1.  

    I know some devs who only code at work and are fine. But if there were two identical candidates (a myth, I know) except one had side projects, guess who I pick?

    1.  

      I’m not sure it’d be an easy choice for me, though a lot depends on how you resolve that bit about the “identical candidates”. To really generalize, my interactions with people who have side projects are that they learn a bunch of stuff outside of work that could be useful for work, but often would prefer to be doing those side projects too, so might be less focused and/or prone to bikeshedding. I include myself in the 2nd category, fwiw: I learn a lot of things “on my own time” but I’m not necessarily the world’s best employee if you just want to hire someone to produce code.

      If you had people with identical starting technical skill, but one had side projects, my no-other-information guess might even be that the person without side projects would be a more productive employee initially. It’s also probably true that they’d be less likely to keep up to date and/or proactively recommend new things unless there was an explicit framework in place to make that happen on work time. But I’m not sure that’s obviously worse in terms of what a company is looking for out of an employee.

    1. 8

      This advice should be expanded. Do not under any circumstance use any kind of 3rd party VPN at all.

      1. 4

        VPNs are this decade’s antivirus.

        1. 2

          This advice is hyperbolic…. there are tons of valid uses for a 3rd party VPN. For example, I use a 3rd party VPN to torrent over networks that punish me for doing so (LTE, university WiFi).

          1. 1

            OK… this is not very helpful advice. But, if you have something constructive to say on the subject, I’d like to hear it!

            I don’t suppose you’re saying that you should just trust your ISP.

            Perhaps you’re saying that you should set up and maintain your own VPN? Do you have any helpful resources to suggest for those of us who might want to do that? Because I can imagine a few ways to get that wrong too.

            But perhaps more to the point, what do you suggest for less technical people who are concerned about their privacy, or those who don’t want to maintain that much infrastructure?

            1. 3

              I don’t suppose you’re saying that you should just trust your ISP.

              If you’re using a VPN service, that’s exactly what you’re doing - just trusting the VPN operator.

              But perhaps more to the point, what do you suggest for less technical people who are concerned about their privacy, or those who don’t want to maintain that much infrastructure?

              “If you’re telling people not to buy these rocks, what do you suggest for people who are concerned about keeping tigers away and can’t afford fences and guns?”

              If you genuinely need to access the internet without being tracked, you need to put the legwork in and use Tor; this is not something you can afford to trust someone else to do for you (though there are bundled installers etc. that can make it slightly easier).

              1. 2

                Sometimes I trust my VPN operator more than my ISP. Thus using the VPN is nicer

                Example cases:

                • being in China
                • airport wifi
                1. 1

                  Using tor for many tasks is no harder than a vpn anyway

                2. 3

                  There was another blog post not too long ago about not using VPNs. This article does state all the reasons to use a VPN: protect your from your ISP and protect your location data.

                  However a VPN isn’t TOR. They can still keep logs on the VPN side and turn them over to police, even in other countries. It has a limited use and people need to understand what those uses are. Too many people use it without understand what VPNs do and don’t do (similar to the confusion around Private Window browsing .. even though there’s a clear wall of text describing the limitations, most people don’t read it).

                3. 1

                  I’d argue that pretty much anyone who reads this site has the wherewithal to set up their own VPN. Check out Streissand or Algo

                1. 6

                  I think the faulty assumption is that the happiness of users and developers is more important to the corporate bottom line than full control over the ecosystem.

                  Linux distributions have shown for a decade that providing a system for reliable software distribution while retaining full user control works very well.

                  Both Microsoft and Apple kept the first part, but dropped the second part. Allowing users to install software not sanctioned by them is a legacy feature that is removed – slowly to not cause too much uproar from users.

                  Compare it to the time when Windows started “phoning home” with XP … today it’s completely accepted that it happens. The same thing will happen with software distributed outside of Microsoft’s/Apple’s sanctioned channels. (It indeed has already happened on their mobile OSes.)

                  1. 8

                    As a long-time Linux user and believer in the four freedoms, I find it hard to accept that Linux distributions demonstrate “providing a system for reliable software distribution while retaining full user control works very well”. Linux distros seems to work well for enthusiasts and places with dedicated support staff, but we are still at least a century away from the year of Linux on the desktop. Even many developers (who probably have some overlap with the enthusiast community) have chosen Macs with unreliable software distribution like Homebrew and incomplete user control.

                    1. 2

                      I agree with you that Linux is still far away from the year of Linux on the desktop, but I think it is not related to the way Linux deals with software distribution.

                      There are other, bigger issues with Linux that need to be addressed.

                      In the end, the biggest impact on adoption would be some game studios releasing their AAA title as a Linux-exclusive. That’s highly unlikely, but I think it illustrates well that many of the factors of Linux’ success on the desktop hinge on external factors which are outside of the control of users and contributors.

                      1. 2

                        All the devs I know that use mac use linux in some virtualisation options instead of homebrew for work. Obviously thats not scientific study by any means.

                        1. 8

                          I’ll be your counter example. Homebrew is a great system, it’s not unreliable at all. I run everything on my Mac when I can, which is pretty much everything except commercial Linux-only vendor software. It all works just as well, and sometimes better, so why bother with the overhead and inconvenience of a VM? Seriously, why would you do that? It’s nonsense.

                          1. 4

                            Maybe a VM makes sense if you have very specific wishes. But really, macOS is an excellent UNIX and for most development you won’t notice much difference. Think Go, Java, Python, Ruby work. Millions of developers probably write on macOS and deploy on Linux. I’ve been doing this for a long time and ‘oh this needs a Linux specific exception’ is a rarity.

                            1. 4

                              you won’t notice much difference.

                              Some time ago I was very surprised that hfs is not case sensitive (by default). Due to a bad letter-case in an import my script would fail on linux (production), but worked on mac. Took me about 30 minutes to figure this out :)

                              1. 3

                                You can make a case sensitive code partition. And now with APFS, partitions are continuously variable size so you won’t have to deal with choosing how much goes to code vs system.

                                1. 1

                                  A case sensitive HFS+ slice on a disk image file is a good solution too.

                                2. 2

                                  Have fun checking out a git repo that has Foo and foo in it :)

                                  1. 2

                                    It was bad when microsoft did it in VB, and it’s bad when apple does it in their filesystem lol.

                                3. 2

                                  Yeah definitely. And I’ve found that accommodating two platforms where necessary makes my projects more robust and forces me to hard code less stuff. E.g. using pkg-config instead of yolocoding path literals into the build. When we switched Linux distros at work, all the packages that worked on MacOS and Linux worked great, and the Linux only ones all had to be fixed for the new distro. 🙄

                                4. 2

                                  I did it for awhile because I dislike the Mac UI a lot but needed to run it for some work things. Running in a full screen VM wasn’t that bad. Running native is better, but virtualization is pretty first class at this point. It was actually convenient in a few ways too. I had to give my mac in for repair at one point, so I just copied the VM to a new machine and I was ready to run in minutes.

                                  1. 3

                                    I use an Apple computer as my home machine, and the native Mac app I use is Terminal. That’s it. All other apps are non-Apple and cross-platform.

                                    That said, MacOS does a lot of nice things. For example, if you try to unmount a drive, it will tell you what application is still using it so you can unmount it. Windows (10) still can’t do that, you have to look in the Event viewer(!) to find the error message.

                                    1. 3

                                      In case it’s unclear, non-Native means webapps, not software that doesn’t come preinstalled on your Mac.

                                      1. 3

                                        It is actually pretty unclear what non-Native here really means. The original HN post is about sandboxed apps (distributed through the App Store) vs non-sandboxed apps distributed via a developer’s own website.

                                        Even Gruber doesn’t mention actual non-Native apps until the very last sentence. He just talks/quotes about sandboxing.

                                        1. 3

                                          The second sentence of the quoted paragraph says:

                                          Cocoa-based Mac apps are rapidly being eaten by web apps and Electron pseudo-desktop apps.

                                    2. 1

                                      full-screen VM high-five

                                    3. 1

                                      To have environment closer to production I guess (or maybe ease of installation, dunno never used homebrew). I don’t have to use mac anymore so I run pure distro, but everyone else I know uses virtualisation or containers on their macs.

                                      1. 3

                                        Homebrew is really really really easy. I actually like it over a lot of Linux package managers because it first class supports building the software with different flags. And it has binaries for the default flag set for fast installs. Installing a package on Linux with alternate build flags sucks hard in anything except portage (Gentoo), and portage is way less usable than brew. It also supports having multiple versions of packages installed, kind of half way to what nix does. And unlike Debian/CentOS it doesn’t have opinions about what should be “in the distro,” it just has up to date packages for everything and lets you pick your own philosophy.

                                        The only thing that sucks is OpenSSL ever since Apple removed it from MacOS. Brew packages handle it just fine, but the python package system is blatantly garbage and doesn’t handle it well at all. You sometimes have to pip install with CFLAGS set, or with a package specific env var because python is trash and doesn’t standardize any of this.

                                        But even on Linux using python sucks ass, so it’s not a huge disadvantage.

                                        1. 1

                                          Installing a package on Linux with alternate build flags sucks hard in anything except portage

                                          You mention nix in the following sentence, but installing packages with different flags is also something nix does well!

                                          1. 1

                                            Yes true, but I don’t want to use NixOS even a little bit. I’m thinking more vs mainstream distro package managers.

                                          2. 1

                                            For all its ease, homebrew only works properly if used by a single user who is also an administrator who only ever installs software through homebrew. And then “works properly” means “install software in a global location as the current user”.

                                            1. 1

                                              by a single user who is also an administrator

                                              So like a laptop owner?

                                              1. 1

                                                A laptop owner who hasn’t heard that it’s good practice to not have admin privileges on their regular account, maybe.

                                            2. 1

                                              But even on Linux using python sucks ass, so it’s not a huge disadvantage.

                                              Can you elaborate more on this? You create a virtualenv and go from there, everything works.

                                              1. 2

                                                It used to be worse, when mainstream distros would have either 2.4 or 2.6/2.7 and there wasn’t a lot you could do about it. Now if you’re on python 2, pretty much everyone is 2.6/2.7. Because python 2 isn’t being updated. Joy. Ruby has rvm and other tools to install different ruby versions. Java has a tarball distribution that’s easy to run in place. But with python you’re stuck with whatever your distro has pretty much.

                                                And virtualenvs suck ass. Bundler, maven / gradle, etc. all install packages globally and let you exec against arbitrary environments directly (bundle exec, mvn exec, gradle run), without messing with activating and deactivating virtualenvs. Node installs all it’s modules locally to a directory by default but at least it automatically picks those up. I know there are janky shell hacks to make virtualenvs automatically activate and deactivate with your current working directory, but come on. Janky shell hacks.

                                                That and pip just sucks. Whenever I have python dependency issues, I just blow away my venv and rebuild it from scratch. The virtualenv melting pot of files that pip dumps into one directory just blatantly breaks a lot of the time. They’re basically write once. Meanwhile every gem version has it’s own directory so you can cleanly add, update, and remove gems.

                                                Basically the ruby, java, node, etc. all have tooling actually designed to author and deploy real applications. Python never got there for some reason, and still has a ton of second rate trash. The scientific community doesn’t even bother, they use distributions like Anaconda. And Linux distros that depend on python packages handle the dependencies independently in their native package formats. Ruby gets that too, but the native packages are just… gems. And again, since gems are version binned, you can still install different versions of that gem for your own use without breaking anything. Python there is no way to avoid fucking up the system packages without using virtualenvs exclusively.

                                                1. 1

                                                  But with python you’re stuck with whatever your distro has pretty much.

                                                  I’m afraid you are mistaken, not only distros ship with 2.7 and 3.5 at same time (for years now) it is usually trivial to install newer version.

                                                  let you exec against arbitrary environments directly (bundle exec, mvn exec, gradle run), without messing with activating and deactivating virtualenvs

                                                  You can also execute from virtualenvs directly.

                                                  Whenever I have python dependency issues, I just blow away my venv and rebuild it from scratch.

                                                  I’m not sure how to comment on that :-)

                                                  1. 1

                                                    it is usually trivial to install newer version

                                                    Not my experience? How?

                                                    1. 1

                                                      Usually you have packages for all python versions available in some repository.

                                      2. 2

                                        Have they chosen Macs or have they been issued Macs? If I were setting up my development environment today I’d love to go back to Linux, but my employers keep giving me Macs.

                                        1. 3

                                          Ask for a Linux laptop. We provide both.

                                          I personally keep going Mac because I want things like wifi, decent power management, and not having to carefully construct a house of cards special snowflake desktop environment to get a useable workspace.

                                          If I used a desktop computer with statically affixed monitors and an Ethernet connection, I’d consider Linux. But Macs are still the premier Linux laptop.

                                          1. 1

                                            At my work place every employee is given a Linux desktop and they have to do a special request to get a Mac or Windows laptop (Which would be in addition to their Linux desktop).

                                        2. 3

                                          Let’s be clear though, what this author is advocating is much much worse from an individual liberty perspective than what Microsoft does today.

                                          1. 4

                                            Do you remember when we all thought Microsoft were evil for bundling their browser and media player? Those were good times.

                                        1. 8

                                          Not even the static typing advocates really believe they can write correct code with less than 100% coverage, do they?

                                          I certainly do. Depending on the nature of the unit tests you would otherwise write, it’s going to require a more aggressive type system than you’re used to, but this is totally within reach.

                                          it’s mostly the static typing people who are picking the fights

                                          If we consider what might motivate people to do this, the only obvious explanation is that static typing is, in fact, a lot better for a lot of things, and people who use static typing are acutely aware of this while people who use dynamic typing are only thinking “what’s the big deal?”.

                                          (This is also a matter of degree; if you primarily use, say, Java, you’re probably not going to appreciate static types all that much.)

                                          The author is using a cheap & dirty rhetorical technique, which is to make a bunch of dumb arguments that might trick some people, and then write off any criticism as “haha, just trolling!” when it doesn’t work. You can’t productively argue with someone if they’re just going to squirm their way out of any scrutiny.

                                          1. 2

                                            If we consider what might motivate people to do this, the only obvious explanation is that static typing is, in fact, a lot better for a lot of things, and people who use static typing are acutely aware of this while people who use dynamic typing are only thinking “what’s the big deal?”.

                                            The other obvious explanation is that static typing doesn’t help very much and people who use static typing pick fights because they’re insecure. ;)

                                            That’s why we can’t rely on “obvious explanations” when exploring causes, because the “obvious” explanation almost always is whatever confirms your own biases. That’s why we need rigorous, empirical evidence to match our claims. That’s one of the reasons Static vs Dynamic fights always go around in circles: we don’t actually have any good empirical evidence one way or another. It’s just people shouting “obvious” explanations at each other.

                                            The author is using a cheap & dirty rhetorical technique, which is to make a bunch of dumb arguments that might trick some people, and then write off any criticism as “haha, just trolling!” when it doesn’t work. You can’t productively argue with someone if they’re just going to squirm their way out of any scrutiny.

                                            That’s sorta the point in the article. These are cheap and dirty rhetorical techniques, but they’re the exact same techniques we use to argue whatever we do believe in. The only obvious (hah) way out is for us to do Empirical Software Engineering, which means actually objectively studying whatever it is we want to know.

                                            Fun story: when MacIver posted this on Twitter somebody told him “You clearly don’t understand how powerful types are, you need to check out this thing called ‘QuickCheck’…”

                                            1. 3

                                              they’re the exact same techniques we use to argue whatever we do believe in

                                              Where are static typing proponents saying “just trolling, bro”?

                                            2. 2

                                              if you primarily use, say, Java, you’re probably not going to appreciate static types all that much

                                              I think the biggest issue I see when discussing type systems is exactly this. So many people think of Java when they think of static types – but Java (outside primitives) isn’t even statically typed it just has some static helpers for it’s dynamic tag system. On top of that, Java, C, C++, etc have such un-powerful type systems that they give the whole idea a bad name due to the popularity of their bad implementations.

                                            1. 7

                                              This is a mess.

                                              • Much of the technical complexity of the web has been generated by web designers who refuse to understand and accept the constraints of the medium. Overhauling the design when the implementation becomes intolerably complex is only an option when you are the designer. This luxury is unavailable to many people who build websites.
                                              • Suggesting that CSS grid is somehow the reincarnation of table-based layout is astonishingly simple-minded. Yes, both enable grid-based design. CSS grid achieves this without corrupting the semantic quality of the document. They’re both solutions to the same problem. But there are obvious and significant differences between how they solve that problem. It’s hard to fathom how the author misses that point.
                                              • The fetishization of unminified code distribution is really bizarre. The notion that developers should ship uncompressed code so that other developers can read that code is bewildering. Developers should make technical choices that benefit the user. Code compression, by reducing the bandwidth and time required to load the webpage, is very easily understood as a choice for the user. The author seems to prioritize reliving a romanticized moment in his adolescence when he learned to build websites by reading the code of websites he visited. It’s hard not to feel contempt for somehow who would prioritize nostalgia over the needs of someone trying to load a page from their phone over a poor connection so they can access essential information like a business address or phone number.
                                              • New information always appears more complex than old information when it requires updates to a mental model. This doesn’t mean that the updated model is objectively more complex. It might be more complex. It might not be more complex. The author offers no data that quantifies an increased compexity. What he does offer is a description of the distress felt by people who resist updating their mental model in response to new information. Whether or not his conclusions are correct, I find here more bias than observation.
                                              1. 8

                                                CSS grid achieves this without corrupting the semantic quality of the document.

                                                When was the last time you saw a page that is following semantic guidelines? It is so full of crap and dynamically generated tags, hope was lost a long time ago. It seems to be so crazy that developers heard about the “don’t use tables” that they will put tabular data in floating divs. Are you kidding me?! Don’t even get me started about SPAs.

                                                The fetishization of unminified code distribution is really bizarre.

                                                The point is, I think, that the code should not require minifying and only contain the bare minimum to get the functionality required. The point is to have 1kbyte unminified JS instead of 800kbyte minified crap.

                                                1. 4

                                                  New information always appears more complex than old information when it requires updates to a mental model.

                                                  I feel like you completely missed his point here. He isn’t just talking about how complex the new stuff is. He even said flexbox was significantly better and simpler to use than “float”. What he is resisting is the continual reinvention that goes on in webdev. A new build tool every week. A new flavor of framework every month. An entire book written about loading fonts on the web. Sometimes you legitimately need that new framework or a detailed font loading library for your site. But frankly even if you are a large company you probably don’t need most of the new fad of the week that happens in web dev. FlexBox is probably still good enough for you needs. React is a genuine improvement for the state of SPA development. But 3-4 different build pipelines? No you probably don’t need that.

                                                  And while we are on the subject

                                                  CSS grid achieves this without corrupting the semantic quality of the document.

                                                  Nobody cares about the semantic quality of the document. It doesn’t really help you with anything. HTML is about presentation and it always has been. CSS allows you to modify the presentation based on what is presenting it. But you still can’t get away from the fact that how you lay things out in the html has an effect on the css you write. The semantic web has gone nowhere and it will continue to go nowhere because it’s built on a foundation that fundamentally doesn’t care about it. If we wanted semantic content we would have gone with xhtml and xslt. We didn’t because at heart html is about designing and presenting web pages not a semantic document.

                                                  1. 3

                                                    Nobody cares about the semantic quality of the document.

                                                    Anybody who uses assistive technology cares about its semantic quality.

                                                    Anybody who choses to use styles in Word documents understands why they’d want to write documents with good semantic quality.

                                                    You still can’t get away from the fact that how you lay things out in the html has an effect on the css you write.

                                                    That’s… the opposite of the point.

                                                    All of the cycles in web design – first using CSS at all (instead of tables in the HTML) and then making CSS progressively more powerful – have been about the opposite:

                                                    How you lay things out on the screen should not determine how the HTML is written.

                                                    Of course the CSS depends on the HTML, as you say. The presentation code depends on the content! But the content should not depend on the presentation code. That’s the direction CSS has been headed. And with CSS Grid, we’re very close to the point where content does not have to have a certain structure in order to permit a desired presentation.

                                                    And that’s my main issue with the essay: it presents this forward evolution in CSS as cyclical.

                                                    (The other issue is that the experience that compelled the author to write the article in the first place – the frenetic wheel reinvention that has taken hold of the Javascript world – is wholly separate from the phases of CSS. As far as that is concerned, I agree with him: a lot of that reinvention is cyclical and essentially fashion-driven, is optional for anyone who isn’t planning on pushing around megabytes of Javascript, and that anyone who is planning on doing that ought to pause and reconsider their plan.)

                                                    If we wanted semantic content we would have gone with xhtml and xslt.

                                                    Uh… what? XHTML is absolutely no different from HTML in terms of semantics and XSLT is completely orthogonal. XML is syntax, not semantics. It’s an implementation detail at most.

                                                    1. 3

                                                      If you are a building websites, please do more research and reconsider your attitude about semantic markup. Semantic markup is important for accessibility technologies like screen readers. RSS readers and search indexes also benefit from semantic markup. In short, there are clear and easily understood necessities for the semantic web. People do care about it. All front end developers I work with review the semantic quality of a document during code reviews and the reason they care is because it has a real impact on the user.

                                                      1. 2

                                                        Having built and relied on a lot of sematic web (lowercase) tech, this is just untrue. Yes, many devs don’t care to use even basic semantics (h1/section instead of div/div) but that doesn’t mean there isn’t enough good stuff out there to be useful, or that you can’t convince them to fix something for a purpose.

                                                        1. 1

                                                          I don’t know what you worked on but I’m guessing it was niche. Or if so then you spent a lot of time dealing with sites that most emphatically didn’t care about the semantic web. The fact is that a few sites caring doesn’t mean the industry cares. The majority don’t care. They just need the web page to look just so on both desktop and mobile. Everything else is secondary.

                                                    1. 13

                                                      Can I ask why stripe is called a startup? At what point does a startup become a company?

                                                      1. 7

                                                        At some point it’s probably becoming just marketing to say that X is still a startup.

                                                        1. 5

                                                          When the job market declines to the point that stability attracts prospective employees more than the opportunity for change does.

                                                          I mean, I imagine you knew that, but you did ask.

                                                          1. 6

                                                            I’m not sure I understand what you mean, to me all ‘startup’ means is a company that was recently started up (like an engine).

                                                            1. 3

                                                              Yeah, I probably could have been clearer. I was trying to suggest that what companies call themselves is far more driven by marketing concerns than by what those terms actually mean, and it’s unrealistic to expect otherwise. “Startup” suggests vitality and rapid change, while “company” suggests stability.

                                                              In this case I think the marketing concerns are more about how developers see them than about how end users see them, and developers tend to think startups are cool. In my original tweet I was only thinking about their hiring goals, but explaining it now I realize that their market share depends a lot on whether people are willing to integrate with their services, and it’s often developers who make those decisions.

                                                              1. 2

                                                                That’s a good way of putting it. I tend to think of “tech company” in a similar way personally. When trying to understand why some companies are tech companies and others aren’t, it’s hard to make sense of it just by looking at how much technology is involved.

                                                              2. 1

                                                                I’d go with the definition by Paul Graham since it was Silicon Valley that popularized the term for growth-focused, VC-funded companies. Plus, organizations like YC crank out tons of them with a lot of media influence that further cements the perception of that term. It has established meaning whether the word is a good metaphor or not. Maybe think of it like drag racing for a billion dollar prize instead of going on a long drive for whatever that gets you. ;)

                                                              3. 4

                                                                I thought it was about trying to grow a bunch every year?

                                                                Though I guess that doesn’t match things like FB that much. I’m deep in this stuff and I really couldn’t come up with much of a definition

                                                                1. 3

                                                                  “Focused on extreme growth” is how we used to reckon whether or not some company was a startup. Otherwise, a new small business is just a small business.

                                                                  1. 1

                                                                    FB is a public company, so definitely not a startup

                                                                  2. 1

                                                                    By job market, do you mean company?

                                                                    I kind of think I get what you’re going for, but if the job market defines companies that are “different” as startups, there needs to be a new word for a newly-founded company…

                                                                    1. 2

                                                                      I commented at length elsewhere, but I really meant that right now, there’s a lot of software engineers who have significant savings and are willing to take high-risk jobs because they sound fun, exciting, likely to change the world… and because being at a startup while it goes bankrupt isn’t going to halt their life plans. If there were an overall industry downturn of sufficient magnitude, engineers would have to prioritize their own financial stability while evaluating prospective employers. This would affect how companies portrayed themselves.

                                                                1. 3

                                                                  Ugh. ActivityPub makes me sad – we have so many good, deployed solutions to 80%+ of the social networking stuff, and ActivityPub just ignores all prior art (including prior art by its creators) and does everything from scratch.

                                                                  1. 3

                                                                    Why in your opinion did ActivityPub “make it” while others have failed?

                                                                    Disclosure: I contributed to Rstat.us for a while.

                                                                    1. 2

                                                                      How do you mean “make it”? You mean mastodon? Because mastodon got popular before it had implemented any ActivityPub, so that’s unrelated :)

                                                                      OStatus and IndieWeb tech are still the most widely-deployed non-mastodon (and are partially supported by mastodon as well)

                                                                      1. 1

                                                                        Bah, I apologize for not being clear. By “make it”, I mean, why has ActivityPub been promoted as a standard instead of OStatus or IndieWeb or another attempt at a protocol for the same space?

                                                                        1. 3

                                                                          OStatus mostly described a best practice for using other standards in a way that created a decentralized social network – so it never really needed standardization on its own. That + that the people behind it moved towards a next generation standards instead, eg. identi.ca moving to pump.io

                                                                          IndieWeb though is getting standardized by the very same group as has published this recommendation and eg. WebMention and Micropub has been recommendations longer than this one even.

                                                                          1. 3

                                                                            Atom, PubSuHubBub (now WebSub), and Webmention are all standards with various bodies

                                                                            1. 1

                                                                              PubSuHubBub

                                                                              Seeing some silly things they did with regard to best practices I can’t really say I feel bad about this. Things like using GETs instead of POSTs (if memory serves correctly) because of legacy stupid decisions.

                                                                              1. 1

                                                                                Yeah, Webmention was a W3C Recommendation for quite a while now even. I still don’t like how W3C standardized two ways of doing roughly the same thing…

                                                                        2. 2

                                                                          I think AP is an okay standard (although it, again, underspecifies a lot), but it doesn’t make anything possible that wasn’t already possible with OStatus, or some very simple extensions to it.

                                                                          1. 1

                                                                            In what way did you think that ActivityPub did not learn from OStatus?

                                                                            1. 1

                                                                              so many good, deployed solutions to 80%+ of the social networking stuff

                                                                              For example?

                                                                              1. 3

                                                                                friendica, hubzilla, gnu social, pleroma

                                                                                1. 4

                                                                                  pleroma

                                                                                  Pleroma either currently supports or is very close to fully supporting AP, and was a pretty important goal from the outset.

                                                                                  1. 4

                                                                                    I know, I wrote it :)

                                                                                    1. 2

                                                                                      I think I follow you then :) Thanks for writing Pleroma <3

                                                                            1. 4

                                                                              Aha, glad to see more people thinking of replacing prelude, especially Snoyman!

                                                                              The Foundation project aims towards the same goal, but I guess having a FP-complete backed alternative cannot hurt!

                                                                              [edit] Right, posted this comment too soon! This is a different approach, they plan to actually reuse the existing libraries. This is definitely nice, hopefully the prelude problem will definitely be fixed in 2~3 years from now.

                                                                              1. 3

                                                                                What “Prelude problem” ?

                                                                                1. 5

                                                                                  The project README more or less states the problem:

                                                                                  The RIO module works as a prelude replacement, providing more functionality and types out of the box than the standard prelude (such as common data types like ByteString and Text), as well as removing common “gotchas”, like partial functions and lazy I/O. The guiding principle here is:

                                                                                  • If something is safe to use in general and has no expected naming conflicts, expose it from RIO
                                                                                  • If something should not always be used, or has naming conflicts, expose it from another module in the RIO. hierarchy.

                                                                                  Snoyman and FP-complete are trying to move Haskell more in the direction of a batteries-included solution for software development. The Haskell Foundation project mentioned by @NinjaTrappeur above is attempting the same thing.

                                                                                  Many of the changes RIO makes as a Prelude replacement solve problems beginners don’t know they have until they’ve been coding a while in Haskell. Using String rather than Text or ByteString is one of the most common mistakes beginners make. And why shouldn’t they? It’s right there in the “base” of the language. And then you learn, often after months of coding, String performance is a disaster.

                                                                                  Whether RIO is the right solution, time will tell. That it’s a step in the right direction, is beyond doubt.

                                                                                  1. 5

                                                                                    I personally use Protolude. The problems it solves (for my projects, on my computer, for my use cases) are:

                                                                                    • head :: [a] -> a becomes head :: [a] -> Maybe a (and all the other partial functions that throw error "message", like tail and so on…)
                                                                                    • everything is Text
                                                                                    • convenience functions that I used to copy in all my project, for example: toS which convert from any string-like (Text, String, ByteString, …) to any other string-like.
                                                                                    • foldl, head, … are on traversable not just lists
                                                                                    • a lot of other stuff, that I’m missing at the top of my head
                                                                                    1. 2

                                                                                      afaik, it’s the issues connected with the standard prelude, either concerning inefficient data structures (String is defined as [Char], ie. a linked list) or simple lack of utilities, which are then afterwards commonly installed by many uses (eg. Data.Vector). Many other “alternative” preludes have tried to replace the standard, but most of them can’t manage to get any significant adoption.

                                                                                      That’s at least what I understand when someone says “Prelude problem”.

                                                                                      1. 2

                                                                                        The Foundation README gives some information about this “problem”, RIO gives other arguments. The two main issues people have with Prelude is partial functions and Lazy IO, as fas as I can tell.

                                                                                        1. 1

                                                                                          @akpoff, @zge and @lthms pretty much summed up the problem.

                                                                                          I would also come up with another problem class: “legacy semantics”.

                                                                                          [EDIT] The following statement is wrong.

                                                                                          The most notable offender is the Monad typeclass. As it is defined in base (prelude is re-exporting parts of the base library), Applicative is not a superclass of monad. Those two typeclasses are actually completely unrelated as it’s implemented. In other terms, you could end up with a Monad not being an Applicative. Some people are trying to fix that directly in base, some are trying to fix that in external libraries such as Foundation.

                                                                                          In the end, it is not such of a big deal for an intermediate/experienced developer; however, it is quite confusing for newcomers. Not knowing what you can safely use from the standard library is not a really nice user experience in my opinion.

                                                                                          [Edit] As a side note, I am saddened to see that the return keyword is preferred over pure. This keyword has a totally different meaning in procedural languages (ie. 90% of the languages), using it in this context is just a constant source of confusion for newcomers…

                                                                                          1. 1

                                                                                            Applicative has been a superclass of Monad for quite some time in GHC base. I disagree with the change (breaks compatibility) but understand why they did it.

                                                                                            1. 1

                                                                                              Oh yes, you’re right, my bad!

                                                                                              See monoid and semigroup, the problem is quite similar.

                                                                                      1. 3

                                                                                        Such back-and-forth movement in IT circles reminds me of an old Dilbert strip: https://thestandard.org.nz/wp-content/uploads/2011/06/dilbert-reorganisation.jpg

                                                                                        1. 2

                                                                                          It’s so true. It’s often hard to find people who appreciate that the “X is bad, let’s all move to Y” mentality requires a fair look at the good parts of X and the bad parts of Y to be an informed move. The grass is always greener.

                                                                                          It’s better still to look a why these shifts occur. For instance, the decentralized web people acknowledge that the web started that way, but, as far as I’ve seen, haven’t looked into why centralization occurs.

                                                                                          1. 1

                                                                                            I think we know why centralisation occurs, and not just on the web.

                                                                                            Marketing.

                                                                                            1. 5

                                                                                              Like hell. I used to centralize stuff because it was easier. Within one box, you have the ability to ignore the failure modes of a distributed system. Many jobs can also be done single-threaded to ignore the failings of concurrent operation. In one company and within certain distance, your clusters can use low-latency links make a limited version of a distributed system easier to handle. When distributed and/or truly P2P, you just turned a bunch of jobs that are straight-forward using 80’s-90’s method into things that are difficult in ways that might keep surprising us well past 2018.

                                                                                              1. 2

                                                                                                Centralization prioritizes rare catastrophic failure over small consistent failure. So it’s easier until it’s all the sudden not.

                                                                                                1. 1

                                                                                                  Yes, that’s the tradeoff of centralization. Taleb beats this into the ground in his writing.

                                                                                                  I look at centralization/decentralization as a design parameter. The choice is contextual. The thing most people don’t seem to realize yet is that systems tend to centralize, so if you opt for decentralization you have to be aware of that and work against it somehow.

                                                                                                  Bringing it back to software, the natural tendency for us in software is to keep adding to existing abstractions (classes, services, etc) unless we apply some diligence and either break things down periodically or set up our practices so that we are making new things rather than hacking onto existing ones.

                                                                                                  1. 1

                                                                                                    That can and does happen with some but is a lifecycle detail. Centralized services are easier to verify in the single, non-distributed case with well-understood models of failure when using high-availability clusters and recovery strategies. Note that centralized architectures with fault-tolerance are also usually modular with failure isolation and swappable components. That’s why there’s plenty of OpenVMS and NonStop systems out there with years of uptime with some having over a decade. There are battle-tested mechanisms for achieving that where it’s not hard for developers versus systems not designed that way.

                                                                                                    Microservices’ track record on both verifying their interactions and overall reliability hasn’t been as good that I can see. They also tend to use components that weren’t individually designed for high reliability with ad-hoc, less-proven protocols for ensuring availability across those components. The correctness conditions are also more spread out. Although not necessary, the dependencies for correctness also seem to change at a much-faster pace which increases odds of systematic failure. Add to decentralized/distributed nature, you might also be looking at a lot of heisenbugs. If anything, it might take a lot more skill to get a decade plus uptime using the kinds of stuff I see popular in microservices. Maybe.

                                                                                                    So far, it’s easier to get high availability and security out of a centralized architecture with strongly-consistent replication to nearby datacenters. That’s the status quo. I’m still waiting to see any data similarly showing developers easily get high-availability out of microservices, esp on commodity components and distributed. Those are what they claim they can do it with. I’ve seen some write-ups where people talk about doing microservices right. Lots of companies doing mission-critical stuff on them. There’s probable already examples to be found of some that go years without downtime or severe issues in performance. We’ll get more data coming in over time as techniques mature. I’m interested in whatever people have.

                                                                                                2. 3

                                                                                                  I think there’s a deeper reason. Decentralization just costs more. The concept is partially captured by the notion of ‘economies of scale.’ More to your point, marketing reduces discovery costs. Interesting to note that even without overt marketing, products, ideas (or any other good) tend to centralize due to ‘word of mouth.’

                                                                                                  1. 1

                                                                                                    Yes I think the root reason is capitalism, and I don’t mean that in a boogie monster kind of way. Decentralized systems spread your risk if you have secrets in your business process. However in non-capitalist systems, like p2p the costs get reduced by decentralization because the burden isn’t shared by an individual but rather small contributions.

                                                                                                    1. 2

                                                                                                      “Decentralized systems spread your risk if you have secrets in your business process. “

                                                                                                      They really don’t. This is a myth that might be worth a detailed write-up in the future. They can reduce risk in general but add risk by default. That’s because they turn one thing into several things plus their interactions. That automatically increases attack surface if we’re talking code or protocols. They often do a lot more with super-clever algorithms aiming for lots of desirable properties that get broken in new ways we’ve never seen before. Moreover, many of these run on the same CPU’s or OS’s that are commodities with the associated constant flow of 0-days. Depending on definition of risk, they might not reduce risk at all where three different organizations all using Windows or Linux can be compromised with one exploit in standard components. Then, they just directly reach for those secrets.

                                                                                                      So, the truth is decentralized systems can reduce risk or increase difficulty on attackers if they have to break most of the components to defeat the system and there’s no shortcuts. That’s not often true given pentest results. If anything, it just takes extra time and money which the black hats going after business secrets have plenty of. So, you get increased chance of failure from decentralization with no meaningful increase in security in those cases. The benefits of decentralization should be assessed on case by case basis with assessor looking out for these common problems.

                                                                                                      1. 1

                                                                                                        It’s more basic than capitalism - it’s popularity. Note that the web is decentralized but players like FB and Twitter became large hubs so we see it as centralized. We could claim that it is an artifact of capitalism, but look at something like the original Twitter without their nudges. Some users become more popular than others and that leads them to get more followers. It turns Pareto.

                                                                                                        The way that economics factors into is reduced discovery costs. For something like music, the urge is “I want to hear something good.” The stuff that other people think is good floods the system and makes it easier for you to find it. So, I’m not saying this is right or wrong, but rather that it is just something that happens. Favor your local independent coffee shop but as long as people can make choices something like Starbucks will rise as “the choice everyone knows.” There’s a centralizing tendency in systems.

                                                                                                        1. 1

                                                                                                          That’s not true and we’ve seen decentralized systems be wildly popular. Mastodon has over a million users right now.

                                                                                                          1. 2

                                                                                                            I’m willing to bet that the distribution of users over mastodon instances resembles a power law. It certainly isn’t flat. That’s my point. Popularity, whether money is involved or not, leads to hub-ishness and hubs are central to the nodes around them.

                                                                                                            1. 1

                                                                                                              Money accelerates that hubishness, without an exchange of money large instances must close their doors to new users after some point.

                                                                                                              1. 1

                                                                                                                I agree, but money is not only one way that value is accumulated and transferred. The basic thing that I’m talking about underlies both physical and social processes. The hierarchical structure of the veins on a leaf is a cost reduction maneuver too. It’s the same as the appearance of hub airports even though no money is involved. I discuss these ideas here.

                                                                                              1. 14

                                                                                                All of my upward moves have been internal, and of the form “well, we agree that I’ve been doing the job pretty successfully; let us make my title match what I’m actually doing”. IME, seniority is as much taken as it is given. (Not sure to what extent my experience is typical.)

                                                                                                (E.g. if you want to lead, mentor an intern/junior/…, or arrange to lead a small low-stakes internal project; if you want to architect, shadow an experienced architect, provide designs for your own components, and/or propose important refactorings; etc.)

                                                                                                1. 7

                                                                                                  IME, seniority is as much taken as it is given.

                                                                                                  Bingo. Show initiative in a polite yet assertive way, deliver results, and talk about those results to the right people.

                                                                                                  1. 4

                                                                                                    seniority is as much taken as it is given

                                                                                                    This sounds like good advice. Perhaps it is more applicable to intra-company movements than moving to a new company. Hiring markets are probably be more efficient than intra-company hierarchies; that is, internally companies could be stifling a lot of value by not helping juniors move into seniority, and this inefficiency can be capitalized on by just taking the responsibilities of seniority for yourself.

                                                                                                    1. 3

                                                                                                      IME moving between companies is always where you move up

                                                                                                  1. 10

                                                                                                    Any post that calls electron ultimately negative but doesn’t offer a sane replacement (where sane precludes having to use C/C++) can be easily ignored.

                                                                                                    1. 10

                                                                                                      There’s nothing wrong with calling out a problem even if you lack a solution. The problem still exists, and brining it to people’s attention may cause other people to find a solution.

                                                                                                      1. 8

                                                                                                        There is something wrong with the same type of article being submitted every few weeks with zero new information.

                                                                                                        1. 1

                                                                                                          Complaining about Electron is just whinging and nothing more. It would be much more interesting to talk about how Electron could be improved since it’s clearly here to stay.

                                                                                                          1. 4

                                                                                                            it’s clearly here to stay

                                                                                                            I don’t think that’s been anywhere near established. There is a long history of failed technologies purporting to solve the cross-platform GUI problem, from Tcl/tk to Java applets to Flash, many of which in their heydays had achieved much more traction than Electron has, and none of which turned out in the end to be here to stay.

                                                                                                            1. 2

                                                                                                              I seriously doubt much of anything, good or bad, is here to stay in a permanent sense

                                                                                                              1. 2

                                                                                                                Thing is that Electron isn’t reinventing the wheel here, and it’s based on top of web tech that’s already the most used GUI technology today. That’s what makes it so attractive in the first place. Unless you think that the HTML/Js stack is going away, then there’s no reason to think that Electron should either.

                                                                                                                It’s also worth noting that the resource consumption in Electron apps isn’t always representative of any inherent problems in Electron itself. Some apps are just not written with efficiency in mind.

                                                                                                          2. 5

                                                                                                            Did writing C++ become insane in the past few years? All those GUI programs written before HTMLNative5.js still seem to work pretty well, and fast, too.

                                                                                                            In answer to your question, Python and most of the other big scripting languages have bindings for gtk/qt/etc, Java has its own Swing and others, and it’s not uncommon for less mainstream languages (ex. Smalltalk, Racket, Factor) to have their own UI tools.

                                                                                                            1. 4

                                                                                                              Did writing C++ become insane in the past few years? All those GUI programs written before HTMLNative5.js still seem to work pretty well, and fast, too.

                                                                                                              It’s always been insane, you can tell by the fact that those programs “crashing” is regarded as normal.

                                                                                                              In answer to your question, Python and most of the other big scripting languages have bindings for gtk/qt/etc, Java has its own Swing and others, and it’s not uncommon for less mainstream languages (ex. Smalltalk, Racket, Factor) to have their own UI tools.

                                                                                                              Shipping a cross-platform native app written in Python with PyQt or similar is a royal pain. Possibly no real technical work would be required to make it as easy as electron, just someone putting in the legwork to connect up all the pieces and make it a one-liner that you put in your build definition. Nevertheless, that legwork hasn’t been done. I would lay money that the situation with Smalltalk/Racket/Factor is the same.

                                                                                                              Java Swing has just always looked awful and performed terribly. In principle it ought to be possible to write good native-like apps in Java, but I’ve never seen it happen. Every GUI app I’ve seen in Java came with a splash screen to cover its loading time, even when it was doing something very simple (e.g. Azureus/Vuze).

                                                                                                              1. 1

                                                                                                                Writing C++ has been insane for decades, but not for the reasons you mention. Template metaprogramming is a weird lispy thing that warps your mind in a bad way, and you can never be sane again once you’ve done it. I write C++ professionally in fintech and wouldn’t use anything else for achieving low latency; and I can’t remember the last time I had a crash in production. A portable GUI in C++ is so much work though that it’s not worth the time spent.

                                                                                                              2. 1

                                                                                                                C++ the language becomes better and better every few years– but the developer tooling around it is still painful.

                                                                                                                Maybe that’s just my personal bias against cmake / automake.

                                                                                                            1. 3

                                                                                                              The advice I’ve always given applies now more than ever: use a hardware wallet. Besides dumb shit like this, there’s also the risk that any keys you keep in RAM get swiped by the new set of side-channel attacks.

                                                                                                              Electrum has good hardware wallet support too! It’s just like normal except you have to approve transactions on the device before they go through. I’ve tried both the Trezor and the Ledger. They are highly cross-compatible and both good designs.

                                                                                                              1. 12

                                                                                                                Then you have to trust the hardware vendor’s security design - oh look, here’s someone breaking into a Trezor.

                                                                                                                Or that the guy you buy the hardware from isn’t just a crook.

                                                                                                                The more general problem is that cryptocurrency security is vastly harder than any normal user can be expected to achieve - because every mistake or theft is utterly irreversible, by design. “Be your own bank” means be your own financial institution Chief Security Officer, with deep system knowledge.

                                                                                                                The solution we use in the wider world is division of labour, and financial institutions that are trusted but regulated in law. This turns out to work usably well for running a modern economy, in a way that “everyone has to know everything in depth or LOL too bad” doesn’t.

                                                                                                                When someone in the Philippines got my credit card number and attempted to spend £600 on it, the first I knew about it was when my bank called me to ask about it. I verified it wasn’t me, and the charge was reversed and they sent me a new card. This is a ridiculously better level of service than I could ever get using a cryptocurrency, and the level of service that normal people in society expect from their financial services vendors.

                                                                                                                (I know you personally don’t think that level of reversibility is important, but I think you’re incorrect on this one.)

                                                                                                                Unfortunately, trusting centralised institutions - exchanges - with your crypto hasn’t worked out so well either in far too many cases. There’s reasons the conventional currency system went to insured banks with a lot of regulation.

                                                                                                                Pervasive irreversibility at all levels was the fundamental design decision of cryptocurrency - and it’s turned out to be a bad one.

                                                                                                                1. 3

                                                                                                                  oh look, here’s someone breaking into a Trezor.

                                                                                                                  Manually sideloading a custom firmware isn’t even remotely in the same realm of vulnerability as “exposed unauthenticated RPC port”

                                                                                                                  the guy you buy the hardware from isn’t just a crook.

                                                                                                                  If someone’s dumb enough to dump $34,000 into someone else’s private key, they’re definitely dumb enough to lose their money in more traditional ways.

                                                                                                                  When someone in the Philippines got my credit card number… This is a ridiculously better level of service than I could ever get using a cryptocurrency

                                                                                                                  The “level of service” you get with a cryptocurrency is that some random dude in the Phillipines can’t just go and steal your money in the first place. It seems insane to me that you can interpret this story in a positive way. As a counter-anecdote, the only unauthorized transaction I’ve ever had was when the government took money from my account due to a paperwork error and Wells Fargo charged me a “legal fee” for this privilege. Someone else should not be able to take my money without my permission, full stop. If I have to lose the ability to bust transactions in exchange, so be it.

                                                                                                                  We had basically the same argument last time; you’re of the opinion that financial systems should cater to the lowest common denominator, and I just want a system that doesn’t suck. These are both at least somewhat reasonable but they’re inherently incompatible.

                                                                                                                  There’s reasons the conventional currency system went to insured banks with a lot of regulation.

                                                                                                                  Yes, there are valid historical reasons, but “boy, I sure hate non-repudiation” isn’t one of them.

                                                                                                                  and it’s turned out to be a bad one.

                                                                                                                  You can say that as much as you want, but (as of now) over $800,000,000,000 begs to disagree.

                                                                                                                  1. 4

                                                                                                                    $800,000,000,000

                                                                                                                    That’s $800B. I wondered where that number comes from, and actually googling “800,000,000,000” gives this link, which states

                                                                                                                    Its official, total market cap now over 800,000,000,000 dollars! (sic)

                                                                                                                    What does that number represent?

                                                                                                                    It’s simply this algorithm:

                                                                                                                    • For each coin/token listed on Coinmarketcap.com, take the latest price listed
                                                                                                                    • multiply the price with outstanding tokens
                                                                                                                    • add them together

                                                                                                                    Anyone who believes that $800B represents real, actual money is, in my opinion, delusional. As an example of magnitude, the government income of Sweden, an industrialized country of 10M people, was $128B last year.

                                                                                                                    1. 5

                                                                                                                      For comparison, what was the “market cap” of the Beanie Babies market in July 1999? Where did all that value go when it crashed? Nowhere, it was an illusion.

                                                                                                                      1. 1

                                                                                                                        Not quite an illusion but perhaps a representation of the volume of funds transfer from one set of people to another set? At the point of crash, many people lose their money but there are many other people who have cashed out prior and effectively got that money from the first set.

                                                                                                                        1. 4

                                                                                                                          Nope, not even that. It represents only (last transaction) * (total number of tokens). This is not money put in, money you could get out, money you would pay to take it over (which is meaningful for a stock but not a crypto), etc. It is a meaningless number that looks good in headlines.

                                                                                                                          (I basically need to write a blog post on why “market cap” of a crypto is a completely bogus measure.)

                                                                                                                          1. 0

                                                                                                                            Where do you think the last transaction price comes from?

                                                                                                                            Please do, I’d love to read it.

                                                                                                                        2. -1

                                                                                                                          Where does the value “go” when Apple drops 0.4%? The answer is that you’re asking a nonsensical question. There’s no such thing as conservation of value - it can be spontaneously created and destroyed. It’s disappointing that someone can comfortably profess opinions about economic value without this being apparent.

                                                                                                                        3. -1

                                                                                                                          How do you think market cap is normally calculated? I’m not really sure what you’re trying to express with your insinuation that this figure is “not real” - it is, in fact, the total value of all instances of the asset as determined by the market. Multiplying volume weighted price by number of units is only a first order approximation, but it’s usually reasonably close.

                                                                                                                          1. 3

                                                                                                                            I am aware how market cap is calculated in the common usage of a stock. The question is, can you equate a cryptocurrency token with an equity stake in a company?

                                                                                                                            If someone buys all the stock in a company, they attain legal rights to everything pertaining to that company: employees, physical assets, patents, etc etc.

                                                                                                                            If someone buys all the bitcoins, what do they gain?

                                                                                                                            1. -1

                                                                                                                              If someone buys gold bars, what do they gain?

                                                                                                                              1. 2

                                                                                                                                A hunk of metal?

                                                                                                                                1. 2

                                                                                                                                  I think @wyager is suggesting that buying either gold or Bitcoin is speculation in a market driven mostly by group behaviour, so it sounds like you are in agreement. (Whereas buying stocks is different, as both you and I have suggested in this thread.)

                                                                                                                        4. 3

                                                                                                                          You can say that as much as you want, but (as of now) over $800,000,000,000 begs to disagree.

                                                                                                                          Maybe you can help me understand what exactly people are investing into? I’m trying to understand this, but so far I haven’t been able to figure it out from reading and talking to a couple of people.

                                                                                                                          From what I understand so far, people aren’t investing into an asset (since Bitcoin doesn’t have intrinsic value), and they can’t be investing into the potential of Bitcoin to replace the traditional financial system (transaction fees are high, there’s apparently a hard limit on the rate of transactions, the interface to traditional currencies has issues with trustworthiness). So what is it that they are investing into? And can Bitcoin scale to replace a country-sized or world-sized financial system?

                                                                                                                          1. 4

                                                                                                                            Most cryptocurrencies have the potential to be used in the black market (online drug sales, illicit/illegal digital goods such as carding and CP), as well as for more legitimate privacy-enhancing goods, such as VPNs. This represents, in my opinion, a base value for crypto in general (not specifically Bitcoin, this use case is relatively fungible).

                                                                                                                            The rest of the valuation is speculative.

                                                                                                                            To be charitable, people are working on proposed solutions to the issues that Bitcoin is facing right now - the latest fad is the “Lightning network”, that adds a layer on top of the BTC blockchain. This would transform BTC into literal digital gold and give rise to a new class of institutions working to provide services based on its value.

                                                                                                                            1. 2

                                                                                                                              Thanks for the information. I read a little bit about the Lightning network. It sounds like it might alleviate the scalability issues, but I still don’t understand how it makes the blockchain a replacement for gold. The blockchain is still a distributed transaction database with nice properties rather than an asset with its own commonly accepted value. Do you think you could clarify this further for me?

                                                                                                                              1. 6

                                                                                                                                I’m a card-carrying Bitcoin skeptic.

                                                                                                                                Apart from the above “real usage”, I don’t believe there’s any value in the currency at all.

                                                                                                                                “Blockchain” as a tech is mildly interesting in a distributed database kind of way, but the currency form is rooted in outdated economic theories bolstered by wild conspiracy theorizing.

                                                                                                                                1. 2

                                                                                                                                  Got it, thanks :)

                                                                                                                            2. 0

                                                                                                                              since Bitcoin doesn’t have intrinsic value

                                                                                                                              This is a dogwhistle for economic confusion, and “not even wrong”. There’s no such thing as “intrinsic value”. Nothing derives its economic value from any intrinsic property. All value is extrinsic. For example, where is the “intrinsic” values of dollars, or abstract financial instruments?

                                                                                                                              1. 2

                                                                                                                                I’m certainly not an economics expert, which is why I’m asking.

                                                                                                                                I think I have a distinction in my mind between investing (eg into shares) and speculation/trading.

                                                                                                                                I’d say that nobody “invests” into currencies or, say, derivatives, but people trade/speculate with them instead. Eg currencies are not expected to keep going up in price indefinitely.

                                                                                                                                Shares, on the other hand, are an income-generating asset (via dividends), have a soft lower bound on price (net asset value of the company), and their price has some relation to the company’s activity. Buying shares or bonds is what I call investing.

                                                                                                                                So I guess you’re saying that people who buy Bitcoin are traders/speculators. Fair enough, but in that case, my question is: why do they think the price will keep going up? What drives the upward trend in price, other than a lot of people piling on cash?

                                                                                                                                1. -1

                                                                                                                                  Good point. No one invests in currencies because they’re a bad investment - by design. Current institutional economics de rigueur mandates that currencies should be inflationary. This is a policy decision, not an inherent property of currencies in general. If the policy were different, people might treat currencies more like government bonds.

                                                                                                                                  On the other hand, people (and institutions) actually do invest into derivatives. One could argue that ETFs (generally considered the best choice for passive investors) are a kind of derivative, although mostly for PR reasons ETF providers reject that classification. Typically people mean some nonlinear contract on an underlying, like an option (also a perfectly reasonably investment depending on your goals).

                                                                                                                                  Gold doesn’t issue any dividends, but people (and companies, and governments) still invest in it. Where does its value come from? I’ll leave that to you to think about.

                                                                                                                                  Bitcoin is interesting because it has some properties of both commodities (like gold) and currencies. It arguably has most of the beneficial propterties of gold, as well as the property of (nominally) being substantially easier to handle and transfer.

                                                                                                                                  1. 2

                                                                                                                                    Aside from having some sort of a lower bound on price because it has uses as a metal, the difference with gold is that it has the benefit of being widely (practically universally) accepted as something of value. Presumably it also has relatively low price volatility (I’m not sure).

                                                                                                                                    Is the idea then that Bitcoin will also become universally accepted as an “investment” akin to gold, and have a somewhat stable price? Is that at odds with multiple competing cryptocurrencies in existence, especially in the situation where new cryptocurrencies can be added without limitation? Do you think there will be a small number of “investment grade” cryptocurrencies?

                                                                                                                                    1. 4

                                                                                                                                      the difference with gold is that it has the benefit of being widely (practically universally) accepted as something of value.

                                                                                                                                      Fun fact! In The Silk Road Valerie Hansen talks about how trade worked along (drumroll) the silk road. Merchants and armies would use both notes and gold as a medium of exchange. However, in more remote areas or areas in economic or military chaos, everybody used dry food or bolts of cloth as a medium of exchange. There’s a relatively thin band of instability where fiat currencies are not accepted but gold is. Usually you either can buy and sell currency anyway, or nobody wants your gold anyway.

                                                                                                                                      Presumably it also has relatively low price volatility

                                                                                                                                      Gold swings pretty wildly.

                                                                                                                                      1. 5

                                                                                                                                        There’s a relatively thin band of instability where fiat currencies are not accepted but gold is.

                                                                                                                                        Compared to the silk road days, I wouldn’t be surprised if the band has gotten even narrower, since USD in many places now serves as a kind of universal backup currency in preference to gold. It’s quite common for people in countries with political and/or economic unrest that’s led to a loss of faith in the national currency to turn to black-market dollars for day-to-day trading, while turning to gold for that purpose is pretty rare.

                                                                                                                                        1. 3

                                                                                                                                          I agree that the ability of gold to be a fallback currency is very questionable. Considering the price swings, I’m not sure how comparing Bitcoin to gold presents Bitcoin in a positive light.

                                                                                                                                          So what I’m left with is that both gold and Bitcoin speculation is entirely driven by group behaviour dynamics.

                                                                                                                                      2. 2

                                                                                                                                        No one invests in currencies

                                                                                                                                        Depending on how one uses the words “invests” this is not actually true. Currency speculation happens with fiat just like it does with cryptos. It’s probably not popular with the retail market in USA, but it happens elsewhere

                                                                                                                                        1. 3

                                                                                                                                          That’s exactly the distinction I was drawing: investing vs speculation. Currency speculation is of course done a lot.

                                                                                                                                2. 2

                                                                                                                                  I’d like to have edited my comment below, but it’s not possible any longer.

                                                                                                                                  Anyway, current total “market cap” is now $684B, a “loss” of $116B compared to the high water mark of 800B.

                                                                                                                                  Why?

                                                                                                                                  Because Coinmarketcap.com decided to remove South Korean exchanges from their calculations.

                                                                                                                                  1. 1

                                                                                                                                    This is a fair complaint; a more accurate notion of market cap accounts for regional liquidity limits and sources of friction. This occurs in any region with capital controls, and isn’t unique to cryptocurrencies.

                                                                                                                                    1. 2

                                                                                                                                      True. A big issue in cryptocurrency in general is the interface (i.e. exchanges) between crypto and nationally-backed fiat currencies. This is where the scamming, fraud, and dishonest trading happens.

                                                                                                                            1. 4

                                                                                                                              Documents can be rendered onto the web but they’re not first-class citizens there; the fact that it takes the web 2mb of resources to show this simple article is proof of that. At this point the web runs a bunch of code in one language to generate expressions in another language, to describe how to lay out blocks in a third language. And while being declarative and semantic is getting its moment at the top level, at every other level this is purely an operational output format. <p name="85c4" id="85c4" class="graf graf--p graf-after--li">, to take a random example from this page, is not just generated nonsense, that class is clearly generated from something that was itself generated nonsense.

                                                                                                                              What we’re reading happens to be a document. At the medium backend level, it actually has an elegant, declarative representation as a document. But at every stage after that, all of that is lost; there’s no way for the reader or the browser to know what’s a heading, a paragraph, a quote, an abbreviation, an excerpt. Custom local stylesheets will not work with the medium page. There is nothing you can do with their bundle of minified javascript except run it. Someone who actually wanted to do something document-oriented with it, like display it with different formatting or read it in a screenreader, would be best served by grabbing it from the Medium API, not what was sent to the web browser. (And Medium is actually one of the better sites in this regard; they’re at least e.g. using <em> for emphasis rather than a cascade of styled <span>s)

                                                                                                                              EPUB comes from a nobler time, a time when we imagined that semantic processing was possible. A time when we thought that the idea of the user agent knowing what was a title and what was a chapter heading, and letting the user set their own preferences for how each of them was displayed or treated, was worthwhile. Of course preparing an EPUB is harder than preparing a web page, because rather than just throwing out a pile of nonsense that spits out the right pixels in the right places, you’re expected to actually declaratively describe what your book is, which parts are which, and give semantic tools a chance to operate on your document as a document.

                                                                                                                              The web doesn’t have that, not any more. It’s understandable why - 99% of users only care about the pixels, 99% of creators only care about the pixels, and the web’s fast and loose approach gets you the pixels as quickly as possible. In the long term web content is unmaintainable, but 99% of people don’t care about the long term. It’s sad though, and a proper document format on the web - i.e. a cross-site standard that gave tools a way to understand that a header on Medium is in some sense the same thing as a header in the New York Times, and do particular things to headers and not to non-headers - would be a nice thing to have. But the web being what it is, no doubt what we’ll get is a bundle of minified javascript that turns a structured epub into pixels in the right place on the screen, and we’ll call that good.

                                                                                                                              1. 1

                                                                                                                                You know ePub is just HTML, right? Most of the user agents are a bit more sane (no JS or complex CSS) but the HTML is the same

                                                                                                                                1. 2

                                                                                                                                  XHTML, though the philosophical difference is more important than the technical one. It’s possible to put semantic HTML on today’s web. But no-one will notice, since most HTML out there is non-semantic, so it’s not practical for anyone to make use of the structure of your documents.

                                                                                                                              1. 3

                                                                                                                                It always bothers me when people just complain, loudly, when things like this happen. Shouldn’t developers of all people be sympathetic to a bug getting through and wreaking havoc? It probably wasn’t anyone’s fault and npm was probably working on it super hard so I just don’t see the point of being so negative. Like, being able to install JavaScript just isn’t that important, so just shut up and let them fix it, you know? #hugops

                                                                                                                                1. 13

                                                                                                                                  Shouldn’t developers try to learn from mistakes and design systems that are more resilient? Or anti-fragile if I understand the term correctly.

                                                                                                                                  There was a thread about npm not that long ago comparing OpenBSD ports tree (or Debian apt, if that’s your poison) to npm, and left pad came up, and the response was “that’ll never happen again.” Here we are, it happened again, but somehow OpenBSD and Debian have maintained their disaster free records. Were they just lucky? Or is it possible there’s something about their design that reduces risk? Is there anything we can learn besides “shit happens, better luck next time”?

                                                                                                                                  1. 3

                                                                                                                                    Debian’s package set is intended to work together. There are policies and maintainers and tools. Things like npm are more like a big heap of unvetted, unmaintained (except by upstream), packages that can change or disappear at any time

                                                                                                                                    1. 3

                                                                                                                                      What I am categorically not saying is “don’t criticize npm” (or anyone who has an outage). All I’m saying is that during the actual incident people shouldn’t berate ops teams since at best that does nothing and at worst adds to presumably already very high stress levels which may even impede progress towards restoring services. I’m not really sure that I have a super well-defined gripe other than “don’t you think they already know, duh??”

                                                                                                                                      Hope that clarifies what I meant since for whatever reason talking about this outage seems to make me phrase things in the most misleading possible way :P

                                                                                                                                      1. 2

                                                                                                                                        Ah, gotcha. Funny enough, I just watched the James Mickens talk where he uses the frenemy as a service monitoring service. Tell all your high school classmates about your cool startup to make them jealous, then they’ll always be the first to text you when something doesn’t work.

                                                                                                                                      2. 0

                                                                                                                                        I believe this issue doesn’t have the same culprit as left-pad, but we’ll see what the npm team is going to figure out.

                                                                                                                                        Also, IIRC npm is running a much bigger operation than Debian/OpenBSD packages, so I wouldn’t try to compare them. npm has just way bigger chance to screw something and make many more people upset just because of how much bigger they are than OpenBSD or Debian.

                                                                                                                                        1. 2

                                                                                                                                          So scale may have something to do with it. How large should a package manager be? One answer is infinite, but I’m not convinced that’s the case. If the answer is finite, what is it? Is there an upper bound on packages in a reliable ecosystem? Should we cap package managers at that number? Why or why not?

                                                                                                                                      3. 4

                                                                                                                                        How many times do you go back to the same restaurant after getting food poisoning? I realize these people might be good intentioned but at some point it’s time to cut your losses and find a better place to patronize. With better standards.

                                                                                                                                      1. 1

                                                                                                                                        I’m using SyncThing at home. Just mirror and sync a folder across multiple machines.

                                                                                                                                        One downside I see is the lack of storage somewhere else while all laptops are at home. Geographic risk.

                                                                                                                                        It also requires all machines to store the full state. ~100GB in my case.

                                                                                                                                        1. 4

                                                                                                                                          One popular differentiation between file synchronization and backups are that you can travel back in time with your backups. What happens if you - or more realistically: software you use - deletes or corrupts a file in your SyncThing repository? It would still be gone/corrupted and the problem would automatically be synced to all your machines, right?

                                                                                                                                          Personally I use borgbackup, a fork of attic, with a RAID 1 in my local NAS and an online repository to which I, honestly, don’t sync too often because even deltas take ages with the very low bandwidth I got at home, so I did the initial upload by taking disks/machines to work …and hope that the online copies are recent ‘enough’ and I can’t really resist the thought that in scenarios where both disks in my NAS and the original machines are gone/broken (fire at home, burglaries, etc.) I would probably loose access to my online storage too. I should test my backups more often!

                                                                                                                                          1. 1

                                                                                                                                            I use Borg too! At home and at work. I also highly recommend rsync.net, who are not the cheapest, but have an excellent system based on firing commands over ssh. They also have a special discount for borg and attic users http://www.rsync.net/products/attic.html

                                                                                                                                            1. 1

                                                                                                                                              Hmm - that’s really not the cheapest!

                                                                                                                                              3c/gb (on the attic discount) is 30% dearer than s3 (which replicates your data to multiple DCs vs rsync.net which only has RAID).

                                                                                                                                              1. 1

                                                                                                                                                True, though S3 has a relatively high outgoing bandwidth fee of 9c/gb (vs. free for rsync.net), so you lose about a year of the accumulated 0.7c/gb/mo savings if you ever do a restore. Possibly also some before then depending on what kind of incremental backup setup you have (is it doing two-way traffic to the remote storage to compute the diffs?).

                                                                                                                                                1. 2

                                                                                                                                                  Ahh, I hadn’t accounted for the outgoing bandwidth.

                                                                                                                                                  That said, if I ever need to do a full restore, it means both my local drives have failed at once (or, more likely, my house has burned down / flooded); in any case, an expensive proposition.

                                                                                                                                                  AFAIK glacier (at 13% the price of rsync) is the real cheap option (assuming you’re OK with recovery being slow or expensive).

                                                                                                                                                  RE traffic for diffs: I’m using perkeep (nee camlistore) which is content-addressable, so it can just compare the list of filenames to figure out what to sync.

                                                                                                                                                2. 1

                                                                                                                                                  Eh - I don’t mind paying for a service with an actual UNIX filesystem, and borg installed. Plus they don’t charge for usage so it’s not that far off. Not to shit on S3, it’s a great service, I was just posting an alternative.

                                                                                                                                                  1. 1

                                                                                                                                                    Yeah that’s fair, being able to use familiar tools is easily worth the difference (assuming a reasonable dataset size).

                                                                                                                                            2. 1

                                                                                                                                              syncThing is awsome for slow backup stuff. But i wish i could configure it such that it checks for file changes more often. Currently it takes like 5 minutes before a change is detected which results in me using Dropbox for working directory usecases.

                                                                                                                                              1. 5

                                                                                                                                                You can configure the scan time for syncthing, you can also run syncthing-inotify helper to get real-time updates

                                                                                                                                              2. 1

                                                                                                                                                That’s one huge advantage of Resilio Sync. You don’t have to store the full state in every linked node. But until RS works on OpenBSD, it’s a no-go for me.

                                                                                                                                              1. 3

                                                                                                                                                Trackbacks are back!

                                                                                                                                                Serious question: What is better about Webmentions?

                                                                                                                                                1. 5

                                                                                                                                                  The protocol is slightly simpler, but otherwise *back, *mention, they all boil down to the same function.

                                                                                                                                                  Webmention is often paired with other good things, like microformats support, but of course that’s a separate thing.

                                                                                                                                                  1. 1

                                                                                                                                                    Ah! Thanks! I’m very curious why there’s a brand new spec, with new name, that only slightly deviates in functionality… but this is (probably) a social issue that goes way beyond this spec in particular.

                                                                                                                                                    1. 5

                                                                                                                                                      It really is much simpler. Instead of messing around with XMLRPC it’s just a single HTTP POST request. it does a really good job reusing parts of the web too, so it just feels more webby. I found it extremely easy to implement :-)

                                                                                                                                                      1. 4

                                                                                                                                                        Oh, great! I’ll have to read it in more detail. It’s been a long time since I thought about XMLRPC, and completely forgot that Trackback relied on it.

                                                                                                                                                  2. 5

                                                                                                                                                    Trackback is the oldest one. It did not say anything about verifying that the source actually links to the target, making spam extremely trivial.

                                                                                                                                                    Pingback is the Wordpress XML-RPC one. Pretty much no one implemented useful presentation of pingbacks, just Wordpress’s useless default snippets. Eventually got overrun with Wordpress spam (with actual links).

                                                                                                                                                    Webmention comes from a community of people who actually care about this stuff, which leads to useful presentation of different types of responses, anti-spam solutions, propagating responses-to-responses back to the source, integration with Twitter/Facebook/etc., interaction with Mastodon/Hubzilla

                                                                                                                                                    And there’s Linked Data Notifications from people who believe that this is the Year of RDF on the Web :)

                                                                                                                                                  1. 2

                                                                                                                                                    So in practice this means that I can now send .tar.{gz,xz} archives to my friends using windows, without having to worry whether they have the right tools installed, of course assuming they’re ok with te comand line?

                                                                                                                                                    1. 4

                                                                                                                                                      If they’re ok with CLI they’re also probably ok with installing a tool ;)

                                                                                                                                                      1. 2

                                                                                                                                                        Seems like a very small subset of people.

                                                                                                                                                      1. 8

                                                                                                                                                        Good article. I think I can sum up its main points as:

                                                                                                                                                        1. Non-AMM (automatic memory managed) languages (C, Rust) are good for a particular class of problems. Outside that class, and with increased complexity, they become unmanageable.
                                                                                                                                                        2. The space of systems programming used to be just C, but now AMM languages are moving into systems programming because of availability and maturity.
                                                                                                                                                        3. The systems space will bifurcate into hard realtime (handled by Rust and C) and “other” which will be Go and other AMM systems programming languages.

                                                                                                                                                        Seems like a decent prediction.

                                                                                                                                                        1. 6

                                                                                                                                                          my take is memory management is a lot more automatic in rust than in C

                                                                                                                                                          1. 4

                                                                                                                                                            I’ve seen it referenced as compile-time garbage collection in papers.

                                                                                                                                                            1. 2

                                                                                                                                                              That’s a really neat way of putting it. I’ll have to think on that more if I learn Rust later.

                                                                                                                                                              1. 1

                                                                                                                                                                Which is not correct, since rust still provides ref counted pointers Rc/Arc.

                                                                                                                                                                1. 5

                                                                                                                                                                  As /u/singpolyma writes correctly, Rc and Arc are strictly library concerns outside of the language core. Several pieces of software (e.g. Servo) use their own versions of them.

                                                                                                                                                                  The interesting thing here is that both Rc and Arc are managed through Rusts static memory management (they are handles, which work through ownership and dropping).

                                                                                                                                                                  Data sharing is always a concern of any programming environment, be it manually or automatically managed. What Rcs are there for in Rust is multiple immutable ownership.

                                                                                                                                                                  1. 1

                                                                                                                                                                    what is the version used by servo exactly (is there some documentation somewhere ?)

                                                                                                                                                                  2. 3

                                                                                                                                                                    “provides” in a library

                                                                                                                                                                    1. 1

                                                                                                                                                                      Sure, but does it change anything? Shared ownership of memory is not handled by borrow checker/at compile time. Don’t get me wrong - I like rust and use it but calling it “compile-time garbage collection” is not correct - but might be nice PR move ;)

                                                                                                                                                                      1. 3

                                                                                                                                                                        Yes, it is. The potential allocation and de-allocation points are quite precise and handled by Ownership. Any situation of shared ownership must be dynamic and thus be evaluated at runtime, but the language handles acquiring and removing handles from memory for you transparently.

                                                                                                                                                                        One of the issues here is that “garbage collection” isn’t a rigorously defined term, so anyone claiming that there is such a thing as static garbage collection is just as right as people that say such a thing doesn’t exist.

                                                                                                                                                                        1. 1

                                                                                                                                                                          Deallocation points are handled by runtime tracked reference count. Almost exactly like raii in c++.

                                                                                                                                                                          I can agree that term “garbage collection” is vague. But this means that using it is pointless and devoid of any clear meaning.

                                                                                                                                                                          1. 2

                                                                                                                                                                            Deallocation points are handled by runtime tracked reference count. Almost exactly like raii in c++.

                                                                                                                                                                            I wrote about potential points, and those are static.

                                                                                                                                                                            Also, they happen at runtime, but not through a linked runtime system, which is usually what people care about.

                                                                                                                                                                            Hand-rolled ref-counted pointers in C have very similar semantics.

                                                                                                                                                                            I can agree that term “garbage collection” is vague. But this means that using it is pointless and devoid of any clear meaning.

                                                                                                                                                                            With most people using it and attaching meaning to it in some form or the other, I couldn’t care less about that distinction.

                                                                                                                                                                            1. 1

                                                                                                                                                                              With most people using it and attaching meaning to it in some form or the other, I couldn’t care less about that distinction.

                                                                                                                                                                              You don’t care about what you mean when you say that rust has “compile-time garbage collection”? What is this - Rust Evangelism Strike Force? ;)

                                                                                                                                                                              If we are talking about compile time guarantees for resource reclamation than there is very little difference between rust and modern c++ and I don’t see people saying that c++ has “compile time garbage collection”. Moreover just like in c++, you can easily leak memory in rust. In fact it is considered safe to leak memory (either via (A)Rc cycles or mem::forget) in safe rust.

                                                                                                                                                                2. 1

                                                                                                                                                                  I had that issue with his terminology too.

                                                                                                                                                                3. 5

                                                                                                                                                                  Dont forget Ada and Real-Time Java used in embedded scene for some time now. Groups like Aonix supplied JVM’s and such for hard, real time. On both ends, they had “profiles” that constituted different levels of functionality so one could trade determinism against power/performance.

                                                                                                                                                                1. 2

                                                                                                                                                                  How on earth is stuff like this enforced when it applies to businesses with no EU presence?

                                                                                                                                                                  Is it reasonable to expect that every person selling any product or service online must be knowledgeable about the laws of every single country on the planet?

                                                                                                                                                                  1. 6

                                                                                                                                                                    How on earth is stuff like this enforced when it applies to businesses with no EU presence?

                                                                                                                                                                    Easy, you’ll get a nasty letter from a court in the EU. If you don’t plan on ever visiting an EU country or a country which likes to hand over people to the EU then you can safely ignore those.

                                                                                                                                                                    Is it reasonable to expect that every person selling any product or service online must be knowledgeable about the laws of every single country on the planet?

                                                                                                                                                                    If you plan to do business in that country, yes.

                                                                                                                                                                    1. 4

                                                                                                                                                                      I don’t think extradition over this kind of case is likely.

                                                                                                                                                                      IANAL

                                                                                                                                                                      1. 1

                                                                                                                                                                        I don’t think extradition over this kind of case is likely.

                                                                                                                                                                        It’s not a criminal case, so it’s largely impossible.

                                                                                                                                                                        They don’t have to extradite you to fine you, however; they can hold the case without your co. choosing to send a lawyer, issue a fine, then chase your bank for the money. If your bank wants to keep doing business in the EU, it’ll freeze your accounts.

                                                                                                                                                                        1. 1

                                                                                                                                                                          I find it unlikely that any bank I could be with would do business in the EU – unless somehow wire transfer to EU banks count?

                                                                                                                                                                    2. 3

                                                                                                                                                                      Is it reasonable to expect that every person selling any product or service online must be knowledgeable about the laws of every single country on the planet?

                                                                                                                                                                      I mean, arguably, yes?

                                                                                                                                                                      1. 3

                                                                                                                                                                        I don’t know about you, but I’m not really interested in enforcing Chinese censorship rules or Saudi / Indonesian blasphemy laws. I mean, they’re free to try, but it’s expensive to send a tank to Australia.

                                                                                                                                                                        1. 1

                                                                                                                                                                          They don’t have to; they just have to convince the Australian government (or Australian banks) that you owe money for fines.

                                                                                                                                                                          1. 1

                                                                                                                                                                            If you’re selling into China, or Saudi, then you ought be prepared to either comply or suffer the consequences of non-compliance.

                                                                                                                                                                        2. 2

                                                                                                                                                                          How on earth is stuff like this enforced when it applies to businesses with no EU presence?

                                                                                                                                                                          Practically speaking, it isn’t.

                                                                                                                                                                          Investigations are expensive; cases are prioritized according to ‘impact’. You’re not going to get big enough for them to notice without having an EU presence.

                                                                                                                                                                        1. 4

                                                                                                                                                                          Most of this article is arguing about things that have almost no effect on market share.

                                                                                                                                                                          “Because no one sells systems at Besy Buy with it preinstalled.” is the answer you’re looking for. No standard user is going to replace the OS a system came with – not even to upgrade to a new major version of Windows.