could write an article on how to use elisp with orgmode for good.