1. 5

    The solution is widespread legislation that makes using people’s personal data for targeted advertising illegal or very expensive. (This is not limited to Gemini. A great many influential Internet people are convinced politics is utterly broken, so “technical solutions” are all that’s left).

    I don’t disagree with this, but I don’t really see Gemini as a “solution” to any political problem, nor do I have any reason to believe it was conceived as such. Rather, it is a space in which one can choose to go to opt out of the modern web – it’s a subculture, a niche, not trying to take over anything. Using Gemini in 202X is very different from using the web / gopher in 199X, the social and technological conditions are completely different. To use Gemini is to consciously reject the modern web and its trajectory – there is no money in it, no power, no real reason to use it except out of curiosity and interest. So much of social media is about metrics, engagement, advancing your career, etc – here is a space where you can explicitly reject that.

    https://alex.flounder.online/gemlog/2021-01-08-useless.gmi

    Gemini’s killer feature is that its extreme simplicity means that you can do these things with complete independence, knowing that every piece of software (client, server) is free software, easily replaceable, and created to serve the interests of the community, with no ulterior profit motive. 1 person working alone could write a basic client and/or server in a weekend, which means that production of the software ecosystem doesn’t have to be centralized. Again, I want to clarify – this isn’t to say this is the only way that software should be written, but it is allowing a space to exist that is genuinely novel and interesting.

    Many Gemini users are CS students in college, who are young enough to not directly experience the web as it was before “web 2.0”. Gemini is not a return to web 1.0, but a revitalization of something that was lost in the web 1->2 transition.

    proportionally even more white dudes.

    I run https://flounder.online (gemini://flounder.online), and I haven’t done a demographic survey, but from reading people’s self-descriptions on their pages, I have no reason to believe it is less diverse than tech spaces like this forum, GitHub, etc.

    1. 6

      I came here to write this. I wrote Gemini off for many of the reasons @gerikson did at first, but after actually using it, I came to realise the value wasn’t necessarily in the protocol or markup tradeoffs (which I have mixed feelings about, as a user and implementer), but in the subculture that’s developed there. I use Gemini every day, for a few different reasons, and what’s there is lovely to me.

      1. 2

        Note that the article used “proportionally even more white dudes” to describe “the halcyon days of the Internet” as compared to “today’s internet”. It wasn’t saying the Gemini community has proportionally more white dudes.

        1. 2

          My bad, I slightly misread that paragraph.

      1. 2

        The ‘BTDT’ in the title stands for Been There, Done That. (Took me a minute.)

        1. 11

          The recommendation in the article’s conclusion’s depends on a certain assumption, but I’d like to note that this assumption may not be necessary. The conclusion:

          If you want to use an online password manager, I would recommend using the one already built into your browser.

          Why would you want to use an online password manager – that is, one built into your browser? By using a non-browser-based password manager, you could gain password management features such as storage of non-website passwords and storage of free-form notes with each entry while sacrificing very little convenience.

          The article’s introduction mentions some offline password managers such as KeePass, KeePassX, and pass. On macOS, I personally prefer KeePassXC, a successor to KeePassX.

          With KeePassXC, my password is not auto-filled when I visit a login page. (Perhaps KeePassXC’s browser extension has this feature, but I avoided installing it due to the principle of least privilege.) However, I can still use KeePassXC’s “auto-type” feature to simulate keyboard entry of my username and password in one go. I can also copy the username and password to the clipboard individually for pasting. The one downside to these methods is that the password manager will not warn me if I am trying to type the password into a phishing site – I have to be sure to first visit the site through a trusted bookmark or the link in the password entry.

          Note that that “non-browser-based” doesn’t mean you will be forced to rely on one device to look up your passwords. You can use an online file sync service – a proprietary one like Dropbox or Google Drive or an open-source one like Syncthing or ownCloud – to make your password database available on multiple devices. I use this strategy to access my KeePassXC password database on both my laptop and my phone.

          As your password database is encrypted at rest, online syncing requires only trusting your file sync service to not leak your files to anyone who would spend time brute-forcing your password. I find that trust easier to give than trusting a browser-based password management company to both not leak my encrypted password to their many attackers and to not serve me a version of the software with encryption disabled.

          If you use password manager to share credentials among multiple users, you could still use a non-browser-based password manager plus a file sync service, but it’s less suited for that use-case. If multiple users add a password to the database at the same time, one of the users will have to manually resolve the conflict.

          1. 2

            This sounds like a decent middle ground between comfort and security. You might also consider hosting your password manager yourself. Bitwarden, which I use, is open source and has multiple server implementations. And because of the way bitwardens client - server communication protocol works, I don’t have to trust my hosting provider to not read my data.

          1. 2

            Warning: the title is somewhat misleading. This post describes a single example of a leaky abstraction: on Windows, cutting and pasting files from a ZIP file is much slower than copying and pasting those files. The post goes into detail about why Windows’s implementation of this ZIP file operation might be slow. However, the post does not discuss leaky abstractions in general.

            1. 5

              Has anyone else seen that first screenshot before?!

              On the one hand, it’s utterly obnoxious behavior from Apple.

              On the other hand, it’s a pretty niche corner-case to justify “throw it all away and start afresh.”

              I’m also now noticing the irony of company A which uses its status to get people to do things (register) commenting on company B which uses its status to get people to do things (delete their own files). The desktop metaphor doesn’t feel like the biggest problem in this picture.

              1. 4

                It’s very easy to fix that — go into System Preferences, click General, and turn on the setting for reopening documents. (I’m not saying this is obvious, or that it’s the right UX, just that a solution exists.)

                1. 2

                  Specifically, these are the related settings in System Preference > General (in macOS 10.14):

                  • [ ] Ask to keep changes when closing documents
                  • [ ] Close windows when quitting an app
                    • When selected, open documents and windows will not be restored when you re-open an app.
              1. 2

                The feature this person is looking for is built into the OS.

                To minimize the current window, press Command-M. To minimize all windows of the app in focus, press Command-Option-M. - https://superuser.com/questions/36504/minimize-all-in-mac-os

                As for the other things, people can’t even use a file system properly. They don’t go back and clear things up. Or if they do, they sometimes remove the wrong things. It might be nicer for a power user but the suggestions proposed just make files more complicated than they are now. It’s a review changes dialog with more steps.

                1. 3

                  If they’re not going to use the Preview app in their screen-share, an easier technique would be to choose Hide Preview (⌘H) from the application menu, which hides all the app’s windows until the application regains focus. That technique doesn’t require clicking 88 minimized windows to expand them again afterwards.

                  Of course, as snej wrote, the real solution is to toggle a setting in System Preferences to make their preferred behavior the default by not showing that dialog when they quit.

                1. 1

                  The useSWR section is missing a link to the library: SWR

                  1. 1

                    “Frum” from Yiddish or something else?

                    1. 1

                      Frum’s README has a link at the bottom to fnm, whose name stands for Fast Node Manager. Thus, I would assume the name Frum was made by changing “n” for Node into “ru” for Ruby.

                      1. 1

                        So, “fnm” is Yiddish, got it. :)

                    1. 2

                      I never understood ranting on other tools or languages. If you don’t like it don’t use it. If you think there’s a better tool or language for whatever it is you’re doing, use the better tool.

                      1. 5

                        If you think there’s a better tool or language for whatever it is you’re doing, use the better tool.

                        That’s not always your choice. I got stuck for a few months writing golang at a job where I was originally hired to write Clojure, and that’s probably the rantiest I’ve ever been. I felt like I had to program with oven mitts on just to keep my job. Luckily I got moved to a new team before I completely lost it.

                        1. 1

                          This seems to be totally normal at midrange to massive companies. The tools are chosen for you by architects you may never meet, considering primarily what languages the offshore and onshore teams both know.

                          It stops being about the technical fit, and becomes about the arguably harder human fit.

                          Which is hilarious since developer productivity, the argument made when you say “best tool for the job,” is an entirely human factor.

                        2. 4

                          A language doesn’t stand on its own – its community affects the experience of using it. A language’s community:

                          • Writes libraries for the language
                          • Writes documentation for the language (in forums and Stack Overflow)
                          • Devises new patterns to make working with the language more pleasant

                          As those benefits are correlated to the size of the community, it’s reasonable for someone to want to convince others to use their preferred programming language and thus become part of its community.

                          1. 8

                            I wouldn’t call this spam, but I would guess the flagger might have been turned off by the page’s advertisements of the university that made the discovery and by the huge images of the authors that crowd out the interesting technical details. They may have also been annoyed that the page named the paper but did not link to it; hopefully the link in my other comment will help with that.

                          1. 12

                            Here’s the academic paper, which has much more technical detail than this press release: I See Dead µops: Leaking Secrets via Intel/AMD Micro-Op Caches (PDF)

                            That paper was hard to find details about – searching for its title brought up only copies of the press release on various news sites. I found the link to the above PDF on https://www.cs.virginia.edu/venkat/.

                            1. 1

                              Thank you. I couldn’t find the actual paper when I posted this link and at the time seemed like the most direct link to post.

                            1. 5

                              The biggest gain of using make, for c/c++ developers is thar it doesn’t recompile what it doesn’t need. Which can represent a different of minutes to milliseconds.

                              Using make just for its command interface is, IMO, just glorified and to some extent worse shellscripting. I personally would pick a shellscript. Command dependencies are trivially to implement.

                              1. 4

                                If someone uses make just for its command interface, the tool they really want is just. See What are the idiosyncrasies of Make that Just avoids?

                                1. 4

                                  Let me agree 95%:

                                  The biggest gain of using Make for C/C++ development for any workflow is that it doesn’t redo what it doesn’t need. Fast and correct incremental builds has come to be – at least in the C/C++ realm – the defining characteristic of a buildsystem: If a no-change rebuild takes more than mere milliseconds, it is a bug, and if a buildsystem can’t do that, it is not a buildsystem.

                                  Make’s selling point nowadays is generality: Forget C/C++: In this niche, CMake and Meson are easier to use correctly, but Make can be used for everything that reads and writes files.

                                  Using Make just for its command interface may be innocent enough, but if you have recipes that do more than one command invocation, you are 100% definitely doing it wrong. This is what’s called a “glorified shellscript”, but the naming doesn’t matter: Because Make is so great, yet so horrible, it should either be used the beneficial way, by generating a target for every file, or that glorified shellscript recipe would be better off put in a script of its own.

                                  1. 1

                                    “What it doesn’t need”, in the case of make is defined as: what a typical C/C++ project on an unix environment doesn’t need. It doesn’t apply to most projects in most languages these days which have dependencies in the form of remote urls. Pretty much all of them.

                                    Make’s selling point nowadays is generality: Forget C/C++: In this niche, CMake and Meson are easier to use correctly, but Make can be used for everything that reads and writes files.

                                    It can be used for everything that reads and writes files as a worse replacement for shellscripts. Shells, which it very much relies upon. The advantages of make only manifest themselves under a set of conventions that are very much based on the GNU build system. How does it know what doesn’t need to be done in the presence of a home grown compiler?

                                    Using Make just for its command interface may be innocent enough, but if you have recipes that do more than one command invocation, you are 100% definitely doing it wrong.

                                    I’m confused. How is this a specific trait of make? It surely is trivially achievable with a shellscript.

                                    1. 2

                                      How does it know what doesn’t need to be done in the presence of a home grown compiler?

                                      That is a fundamental question! If you have ever written a makefile rule, that is how: You tell it for each output file which files it depends on. The deal is that whenever an output file is needed and is older than one of its inputs, its recipe is run again. Simple.

                                      As you see, there is nothing special about home grown compilers or even downloading files from the internet. For something completely different, I’ve used Make to run custom tests and linters in parallel, migrate a vast number of customer databases, run video encoders and produce objective metrics of encoded videos. It is a true programming language. If your experience is more from generated makefiles (since you mention the GNU build system), I can see how this may not be obvious.

                                      Then, you say that all of this is trivially achievable with a shellscript, which is true, but would miss the whole point of just expressing this dependency tree and have it rebuilt lazily with implicit parallelization. You don’t get that for free in many other languages!

                                1. 7

                                  My story with GDPR and CloudFlare.

                                  Many years ago, I was using a vim plugin to to gist buffers. At some point, I must have changed the default behaviour from private to public. I was working with CloudFormation and the huge JSON files were not rendering properly, so I was using github to double-check my linter worked properly. As you can imagine there were credentials there, so … my credentials were leaked. Nearly 60s after the gist, we were notified by github. An email org’s email and quickly we rotated the creds.

                                  About 1.5 years later a new hire, found the leaked file on another website that was copying and storying public gists. The website was behind cloudflare. I contacted the owner of the website to bring down the gist, mentioning GDPR. But not reply. The website was most likely abandoned. GDPR had just entered into action, so I sent a GDPR at cloudflare. The reply borderline ridiculous: “We can’t bring down your gist, because our systems don’t work like that blah blah blah”. We exchanged few emails, so I got tired and gave them a notice period of five days to bring down the website or else I’ll be contacting the German GDPR authority, explaining the website was behind cloudflare. Two days later the website, magically, came down. They sent no notice to me, I just went to visit the website and there was nothing there. Perfect timing? Maybe.

                                  1. 8

                                    It’s always fun how many things are only technically impossible until the threat of legal attention gets involved.

                                    1. 4

                                      I also use GDPR on shitty companies. For example Atlassian. I had a registration that got interrupted half way through and I could not continue or cancel the process. I reached out if support who did not believe me even though I sent them screenshots. After a while I got fed up and sent them a GDPR delete requests and after it went through I could finally register with that email. I plan to do the same with Google snd a Gmail address that is stuck sort of same way. I cannot change the phone number and the 2fa. Theres is no gmail support.

                                      1. 1

                                        I don’t understand. If you had already rotated the credentials 1.5 years ago, why did you care that there was a site out there that was displaying your old credentials?

                                        Was it that you wanted to hide even the existence of some the services you were running?

                                        1. 1

                                          The infra was way different by that time, wasn’t a big issue. I was embarrassed I suppose.

                                      1. 4

                                        See also Immer, a similar, popular library. A comparison:

                                        immutability-helper
                                        import update from 'immutability-helper';
                                        
                                        const newData = update(data, {
                                          x: {y: {z: {$set: 7}}},
                                          a: {b: {$push: [9]}}
                                        });
                                        
                                        Immer
                                        import produce from 'immer';
                                        
                                        const newData = produce(data, draftData => {
                                          draftData.x.y.z = 7;
                                          draftData.a.b.push(9);
                                        });
                                        
                                        1. 2

                                          I’m a big fan of immer. One of the other things you can do is get it to output the changes in (near) standard JSONPatch format.

                                          1. 1

                                            Could you share an example of how to produce a patch with immer?

                                            1. 2

                                              There’s some good doc on it here: https://immerjs.github.io/immer/patches/

                                              1. 1

                                                Very cool!

                                          2. 1

                                            How does immer avoids deeply copying the source object?

                                            1. 2

                                              I think draftData is similar to a Proxy that records what you try to do, and the docs and source code of immer seem to support that, though I have not checked much.

                                              1. 1

                                                Could someone explain in plain english how does immer leverage Proxy to implements strucural sharing?

                                                1. 2

                                                  When you say draftData.x.y.z = 7, draftData intercepts the accesses to x, y and z, recording the path and the value 7. After the drafting function returns, it knows where to make copies as needed to support the modifications requested.

                                            1. 3

                                              Is there some type of website that allows for creating “tools that I want” proposals along with upvoting to get feedback from a community?

                                              1. 5

                                                The following websites allow posting and voting on software ideas:

                                                • Reddit /r/SomebodyMakeThis — has about 30,000 subscribers. Not only for software ideas, but a lot of posted ideas are for software.
                                                • Halfbakery — Focuses on silly ideas, but has some serious ones too. Mostly non-software ideas.
                                                1. 4

                                                  Would you say that’s a tool that you want?

                                                1. 5

                                                  test.{ext}

                                                  I have so many /tmp/test.go, /tmp/test.ex, /tmp/test.rb files it’s sad. Then they get lost on reboot and I curse myself out, but don’t change for some reason.

                                                  1. 2

                                                    One good thing about the name “test” is that it can be typed entirely with the left hand (on a QWERTY keyboard). Depending on the context, this can leave the right hand free to hover over the Enter key or the mouse.

                                                    1. 2

                                                      Always some variation of test! Unless I’m feeling particularly lazy OR there’s another test in that directory and I don’t want to delete it. Then t.

                                                      Anything with those names is always fair game for deletion, and in fact probably won’t be tolerated next time Future Me runs an ls command.

                                                      1. 2

                                                        I do this as well. I keep a handful of test.whatever files in $HOME with a large number of accumulated includes and imports. All the includes I need to try something out are ready to go in those files.

                                                      1. 10
                                                        1. 2

                                                          Exercism is pretty nice. I created a repository that makes Docker images available for a few of the Exercism languages (C++, Clojure, Java, Ruby, Python, Go), since I wanted to play with a couple of the languages but didn’t want to install all the language dependencies on my local machine: https://github.com/bi1yeu/exercism-docker

                                                        1. 5

                                                          Seems like something is up — the repo and documentation have disappeared.

                                                          1. 2

                                                            Huh, weird. Archive.org already crawled it at https://web.archive.org/web/20210308073141/https://upgrow.shopify.io/guide/ .

                                                            1. 2

                                                              It turns out it wasn’t completely crawled though :(

                                                              1. 2

                                                                The GitHub repo szTheory/upgrow seems to be a mirror of Shopify/upgrow. It includes the uncrawled pages (in docs/guide/) and the code for the Ruby gem.

                                                          1. 4

                                                            This is progressing towards the rediscovery of regular expressions.

                                                            1. 4

                                                              Indeed. If anyone finds this article interesting and doesn’t know regular expressions (“regexes”) yet, I recommend reading regular-expressions.info/tutorial.html. When I learned regexes from that site I found it to be well-written. The site plugs the author’s own regex-testing tool in between explanations, but you can just use regex101.com, which is free and equally powerful.

                                                              Here’s an example of using a regex in Python to extract text within square brackets:

                                                              import re
                                                              string = "123[4567]890"
                                                              re.search(r'\[(.*)\]', string).group(1)  # evaluates to '4567'
                                                              
                                                              # You could also write the regex with whitespace for readability:
                                                              # re.search(r'\[ (.*) \]', string, re.X).group(1)
                                                              

                                                              Regexes have some advantages over the extract DSL defined in the article. They support powerful features such as extracting multiple parts of the text with one search. They are supported by all major programming languages. Most text editors let you use them to search your text. They are also very concise to type. However, they have flaws of their own, particularly how hard they can be to read. So though regexes are useful to learn, they are not the ultimate way of extracting parts of text.

                                                              Here are some projects that aim to improve on regexes (but are much less widespread):

                                                              • Regexes in the Raku language. Raku, formerly known as Perl 6, breaks compatibility with Perl 5’s regex syntax (the same syntax used by most regex engines) in an attempt to make regexes more readable.
                                                              • Egg expressions, or eggexes, are a syntactic wrapper for regexes that will be built into the Oil shell.
                                                              1. 2

                                                                And Parse in Red is also a nice alternative to regexes.

                                                                1. 2

                                                                  I’d prefer r'\[(.*?)\]' or r'\[([^]]*)\]' to avoid multiple square brackets in the string matching more than expected. Also, in newer versions of Python, you can use [1] instead of .group(1)

                                                                  https://www.rexegg.com/ is another great site for learning regexp. And https://github.com/aloisdg/awesome-regex is a good collection of resources for tools, libraries, regexp collections, etc.

                                                                2. 3

                                                                  Perhaps we can coin a new aphorism! Greenspun’s Tenth Zawinski’s Law: Any sufficiently complicated Lisp text processing program contains an ad hoc, informally-specified, bug-ridden, slow implementation of half of regular expressions.

                                                                  Edit: Or perhaps ‘Every Lisp program attempts to expand until it contains an ad hoc, informally-specified, bug-ridden, slow implementation of half of regular expressions. Programs which cannot so expand are replaced by those which can.’