1. 1

    This is nice. There have been ports of Inferno to run on Android before, but not as an app, for example Hellaphone. I’ve often thought a neat project would be to have an Android launcher that used Inferno, so it wouldn’t require rooting a phone to run. This project gives an idea of how it could work.

    On the inferno mailing list there have been suggestions to write apps that expose phone functionality using the Styx protocol to enable Inferno to access it. I gave an example of how sharing resources on the phone could work using Hellaphone a few years ago.

    1.  

      I tried to install it on my 2012 Nexus 7” running cyanogenmod, system was not happy, will try and follow up with the project and see where the issue lies. Would be cool to have it running.

    1. 3

      <3

          1. 1

            Very cool :)

            1. 1

              I wonder what about NetBSD 8. Half a year ago it was supposed to come “soon”.

              1. 1

                check the 8.0_BETA builds, the branch has been cut.

                1. 1

                  I know, I’m just waiting for RELEASE :)

                  1. 1

                    ah :)

              1. 1

                Still no code on their GitHub profile :’(

                1. 3

                  check the FAQ

                  1. 5

                    Needs a new distributed version control system where the versioned objects are sheets of paper and changelists are composed of paper cutouts and glue.

                    1. 3

                      It’ll certainly bring a fresh perspective to the “your project is still stuck on CVS?” :)

                1. 3

                  If you want up to date packages for OS X Tiger (PowerPC), there’s a small subset of pkgsrc packages here. Currently from the 2017Q3 branch.

                  1. 2

                    There’s a homebrew fork for 10.4 and 10.5 that works well, as well, though (a) getting your hands on the needed (ancient) XCode package is nontrivial (apologies, I don’t remember the exact steps I went through to get it on mine) and (b) compilation is painfully slow. You thought installing Gentoo on your Raspberry Pi was bad…

                    1. 1

                      this is a compiled packages repo.

                  1. 2

                    I really wish there was a first class, stable/maintained docker port for FreeBSD. There are a few forks that are in various states. Last time I tried, I could get my containers running using the local docker client, but trying to connect to it remotely with a newer version of the docker client would fail.

                    Having a solid docker solution would be a big game changer in the FreeBSD world.

                    1. 13

                      Having a solid docker solution would be a big game changer in the FreeBSD world.

                      Perpetuating a level of mediocrity. How about going the other direction and organise things so you don’t need docker as a “solution” in your environment. That would be a far bigger game changer.

                      1. 5

                        +1 docker is an easy way to deploy applications for people with less sys admin experience, but docker more of a development tool, but in my eyes, not the beat deployment technique.

                        If you really want docker on FreeBSD fire up a bhyve instance of Linux on BSD, and run docker there. Emulating Linux on bsd works really well on bhyve, having docker and freebsd together just opens your solid architecture up to problems, run it in a vm and if it eats memory or crashes, it won’t affect the master host.

                        1. 2

                          Yeah, I have a feeling nix + jails would be a better solution overall than docker on freebsd and probably already works fine.

                      1. 2

                        The word beer appears only 3 times? I don’t believe it.

                        1. 2

                          :D

                        1. 3
                          1. 2

                            Looks like these Node Summit 2017 videos haven’t been made public yet.

                            1. 1

                              Added a note, apologies.

                            1. 4

                              That was a very interesting video to watch.

                              It raises some questions for me, however:

                              1. How much better/worse would Xanadu have actually been? It seems like it’d give more control to 3rd parties. I also think of things like pingbacks, on blogs, which rarely seem useful, although having microtransactions cracked/solved would be preferable to ads, at least as an option.
                              2. Did Englebart get a chance to similarly give an end of life lecture?
                              3. It is a bit funny to watch a guy place himself up there with Alan Kay/Englebart, and claim first invention of so many things.
                              4. I hope I have as much mental acuity at 80, if I make it that far.
                              1. 3

                                Regarding point #3, would this change you opinion?

                                1. 4

                                  There’s also this from Woz at the same event.

                                  I personally think Computer Lib / Dream Machines was a great book, and it was published at just about the right time (1974) that its ideas of pervasive individual DIY control over computers were slightly but not unrealistically ahead of their time, just becoming plausible to implement. I’m less enamored by Xanadu really, especially the later claims that it would’ve been much better than hypertext as it actually happened. But hey, of course he’d have that opinion.

                                  Anecdote: I sat next to him on a plane once. I was heading to AAMAS 2008 and he was apparently heading to keynote a conference in Portugal somewhere. I didn’t recognize him and probably wouldn’t have initiated a conversation. But he saw me editing some LaTeX document on my laptop and asked what I did, so I said I was a CS grad student. I politely reciprocated and asked him what he did and he said something like, “oh a lot of things, but people mostly know me for coining ‘hypertext’”. Then I got a lengthy demo of a version of ZigZag.

                                  1. 2

                                    It does give it more context. Thanks for the link

                                  2. 1

                                    I also think of things like pingbacks, on blogs, which rarely seem useful, although having microtransactions cracked/solved would be preferable to ads, at least as an option.

                                    Pingbacks mostly seem to be a way to circumvent the comment-spam-blocker. It seems to be a good idea to see everything which links to something. However, it requires filtering and nobody has solved that yet afaik.

                                    Do you suggest micropayments to solve the comment spam problem, like “pay 1c to comment”? Or do you generally prefer paywalls to ad-selling-click-spam, like “pay 10c to read the blog”?

                                    1. 3

                                      To be honest, I’d rather have something akin to Youtube Red or Flattr, likely, where I pay a fixed amount in, and that amount is split among the sites I visit, excepting payment for larger things like books.

                                      It seems that Patreon is the first major platform to start taking a bite out of ads for a decent subset of creative types.

                                  1. 7

                                    Among the many fun details, they have notes about making exploits reliable. Don’t want to crash the target or make a lot of noise that the user might notice. Fortunately (for attackers) when WiFi crashes the user just sees an icon blink and then it restarts and you’re ready for another attempt.

                                    Theres a lot one can learn about how we build reliable “self healing” systems.

                                    1. 1

                                      Is this what Tanenbaum was talking about?

                                      1. 6

                                        Actually, yes, in a bad way. Funny, Colin Percival asked a question about this very topic after a talk at a BSD con. How do you defend against exploits? “Just let it crash and restart.” Tanenbaum didn’t seem to grasp the idea that there are outcomes worse than crashing.

                                        To elaborate on my point, device manufacturers have given up on making WiFi reliable, but users don’t like phones that don’t work. So the solution is to just keep restarting things. Make it all as invisible as possible. Of course, as noted, this allows an attacker to launch many attacks without notice.

                                        But they are not alone in this attitude. How do you make a server web scale reliable? “while (1) restart();”

                                        What’s often called fault tolerance is perhaps better described as fault masking. Maybe that’s ok, but sometimes it’s not.

                                        1. 1

                                          ah :)

                                    1. 4

                                      Should the link be to a playlist rather than a specific talk?

                                      1. 1

                                        you are right. I don’t know how I messed up the submission. Now I can’t delete or edit it. How do I bring this to moderators attention?

                                        1. 1

                                          I’ve fixed the link to point to the playlist.

                                      1. 2

                                        This was covered previously, if you’d like to see the previous discussion. (It’s the same article, as far as I can tell; just on the U.K. Ars Technica site this time.)

                                        1. 1

                                          thanks for the heads up, I’ve flagged it as already posted.

                                        1. 4

                                          Talks are as follows Giovanni Bechis - Pledge in OpenBSD
                                          David Spencer - Slackbuilds
                                          Charles Forsyth - Not/configure (Exploring the various aspects of portability from Bell Labs, covering Plan 9 & Inferno)
                                          Alistair Crooks - pkgsrc - early history
                                          Thomas Merkel - Testing your pkgsrc development on multiple platforms with vagrant and virtualbox
                                          Pierre Pronchery - pkg-query
                                          Bennie Siegert - Bulk builds in the cloud
                                          Sevan Janiyan - A mix of two halves
                                          Alistair Crooks - Running a third of the internet on BSD
                                          Alexander Nasonov - Installing packages from http://pkgsrcbadj4vrrrr.onion
                                          Vsevlod Stakhov - The architecture of Pkg - a modern package manager for BSD systems

                                          1. 5

                                            I guess the question is if 1/256 of all internet innovation takes place at MIT? If an IP is an essential component of innovation, how should they be distributed?

                                            1. 3

                                              Most major-in-size institutions in the US, Canada and UK still have at least one /16, so, doing a NAT with private address space is not a matter of an address space limitation, but rather a policy of doing security through obscurity.

                                              1. 0

                                                I think it’s unfair to say that a NAT between random machines and the Internet is not a genuine, purposeful security win.

                                                1. 3

                                                  NAT is not a security mechanism, it’s a hack to preserve addresses.
                                                  Using it as a security mechanism is a bad idea.
                                                  You are better off filtering at the edge but that would require another subnet for the protected hosts.
                                                  In this scenario, MIT actually have an IPS in place (try to nmap an address in the MIT subnet 18/8, then try again a second time from the same originating IP address).

                                                  1. 2

                                                    There are plenty of security goals which NAT can help with. Any large user base is going to have a few unpatched systems, after all.

                                                    1. 1

                                                      Public IP addresses can easily be firewalled, too; it’s a common policy that only SSH and Remote Desktop ports are open by default, even if you do have a static IP address.

                                                      With /16 and 65k addresses (some bigger ones have even more space), there is really no need for any private space in most circumstances.

                                                      If these institutions play dumb and refuse to provide their constituents with public IP addresses like they ought to, they should probably be mandated to return their IP space.

                                                    2. 0

                                                      I can tell that you don’t like NAT, and that’s fine – I’ve been stuck behind one before and I agree that it can be irritating. I know you can also filter traffic; I just think it’s disingenuous not to admit that the structure of an internal network behind NAT does have properties which improve security.

                                                    3. 1

                                                      Apologies if I missed the joke, sarcasm detector malfunction.

                                                1. 2

                                                  Super clear and complete! I would just have liked some links or tips to harden this a bit, if the author has some references, would be great!

                                                  1. 13

                                                    It’s OpenBSD, so just relax. Hardening is built-in and enabled by default.

                                                    1. 3

                                                      While true, we mustn’t become complacent.

                                                      1. 4

                                                        Thats why you keep your OpenBSD installs regularly updated.

                                                        1. 2

                                                          But you are running a vpn service with a weak cipher?

                                                          1. 1

                                                            the defaults are depreciated or compromised? news to me.

                                                            the only reason “weaker” ciphers are included is for backward compatibility with end points that support nothing else.

                                                            1. 1

                                                              I’m referring to following the guide & deploying a service with modp1024. Not the defaults in OpenBSD.

                                                      2. 2

                                                        While it’s a decent configuration, doing IKEv2 with the chacha20-poly1305 ciphers as described here is more secure in my opinion. That being said it won’t work for clients that don’t have the cipher baked in as it violates the RFC (in fact I think only OpenIKED has support).

                                                        1. 4

                                                          Indeed, you have to opt for the insecure modp1024 option with OS X clients, because with higher settings it’s not possible OS X client to connect using systems prefs client as described in the guide. (issue is on the OS X side)

                                                    1. 5

                                                      I wished that they FOSS’d IRIX when they pulled it off the market. It was the most mature UNIX for MIPS-based desktops. That seemed irrelevant to most people but I knew it might come in handy. The Octeon III processors from Cavium were the first to confirm that with 48 cores with most stuff like networking, compression, and crypto accelerated with dedicated hardware. A Linux or IRIX desktop with some of those might fly.

                                                      They probably had 3rd-party code in it, though, that prevented FOSSing. Plus didn’t care.

                                                      1. 5

                                                        SGI got bought by Rackable some years back (Rackable, I know…). Then Rackable got bought by someone else. I consider myself lucky that SGI released XFS source. I would love for some of the more awesome bits to have been open sourced, too.

                                                        1. 3

                                                          HP owns SGI now

                                                          1. 3

                                                            I was about to suggest emailing the new owner about FOSSing it. With your comment, I’ve lost what little hope remains of that. I mean, just look at the VMS situation. Ridiculous…

                                                          2. 2

                                                            Not just XFS. Also that whole-program optimising compiler. As part of Linux move, they also contributed improvements to the kernel for NUMA and such that might be benefiting multicores or big servers today.

                                                            So, they were helpful in a few ways.