1. 2

    In the past I’ve been guilty of having a single all-purpose key. Last year I started reducing the scope of my keys. I now have a key for each combination of source computer, destination system and year. When I replace a laptop then I’ll be able to invalidate all my keys from that source.

      1. 1

        That seems focused on developers/contributors. Not everyone contributes to public source repositories.

      1. 19

        I just want to point out that planting trees is the worst kind of CO2 compensation.

        • Young trees don’t absorb as much CO2 as old ones
        • Planting trees does not actually change the fact that we are emitting too much CO2.
        • There are not a general solution in the sense that everyone could just compensate with trees and everything is fine

        It is better to compensate via an investment in green and sustainable projects

        1. 32

          I just want to point out that planting trees is the worst kind of CO2 compensation.

          The benefits of the tree are for tomorrow not today and aren’t purely for CO2 sequestration. You also reduce/mitigate things like desertification, help change local climate, provide future nesting area for birds etc…

          Don’t let a good thing like planting trees stop you from doing so because it alone won’t fix CO2. We need multi pronged approaches. And given how many trees are dying now due to fires, I can’t get behind not trying to plant more to fix the after effects of us not dealing with CO2 in the atmosphere.

          1. 10

            I disagree. While planting a few trees won’t have an immediate effect, it has a few nice properties:

            1. It’s easy: provided you have a sapling and a shovel you can do it. Or even easier, donate to something like Trees for all and have somebody else do it at a much larger scale.
            2. We can do it today
            3. It benefits nature as a whole, e.g. by providing nesting space for birds
            4. It’s probably the least prone to corruption, misuse of funds, or some other form of “damage” to others.
            5. Provided they are taken care for (or just left alone), a forest can last for more or less forever (at least here in The Netherlands where we don’t have massive wildfires and what not). I think wind turbines only last 2-3 decades or so.

            Of course there are far more effective ways, such as banning cars and massive investments in public transportation. But these methods tend to be very political, take years to complete, usually are horribly expensive, and may be prone to misuse.

            A random recent example: a wind park was built in The Netherlands, with enough energy to provide 300k-something homes with electricity. The Dutch government invested something like €600 million, with the promise that locals would get (IIRC) a discount. This would be a huge benefit for the environment, as a few birds flying into a wind turbine is worth saving tons of CO2.

            Except it all went to a (newly built) data centre from Microsoft. All of it. This in spite of The Netherlands lagging behind massively when it comes to adopting renewable energy sources.

            For reference, that €600 million would’ve been enough for roughly 96 000 trees according to the Trees for All website. The exact amount of CO2 this can store is hard to calculate. A statistic I found on a few websites is roughly 20KG of CO2 per tree per year. At 96 000 trees that would translate to 1 920 000 KG (2 116 tons) of CO2 per year.

            Of course it would’ve been even better to just give the wind park to citizens as originally intended, but this is just an example to show that planting trees can be very effective.

            1. 2

              Provided they are taken care for (or just left alone), a forest can last for more or less forever (at least here in The Netherlands where we don’t have massive wildfires and what not). I think wind turbines only last 2-3 decades or so.

              Not only in the netherlands, but pretty much everywhere. While still natural events, most present days wildfires, or at least their scale, are very much a result of replacing naturally occurring forest with vast areas of monoculture of trees for wood production purposes. Covering thousands of acres with pines, spruces and eucalyptus in places like south europe, south africa or california is essentially turning land into a gigantic fuse. Before man-made forests, such trees had to share the space with leafy trees such as oak, chestnut, acer, birch, cherry, etc. These are not only less flammable themselves, they also provide thicker shadow, retaining more humidity and allow for less flammable smaller plants to grow below their canopy.

              You also forgot a very important plus for trees: their impact on human life quality. Few things are more therapeutic than taking a walk on a quite forest. And even in the city or indoors, humans naturally need proximity with nature.

            2. 9

              But it doesn’t hurt, right? If we would plant as much as we cut, we’d still help a lot – or this wouldn’t hold?

              1. 5

                Yes, a small amount. See https://savingnature.com/offset-your-carbon-footprint-carbon-calculator/, then multiply the results by a few billion people per year.

              2. 2

                Not only that, but most of these “we plant trees for you” operations are planting tree farms that would have been planted anyways. They’re also monocultures that don’t support ecosystems the way a real forest would, but I think people get this image of a proper forest when they hear about these things—and it ain’t so.

                1. 2

                  It’s not the best but it’s certainly not the worst. It ranks higher in CO2 reduction than buying a carbon offset for example.

                  What most companies don’t realise is that it’s not enough to be carbon neutral, they need to be carbon negative and actively reduce the level of CO2 rather than maintain it. The heating effects of elevated CO2 are cumulative.

                  1. 2

                    Thanks I didn’t know this.

                    1. 15

                      Edit: this is in reply to GP.

                      Obviously, the need to plant trees arises from the fact that we have destroyed huge areas of forest and woodland already and should try to re-establish the balance of co2 absorption.

                      Literally every single old tree has been a young tree once. You need to plant trees and let them grow old. By your logic there could never be any benifit of planting a tree, carbon wise. You don’t need to cut down an old tree to plant a new one. An old tree plus a young tree abdorve more co2 than the old one alone. I am not sure what you are trying to point out with your first bullet point.

                      Although I absolutely agree with your second and third point. And that applies to most modern “solutions”. There is this idea that we just switch do PV panels, or electric cars or plant a bunch of trees and everything is fine. While the problem is much more deep rooted in the very concept of our current modern society.

                      1. 5

                        I totally agree, but the conservation and planting of trees and the compensation of everyone‘s CO2 emissions are two different problems in my opinion. I cant just hit a stranger in the face and pay the medical bills.

                        1. 4

                          Yes, I think it’s clear that both these problems should be worked on. Too much CO2, and too little trees.

                    2. 1

                      We have too many trees here. You can adopt some of them

                    1. 7

                      I wish more people knew about JSON5 — it’s super convenient for when you have to hand-write JSON, because it lets you omit quotes around object keys, use single quotes, add trailing commas, add comments. I use it all the time when writing C++ unit tests for APIs that have to consume or produce JSON.

                      Of all the binary alternatives I lean toward Flatbuffers. The zero-copy parsing is a huge performance win, and the closely-related Flexbuffers let you store JSON data the same way.

                      1. 5

                        I’ve recently come across another JSON-with-benefits format recently, Rome JSON, but it doesn’t seem to be formally specified yet.

                        1. 2

                          Another convenient JSON variant is the superset defined by CUE

                          • C-style comments,
                          • quotes may be omitted from field names without special characters,
                          • commas at the end of fields are optional,
                          • comma after last element in list is allowed,
                          • outer curly braces are optional.
                          1. 1

                            JSON5 seems kind dead — several of the repos on its GitHub are archived?

                            1. 1

                              I implemented my own JSON5-to-JSON translator in C++. It was simpler than writing a full parser and safer than hacking on the existing JSON parser I use. It adds overhead to parsing, but I don’t use JSON5 in any performance-critical context so I don’t mind.

                          1. 7

                            I switched to Kakoune for all my ad-hoc editing although for coding I like to have something more mouse driven for working on multiple files in the same session. I rarely remember the names of source files so I like to have the source tree permanently visible and accessible.

                            1. 1

                              I tried this today based off your comment and I’m pretty impressed with it, esp. as a vi/vim user for the last 25+ years…

                            1. 4

                              I approached Kubernetes as a complete skeptic but having spent 12 months with it I am a convert. My experience is perhaps a little different since I’m writing Kubernetes operators which use many of the core APIs to control the behaviour of other apps running in the cluster.

                              What Kubernetes has done well is to provide a well thought out collection of abstractions for running modern multi-component applications: pods, endpoints, services, volumes, configmaps, secrets. The complexity of use comes from the myriad of configurations that are needed to interface existing systems into this abstraction.

                              But there are some beautiful parts to that complexity. If the application in your pod needs environment variables then you can set them directly or map them transparently from a secret or configmap without changing your application. Similarly you can map a configmap to a volume so that it looks like a directory to your app even though the configuration files it contains are managed externally.

                              There’s a lot to learn but you don’t need to learn it all at once: just the core concepts and how they interface with your application’s requirements.

                              1. 2

                                This article mentions that the IPFS project has worked on this problem for a while and even has relevant specifications (CID and Multihash) but chooses to ignore them and invent an incompatible identifier format. I wonder what the rationale for that is.

                                1. 1

                                  Hi @rauyran I am the author of the article. I did mentioned in the article that “Whilst we could adopt Multihash here, it’s much more complex than we need”.

                                  It was pretty much no more complicated than that… Multihash is quite complex in its encoding scheme, which is fine for machine use. However for archival data you ideally want a simple encoding scheme, or better yet, no encoding scheme at all! The reason being, that when the technology apocalypse or some form of obsolescence occurs, being able to look back at the data as a digital archivist/archeologist and understand what is there is invaluable. The more complex/obscure the machine encoding, the less likely that it can be easily reverse-engineering by a human in the future.

                                  1. 1

                                    Hi @adamretter, I don’t think Multihash is much more complex than your scheme. Instead of prefixing hashes with a ! you’d prefix with a0e40220 where a0e402 is the multihash identifier for blake2b-256 and 20 is the length of the hash in hex.

                                    But I think the more important aspect is that there is value in adopting a shared standard rather than inventing a new one, especially in an archival situation where data can become separated from its documentation over decades.

                                    1. 1

                                      @rauyran I agree that a shared standard would be good. I still would argue that Multihash is better suited to machine processing than it is designed for archival concerns. For example, Multihash uses Variable Byte Encoded Integers for the first two fields. There are several different competing schemes for Variable Byte Encoding. If you imagine that in the future all the standards and docs have vanished, then for archival purposes you want the simplest scheme possible… as some poor human has to decipher it.

                                      1. 1

                                        But the prefixes don’t change. blake2b-256 will always be a0e40220 so a verifier can look at the prefix and consult a static list of ones it supports.

                                        I think your comment about standards vanishing reinforces my point. Multihash is (or at least was) on a W3C+IETF standards track and I can easily point to 50 year old RFCs for decoding old protocols and formats. I think it’s more likely that someone outside TNA won’t be able to find the documentation for your future identifiers in the same timeframe.

                                        1. 1

                                          Your points are valid! I do appreciate that the prefix won’t change. However, you need to know what the prefix means, I was assuming in future that such information will not necessarily be available. It’s not just that my “standard” might have disappeared… but that all standards and related information might have disappeared!

                                          If you sit down and you only have the raw bytes to look at and your brain to use (i.e. no reference materials), assuming no prior knowledge of the data format, then which is easier to decode?

                                          In general I am all for standards and Multihash. My no means have we fixed ourselves on any particular scheme yet, please think of it as an exploration of a possibility ;-) Feedback such as yours is very valuable in influencing our thinking, thank you :-)

                                1. 1

                                  Battlestation

                                  • 28” Samsung LU28E85KRS
                                  • Custom PC with i7 6700K, 40GB RAM, Samsung 960 EVO 500GB SSD
                                  • HyperX HX-KB1BL1-UK Alloy Keyboard
                                  • Lenovo Yoga tablet for watching streams (bonus reflection of me)
                                  • Acer Chromebook purely for hangouts/zoom/skype

                                  Using Gnome 3 on Debian Unstable. Firefox, Chromium, Sublime, Terminator

                                  1. 4

                                    TLDR: Use single sign-on.

                                    Doesn’t seem like a good article.

                                    Not.understanding Kerckhoff

                                    This is exacerbated by the trend to use your email address as your user name, which means that one part of your secure login information is now public, leaving your password as the only line of defense.

                                    Another weird idea: changing passwords helps the attacker

                                    it’s no longer necessary to change passwords every 90 days, mainly because that only provides hackers with a fresh supply of old passwords to try when they attack,

                                    1. 1

                                      Doesn’t enforcing regular password changes tend to steer people towards simpler passwords that are more easily memorised? Unless they are using a password manager.

                                      1. 0

                                        Not.understanding Kerckhoff

                                        This is exacerbated by the trend to use your email address as your user name, which means that one part of your secure login information is now public, leaving your password as the only line of defense.

                                        Author probably meant that with login/password auth an attack can be targeted at a certain group of users, given you known their logins (emails). At least that’s how I understand the problem. Also, having read the Wikipedia article on Kerckhoff principle, I don’t think it’s related to the topic. Disclaimer: I am not a cryptographer.

                                        1. 1

                                          The idea behind Kerckhoff is that only the key should be considered secret and the rest public so that an analysis can easily determine what the attacker knows and what he must not know.

                                          It should prevent security by obscurity like having a secret design which can however be reverse engineered.

                                          I cannot think of any attack that is stopped by lack of knowledge of a username. If you have leaked passwords you probably have the usernames. Remote brute-force should never work anyway. If anybody has an idea, I would love to hear it! I can only think of marginal utility for social engineering types of things…

                                      1. 1

                                        This post seems to miss the point of internal. It’s special because it allows authors to restrict who depends on their code. It can also be used anywhere in the go package. It’s not an either/or situation. Use pkg if you follow that convention and also use internal to give you freedom to change your code without breaking your users.

                                        1. 1

                                          You use internal directories to make packages private. If you put a package inside an internal directory, then other packages can’t import it unless they share a common ancestor. Internal packages enable you to export code for reuse in your project while reducing your public API. Russ Cox, in his proposal for internal packages, used the standard library as an example of where you want them.

                                          I then talk about how the way people use internal is more nuanced.

                                          1. 1

                                            Your piece should make it clear that they are not alternatives but complementary.

                                        1. 16

                                          The article is written by Thomas Bushnell who worked on hurd and worked closely with RMS. What I’m glad this point so clearly put, was that the issue with RMS was not just about that particular email chain. It brought the issue into a larger picture. It takes someone who knows the guy to see that since most people don’t have that kind of experience over such a long period of time.

                                          1. 10

                                            It takes someone who knows the guy to see that

                                            I mean, Selam G. did a pretty comprehensive post with references and quotes from women harassed by RMS over the years without ever knowing RMS. I’d argue that the women in question didn’t know RMS either (which is part of why he should not have been propositioning them).

                                            When someone is being abusive we usually just need to listen to the victims and observe reality.

                                            1. 14

                                              I find it very hard to trust in information provided alongside clear and obvious lies about a quote, and I am suspicious of the author’s motives for misrepresenting such a quote.

                                              1. 5

                                                Did you read the article ? What part wad misrepresented ?

                                                1. 5

                                                  One example out of a few from the peice, but an example with the most relevancy, a misquotation that was used by the medias (social and mainstream) to coerce Stallman out of his role.

                                                  What Stallman wrote:

                                                  We can imagine many scenarios, but the most plausible scenario is that she presented herself to him as entirely willing.

                                                  What Selam G. wrote in her piece:

                                                  …and then he says that an enslaved child could, somehow, be “entirely willing”.

                                                  This is, undoubtedly, intentionally malicious.

                                                  1. 1

                                                    The author could also just have poor reading comprehension, I guess.

                                                    1. 4

                                                      Why should we listen to an author with such poor reading comprehension? Both situations make her lose a lot of credibility.

                                              2. 5

                                                Yes! listening to the victims is the most important part. I like Selam G.’s followup post which has quotes from victims.

                                                1. 5
                                                  Today, I found out that Stallman had issued a rather weak and confusing apology to the CSAIL mailing list:
                                                  
                                                      “I want to respond to the misleading media coverage of messages I
                                                      posted about Marvin Minsky’s association with Jeffrey Epstein. The
                                                      coverage totally mischaracterised my statements.
                                                  
                                                      Headlines say that I defended Epstein. Nothing could be further from
                                                      the truth. I’ve called him a “serial rapist”, and said he deserved to
                                                      be imprisoned. But many people now believe I defended him — and
                                                      other inaccurate claims — and feel a real hurt because of what they
                                                      believe I said.
                                                  
                                                      I’m sorry for that hurt. I wish I could have prevented the
                                                      misunderstanding.”
                                                  

                                                  I’m not sure what is weak or confusing about that apology.

                                                  1. 8

                                                    I think it’s because even while apologising he manages to say (paraphrasing) “I’m hurt by what you said I said” and “you didn’t understand me”. In fact, now I read it again he doesn’t actually apologise for anything except for being hurt.

                                                    1. 5

                                                      From what I read:

                                                      He defended Marvin Minsky as potentially not a rapist because he might not have known the truth, but he said Epstein definitely was a rapist. He is sorry he couldn’t make that more clear.

                                                      RMS said from Marvin Minsky’s perspective it was possibly a rich guys a prostitute harem of 18 year olds. Still gross, but to RMS the injustice was calling him a willing rapist, not a creep, with total certainty.

                                                  2. 4

                                                    The quotes in the article you linked seem to show him as a lonely sad guy who sleeps in his office. Could you elaborate on the assaults he did?

                                                    To me when he allegedly said he would kill himself if he didn’t get a date, that is a sign of someone who is very lonely and needs help, not necessarily a predator. Sure it should be addressed somehow, but the author of your articles has very little empathy for other people ‘not like her’. It just sounds like a bad situation for everyone.

                                                    1. 3

                                                      I’m sure that Stallman was and is very lonely, but he is also, intentionally or not, trying to manipulate young women into going on dates with him and sleeping with him. That is predatory behaviour.

                                                      Stallman made a large number of women uncomfortable to the extent that women professors at CSAIL kept plants in their office to ward him off. This suggests to me that they felt harassed by him.

                                                      He should get help. He should also be removed from his positions of power while he gets it so that he cannot further harass women at MIT nor easily at FOSS conferences.

                                                      It would be great if he stopped saying that voluntary or consensual pedophilia is possible, too.

                                                      Other testaments from women: https://mobile.twitter.com/_sagesharp_/status/1173637138413318144

                                              1. 31

                                                I switched my project from MIT to Apache 2 when I read a blog post from the LLVM project, indicating that they interpret the MIT licence differently than I do. MIT is ambiguous, and this blog post verifies it. The Apache 2 licence is clear and unambiguous, plus it covers patents, which is important to me in case a patent holder ever contributes to my project. The one drawback is that Apache 2 is not compatible with GPL 2 (according to the FSF).

                                                I would consider using the Blue Oak licence if the following things occur:

                                                • The Open Source Initiative certifies it as Open Source.
                                                • The Free Software Foundation certifies it as a Free Software Licence, and certifies that it is compatible with GPL 2 and GPL 3.
                                                1. 9

                                                  The English language, as commonly used in informal conversation, is ambiguous, but we mostly don’t notice, because we automatically look for the most obvious or reasonable interpretation. In legal disputes, it’s different, which is why contracts and licences need to be more explicit and verbose. I think the Apache 2 licence does a good job of being both readable and unambiguous.

                                                  The Blue Oak licence is a lot shorter than Apache 2, and I think it is ambiguous. It appears you are allowed to delete the author’s name from the copyright notice, while leaving the licence in place. Blue Oak seems to allow this:

                                                  Each contributor licenses you to do everything with this software that would otherwise infringe that contributor’s copyright in it.

                                                  Deleting my name from the copyright notice would certainly infringe my copyright, so is this allowed? Apache 2 explicitly disallows this.

                                                  1. 9

                                                    “copyright notices” haven’t been a part of any country’s copyright law for years and preserving names/attribution requirements have never been a part of most. Some licenses require attribution (ISC/MIT/BSD) but in practise that is routinely violated and never enforced. Blue Oak explicitly has no attribution requirement (only the requirement to notify downstream of the license) and has no language about “copyright notice” because it’s an antiquated concept with no legal teeth.

                                                    1. 11

                                                      Some licenses require attribution (ISC/MIT/BSD) but in practise that is routinely violated and never enforced.

                                                      Really? it’s a pretty big deal to me if somebody copies my source code verbatim, deletes the “Copyright Doug Moen”, and substitutes their own name, with no other changes, even if the licence is preserved. I would definitely take action if I found out some other project was doing that with my code.

                                                      There was a high profile case in 2007 when a Linux kernel developer copied a driver from OpenBSD, deleting the copyright notice and licence, replacing it with their own. In that case, the OpenBSD team did enforce their licence and forced the Linux team to restore the original copyright and licence text. See: http://undeadly.org/cgi?action=article&sid=20070913014315

                                                      In this case, the issue wasn’t just a matter of the licencing terms being changed. It was also an issue of the original author no longer being credited with writing the code. Theo de Raadt wrote:

                                                      Now it may seem petty to be pointing out the above, but these Linux wireless developers have ignored the ethical considerations of honouring the author for his work, and then violated the law 3 times under advice from a ex-FSF laywer. Come on. By that point someone should at least be offering the author an apology

                                                      1. 2

                                                        Fair point, I shouldn’t say “never”.

                                                        But go try to find a website that isn’t violating a MIT/ISC/BSD license on a javascript dependecy by omitting the license and notice.

                                                        I’ll wait.

                                                        1. 5

                                                          To be fair there is a convention for preserving licenses and common tooling supports it so this happens less than you’d think. You are right in general though – people don’t always think about this, and the library not being set up correctly w.r.t. the tooling does not not remove the requirement to include attribution.

                                                          1. 3

                                                            Off the top of my head, FSF.org.

                                                      2. 4

                                                        I believe (IANAL) that keeping your name intact is a “moral right” separate to copyright. Wikipedia lists the moral rights as:

                                                        the right of attribution, the right to have a work published anonymously or pseudonymously, and the right to the integrity of the work

                                                        The Blue Oak license doesn’t mention them but that’s not unusual as I think only Creative Commons really addresses the issue.

                                                    1. 3

                                                      Summary: running a virus checker on a production server can interfere with normal service operation

                                                      1. 16

                                                        This started out as a total rant about the current state of the web, insecurity and the lack of proper rigidity in specifications. I decided not to post it while I was all riled up. The next day I rewrote it in its current form. It’s still a bit one-sided as I’m still having trouble understanding their reasoning. I vainly hope they’ll either give me a more coherent explanation why they dropped the formal grammar, or actually fix it.

                                                        1. 16

                                                          The formal grammar doesn’t reflect reality. The browsers started diverging from it years ago, as did the server authors. Sad, but true of many many similar specifications. The WHATWG spec a descriptive spec, not a prescriptive one: it was very carefully reverse engineered from real behaviours.

                                                          1. 8

                                                            You can model that, too. Specs trying to model C with undefined behavior or protocol operation with failure modes just add the extra stuff in there somewhere. Preferably outside of the clean, core, expected functioning. You still get the benefits of a formal spec. You just have to cover more ground in it. Also, good to do spec-based test generation run against all those clients, servers, or whatever to test the spec itself for accuracy.

                                                            1. 2

                                                              … that’s exactly what these modern bizarro algorithmic descriptions of parsers are—rigorous descriptions of real behaviors that have been standardized. “Just add the extra stuff” and this is what you get.

                                                              It sounds like by a “formal spec” you mean a “more declarative and less algorithmic” spec, which definitely seems worthwhile. But be clear about what you want and how it’s different from what people have been forced to do by necessity in order to keep the web running.

                                                              1. 1

                                                                By formal spec, I mean formal specification: a precise, mathematical/logical statement of the standard. A combo of English and formal spec (esp executable) with both remove ambiguities, highlight complexities, and aid correct implementation.

                                                                Certain formal languages also support automatic, test generation from specs. That becomes a validation suite for implementations. A formal spec also allows for verified implementations, whether partly or fully.

                                                                1. 2

                                                                  I am exceedingly familiar with what a formal specification is. I am pretty sure you are confused about the difference between rigor and a declarative style—the two are entirely orthogonal. It is possible to specify something in an algorithmic style and to be entirely unambiguous, highlight complexities, aid correct implementation, and support automatic test generation, moreover, this has been done and is done extremely often—industry doesn’t use (or get to use) parser generators all the time.

                                                                  1. 1

                                                                    Ok, good you know it. It’s totally possible Im confused on rigor. Ive seen it used in a few different ways. How do you define it?

                                                                    1. 2

                                                                      Sorry for the delay, renting a car :(

                                                                      I would define rigor as using mathematics where possible and extremely precise prose when necessary to removing ambiguity, like you pointed out. Concretely, rigor is easier to achieve when the language you are writing in is well defined.

                                                                      If you written using mathematical notation you get the advantage of centuries of development in precision—you don’t have to redefine what a cross product or set minus or continuity are, for example, which would be very painful to do in prose.

                                                                      Specs try to achieve the same thing by using formalized and often stilted language and relying on explicit references to other specs. Because mathematicians have had a much longer time to make their formalisms more elegant (and to discover where definitions were ambiguous—IIRC Cauchy messed up his definition of convergence and no one spotted the error for a decade!) specs are often a lot clunkier.

                                                                      For an example of clunkiness, look at the Page Visibility API. It’s an incredibly simple API, but even then the spec is kind of painful to read. Sorry I can’t link to the specific section, my phone won’t let me. https://www.w3.org/TR/page-visibility/#visibility-states-and-the-visibilitystate-enum

                                                                      Separately, for an example of formal methods that looks more algorithmic than you might normally expect, see NetKAT, which is a pretty recent language for programming switches. https://www.cs.cornell.edu/~jnfoster/papers/frenetic-netkat.pdf

                                                                      Certainly web spec authors have a long way to go until they can commonly use formalisms that are as nice as NetKATs. But they still have rigor, just within the clunky restrictions imposed by having to write in prose.

                                                          2. 5

                                                            I have to parse sip: and tel: URLs (RFC-3261 and RFC-3966) for work. I started with the formal grammar specified in the RFCs (and use LPeg for the parsing) and even then, it took several iterations with the code to get it working against real-world data (coming from the freaking Monopolistic Phone Company of all places!). I swear the RFCs were written by people who never saw a phone number in their life. Or were wildly optimistic. Or both. I don’t know.

                                                            1. 8

                                                              I may hazard a guess… I watched the inception of WHATWG and used to follow their progress over several years, so I have a general feeling of what they’re trying to do in the world.

                                                              WHATWG was born as an anti-thesis to W3C’s effort to enforce a strict XHTML on the Web. XHTML appealed to developers, both of Web content and of user agents, because, honestly, who doesn’t want a more formal, simpler specification? The problem was that the world “in large” is not rigid and poorly lends itself to formal specifications. WHATWG realized that and attempted to simply describe the Web in all its ugliness, complete with reverse engineered error handling of non-cooperative browsers. They succeeded.

                                                              So I could imagine the reasoning for dropping the formal specification is due to admitting the fact that it can’t be done in a fashion compatible with the world. Sure, developers would prefer to have ABNF for URLs, but users prefer browsers where all URLs work. Sorry :-(

                                                              1. 3

                                                                This is my understanding too, but you still need to nail down some sort of “minimally acceptable” syntax for URLs to prevent further divergence and to guide new implementations.

                                                            1. 5

                                                              Write unit tests for library code and algorithms, integration tests for everything else.

                                                              1. 0

                                                                I think this article has a small misconception about vgo (aka go modules): it doesn’t take the minimum version. go get always downloads the latest version. Thereafter the MVS algorithm picks the maximum of all the constraints.

                                                                EDIT: also I notice that it confuses the terms minimal and minimum. The Go algorithm is minimal because Russ Cox feels that nothing else can be taken away.

                                                                1. 3

                                                                  “The key to minimal version selection is its preference for the minimum allowed version of a module.” –Russ Cox

                                                                  The maximum of the values of the constraints is the minimum of the versions allowed by the constraints.

                                                                  It is more clear to call it the minimum, since the algorithm gives lower and lower versions as constraints are removed–it can only be pushed towards higher values by adding constraints. Conversely, the cargo algorithm “wants” the maximum version, and can only be dissuaded from it by adding constraints (or lockfiles).

                                                                  1. 2

                                                                    It does take the minimum version. Yes, the name is minimal not minimum, but one of the property of that minimal algorithm is that it takes the minimum version.

                                                                    An example should be clarifying. B is available in version from 1.0 to 1.10. A declares dependency on B >= 1.5. vgo resolves B 1.5, Cargo (and other package managers) resolves B 1.10.

                                                                    1. 1

                                                                      Yep, I understand that. My point was that if A requires 1.5, C requires 1.2 and D requires 1.6 then the maximum of those is selected, i.e. 1.6. This has the side effect of requiring a deliberate upgrade act to get version 1.10. However the benefit is that if I run the resolution algorithm today then you run it next week when version 1.11 is released, we both get exactly the same set of dependencies and can reproduce one another’s builds.

                                                                      1. 2

                                                                        Yes, I think we are all in agreement about what happens. The question is whether it is good. The drawback of vgo argued in the article is that B will inevitably get bug reports for 1.6 already fixed in 1.10. Another is that real world testing of B is spread along all versions from 1.0 to 1.10, while in Cargo most testing is against 1.10 while 1.10 is the latest.

                                                                        Cargo (and other package managers) solve reproducibility with lockfile. Lockfile is admittedly not “minimal”, but apart from minimality it solves technical problem equally well.

                                                                  1. 7

                                                                    Yeah, I know someone who runs a keyserver and they are getting absolutely sick of responding to the GDPR troll emails.

                                                                    Love the idea to use activitypub (the same technology involved in mastadon) for keyservers. That’s really smart!

                                                                    1. 16

                                                                      Offtopic: Excuse me.

                                                                      I think it depends on some conditions, so not everybody is going to see this every time. But when I click on medium links I tend to get this huge dialog box come up over the entire page saying some thing about registering or something. It’s really annoying. I wish we could host articles somewhere that doesn’t do this.

                                                                      My opinion is that links should be links to some content. Not links to some kind of annoyware that I have to click past to get to the real article.

                                                                      1. 11

                                                                        Use the cached link for Medium articles. It doesn’t have the popup. Just the content.

                                                                        1. 1

                                                                          Could you give an example? That sounds like a pleasant improvement, but i don’t know exactly what you mean by a cached link.

                                                                          1. 3

                                                                            There is a’ cached’ link under each article title on lobste.rs

                                                                            1. 1

                                                                              Thanks.

                                                                        2. 7

                                                                          I started running uMatrix and added rules to block all 1st party JS by default. It does take a while to white list things, yes, but it’s amazing when you start to see how many sites use Javascript for stupid shit. Imgur requires Javascript to view images! So do all Square Space sites (it’s for those fancy hover-over zoom boxes).

                                                                          As a nice side effect, I rarely ever get paywall modals. If the article doesn’t show, I typically plug it into archive.is rather than enable javascript when I shouldn’t have to.

                                                                          1. 2

                                                                            I do this as well, but with Medium it’s a choice between blocking the pop-up and getting to see the article images.

                                                                            1. 6

                                                                              I think if you check the ‘spoof noscript>l tags’ option in umatrix then you’ll be able to see the images.

                                                                              1. 1

                                                                                Nice trick, thanks!

                                                                          2. 6

                                                                            How timely! Someone at the office just shared this with me today: http://makemediumreadable.com

                                                                            1. 4

                                                                              From what I can see, the popup is just a begging bowl, there’s actually no paywall or regwall involved.

                                                                              I just click the little X in the top right corner of the popup.

                                                                              But I do think that anyone who likes to blog more than a couple of times a year should just get a domain, a VPS and some blog software. It helps decentralization.

                                                                              1. 1

                                                                                And I find that I can’t scroll down.

                                                                                1. 3

                                                                                  I use the kill sticky bookmarklet to dismiss overlays such as the one on medium.com. And yes, then I have to refresh the page to get the scroll to work again.

                                                                                  On other paywall sites when I can’t scroll, (perhaps because I removed some paywall overlay to get at the content below,) I’m able to restore scrolling by finding the overflow-x CSS property and altering or removing it. …Though, that didn’t work for me just now on medium.com.

                                                                                  1. 1

                                                                                    Actually, it’s the overflow: hidden; CSS that I remove to get pages to scroll after removing some sticky div!

                                                                              2. 3

                                                                                What is the keyserver’s privacy policy?

                                                                                1. 5

                                                                                  I run an SKS keyserver, have some patches in the codebase, wrote the operations documents in the wiki, etc.

                                                                                  Each keyserver is run by volunteers, peering with each other to exchange keys. The design was based around “protection against government attempts to censor keys”, dating from the first crypto wars. They’re immutable append-only logs, and the design approach is probably about dead. Each keyserver operator has their own policies.

                                                                                  I am a US citizen, living in the USA, with a keyserver hosted in the USA. My server’s privacy statement is at https://sks.spodhuis.org/#privacy but that does not cover anyone else running keyservers. [update: I’ve taken my keyserver down, copy/paste of former privacy policy at: https://gist.github.com/philpennock/0635864d34a323aa366b0c30c7360972 ]

                                                                                  You don’t know who is running keyservers. It’s “highly likely” that at least one nation has some acronym agency running one, at some kind of arms-length distance: it’s an easy and cheap way to get metadata about who wants to communicate privately with whom, where you get the logs because folks choose to send traffic to you as a service operator. I went into a little more depth on this over at http://www.openwall.com/lists/oss-security/2017/12/10/1

                                                                                  1. 5

                                                                                    Thanks for this info.

                                                                                    Fundamentally, GDPR is about giving the right to individuals to censor content related to themselves.

                                                                                    A system set out to thwart any censorship will fall afoul of GDPR, based on this interpretation

                                                                                    However, people who use a keyserver are presumably A-OK with associating their info with an append-only immutable system. Sadly , GDPR doesn’t really take this use case into account (I think, I am not a lawyer).

                                                                                    I think what’s important to note about GDPR is that there’s an authority in each EU country that’s responsible for handling complaints. Someone might try to troll keyserver sites by attempting to remove their info, but they will have to make their case to this authority. Hopefully this authority will read the rules of the keyserver and decide that the complainant has no real case based on the stated goals of the keyserver site… or they’ll take this as a golden opportunity to kneecap (part of) secure communications.

                                                                                    I still think GDPR in general is a good idea - it treats personal info as toxic waste that has to be handled carefully, not as a valuable commodity to be sold to the highest bidder. Unfortunately it will cause damage in edge cases, like this.

                                                                                    1. 3

                                                                                      gerikson you make really good points there about the GDPR.

                                                                                      Consenting people are not the focus of this entirely though , its about current and potential abuse of the servers and people who have not consented to their information being posted and there being no way for removal.

                                                                                      The Supervisory Authority’s wont ignore that, this is why the key servers need to change to prevent further abuse and their extinction.

                                                                                      They also wont consider this case, just like the recent ICANN case where they want it to be a requirement to store your information publicly with your domain which was rejected outright. The keyservers are not necessary to the functioning of the keys you upload, and a big part of the GDPR is processing only as long as necessary.

                                                                                      Someone recently made a point about the below term non-repudiation.
                                                                                      Non-repudiation this means in digital security

                                                                                      A service that provides proof of the integrity and origin of data.
                                                                                      An authentication that can be asserted to be genuine with high assurance.
                                                                                      

                                                                                      KeyServers don’t do this!, you can have the same email address as anyone else, and even the maintainers and creator of the sks keyservers state this as well and recommend you check through other means to see if keys are what they appear to be, such as telephone or in person.

                                                                                      I also don’t think this is an edge case i think its a wake up call to rethink the design of the software and catch up with the rest of the world and quickly.

                                                                                      Lastly i don’t approve of trolling, if your doing it just for the sake of doing it “DON’T”, if you genuinely feel the need to submit a “right to erasure” due to not consenting to having your data published, please do it.

                                                                                    2. 2

                                                                                      Thank you for the link: http://www.openwall.com/lists/oss-security/2017/12/10/1, its a fantastic read and makes some really good points.

                                                                                      Its easy for anyone to get hold of recent dumps from the sks servers, i have just hunted through a recent dump of 5 million + keys yesterday looking for interesting data. Will be writing an article soon about it.

                                                                                  2. 3

                                                                                    i totally agree, it has been bothering me as well, i am in the middle of considering starting up my own self hosted blog. I also don’t like mediums method of charging for access to peoples stories without giving them anything.

                                                                                    1. 3

                                                                                      I’m thinking of setting up a blog platform, like Medium, but totally free of bullshit for both the readers and the writers. Though the authors pay a small fee to host their blog (it’s a personal website/blog engine, as opposed to Medium which is much more public and community-like).

                                                                                      If that could be something that interests you, let me know and I’ll let you know :)

                                                                                      1. 2

                                                                                        lmao you don’t even get paid when someone has to pay for your article?

                                                                                        1. 1

                                                                                          correction, turns out you can get paid if you sign up for their partner program, but i think it requires approval n shit.

                                                                                        2. 2

                                                                                          hey @pushcx, is there a feature where we can prune a comment branch and graft it on to another branch? asking for a friend. Certainly not a high priority feature.

                                                                                          1. 3

                                                                                            No, but it’s on my list of potential features to consider when Lobsters gets several times the comments it does now. For now the ‘off-topic’ votes do OK at prompting people to start new top-level threads, but I feel like I’m seeing a slow increase in threads where promoting a branch to a top-level comment would be useful enough to justify the disruption.

                                                                                      1. 3

                                                                                        I don’t want to stop anyone creating or signing any oath they like, but if I were to sign one with an “honest and moral work” clause then I’d want to be sure that my fellow signers agreed with my view on what comprises moral work.I’m pretty sure that most people here would disagree on which of the following fall under that banner:

                                                                                        • Creating an ad server that uses supercookies
                                                                                        • Building a mashup of airbnb, uber and tinder data
                                                                                        • Writing robocall software for the GOP
                                                                                        • Writing a cryptocoin miner in javascript
                                                                                        • Creating a website to hook Ohmibod users up with patrons
                                                                                        • Writing firmware that misreports emissions data when a car undergoes regulatory testing
                                                                                        • Writing an Android app to teach bump stock modifications
                                                                                        • Adding password decrypt into your service to allow SRE to diagnose user account problems
                                                                                        • Creating a query interface for a database of racial profiles
                                                                                        • Writing a “find my nearest abortion clinic” app
                                                                                        • Employing machine learning during hiring to predict amount of time candidates will take off from work for medical reasons
                                                                                        1. 1

                                                                                          Well said, this is the biggest problem with the oath as it stands. Oaths like these aren’t supposed to just say, “Hey, be Good,” but are supposed to help define what Good looks like. This is especially true when you have a profession like ours where the creation of a software artifact is so far removed from the circumstances in which it might be used.

                                                                                        1. 6

                                                                                          I really need to get around to writing my sum type proposal for Go.

                                                                                          Instead of introducing an entirely new feature, the idea is to tweak the existing features to support it.

                                                                                          The bare idea is simple: “closed” interfaces. If you declare an interface as closed, you pre-declare all the types that belong to it, and that’s it. The syntax could be something like

                                                                                          type Variant1 struct {..}
                                                                                          type Variant2 struct {..}
                                                                                          type Foo interface {
                                                                                              // methods
                                                                                              for Variant1, Variant2
                                                                                          }
                                                                                          

                                                                                          You continue to use type switches (i love type switches) with these interfaces, except that the default case can’t be used for exhaustive switches (you can also enforce that in non-exhaustive switches).

                                                                                          It would also be nice to lift the restriction for implementing methods on interfaces; and make it be possible to run interface methods on explicitly-interface (not downcasted) types. There was a proposal for that too..

                                                                                          Under the hood, these could possibly be implemented as stack-based discriminated unions instead of vtable’d pointers, though there might be tricky GC interaction there.

                                                                                          I haven’t really written this up properly, but I suspect it might “fit well” in Go and be nicer than directly adding sum types as a new thing.

                                                                                          1. 4

                                                                                            I encourage you to make this suggestion on https://github.com/golang/go/issues/19412 which was recently marked as “For Investigation” which suggests someone is collating ideas.

                                                                                            1. 2

                                                                                              +1, that’s an excellent thread with a lot of interesting insights about the constraints that the core language devs are battling with when introducing a new feature like this. It’s super long but I’ve found the discussion to be really informative.

                                                                                              1. 1

                                                                                                I actually just wrote https://manishearth.github.io/blog/2018/02/01/a-rough-proposal-for-sum-types-in-go/ yesterday

                                                                                                But I don’t have the time/desire to really push for this. Feel free to use this proposal if you would like to push for it!

                                                                                            1. 3

                                                                                              This looks racy to me, can someone explain where I’m going wrong?

                                                                                              Thread A is the first to acquire the benephore, checks and increments the atomic variable, finds it is zero and proceeds without acquiring the semaphore.

                                                                                              While Thread A is in the critical section Thread B arrives and acquires the benephore, finds the atomic variable to be non-zero so acquires the semaphore. Because it has the semaphore it proceeds into the critical section. Now there are two threads concurrently in the critical section.

                                                                                              What prevents this scenario?

                                                                                              1. 3

                                                                                                I think you’re right, unless I’m missing something obvious.

                                                                                                Worse still, if T1 enters the critical section and is followed by T2, if T1 now makes progress it will find benaphore_atom > 1 and call release_sem() on a semaphore it doesn’t hold. Which is probably either a crash or UB, who knows.

                                                                                                I was missing something obvious.

                                                                                                The semaphore, is initialized into an ‘unavailable’ state.

                                                                                                When Thread B attempts to acquire the newly initialized semaphore, it blocks as the semaphore is in its ‘unavailable’ state. Thread A later finishes up in its Critical Section, and seeing that benaphore_atom > 1 it increments the semaphore, allowing Thread B to make progress.

                                                                                                At the end of this execution, T2 sees !(benaphore_atom > 1) and continues without marking the semaphore as available.

                                                                                                1. 1

                                                                                                  Semaphores don’t provide mutual exclusion.

                                                                                                  You use them to e.g. count the number of items in a queue and wake up enough threads to process them. Then those threads use a separate mutex to synchronise any operations on the queue.