A team of developers was working with them, that is why it makes it worth it. I am sure they have the money, but probably not enough money to pay debts and to finish the development before a new investor or the IPO goes through.

A team of developers was working with them, that is why it makes it worth it. I am sure they have the money, but probably not enough money to pay debts and to finish the development before a new investor or the IPO goes through.

Scheme FRP library?

Expecting Signal to protect anyone specifically targeted by a nation-state is a huge misunderstanding of the threat models involved.

In this article, resistance to governments constantly comes up as a theme of his work. He also pushed for his tech to be used to help resist police states like with the Arab Spring example. Although he mainly increased the baseline, the tool has been pushed for resisting governments and articles like that could increase perception that it was secure against governments.

This nation-state angle didn’t come out of thin air from paranoid, security people: it’s the kind of thing Moxie talks about. In one talk, he even started with a picture of two, activist friends jailed in Iran in part to show the evils that motivate him. Stuff like that only made the stuff Drew complains about on centralization, control, and dependence on cooperating with surveillance organization stand out even more due to the inconsistency. I’d have thought he’d make signed packages for things like F-Droid sooner if he’s so worried about that stuff.

Expecting Signal to protect anyone specifically targeted by a nation-state is a huge misunderstanding of the threat models involved.

And yet, Signal is advertising with the face of Snowden and Laura Poitras, and quotes from them recommending it.

What kind of impression of the threat models involved do you think does this create?

We’ve had IRC from the 1990s, ever wonder why Slack ever became a thing? Ossification of a decentralized protocol.

I’m sorry, but this is plain incorrect. There are many expansions on IRC that have happened, including the most recent effort, IRCv3: a collectoin of extensions to IRC to add notifications, etc. Not to mention the killer point: “All of the IRCv3 extensions are backwards-compatible with older IRC clients, and older IRC servers.”

If you actually look at the protocols? Slack is a clear case of Not Invented Here syndrome. Slack’s interface is not only slower, but does some downright crazy things (Such as transliterating a subset of emojis to plain-text – which results in batshit crazy edge-cases).

If you have a free month, try writing a slack client. Enlightenment will follow :P

Alternative distribution mechanisms are not used by 99%+ of the existing phone userbases, providing an APK is indeed correctly viewed as harm reduction.

I’d dispute that. People who become interested in Signal seem much more prone to be using F-Droid than, say, WhatsApp users. Signal tries to be an app accessible to the common person, but few people really use it or see the need… and often they are free software enthusiasts or people who are fed up with Google and surveillance.

Ossification of a decentralized protocol.

IRC isn’t decentralised… it’s not even federated

Agreed, they are quickly becoming the only game in town worth playing with when it comes to TLS certs. Luckily they are a non-profit, so they have more transparency than say Google, who took over our email.

It’s awesome that we have easy, free TLS certs, but there shouldn’t be a single provider for such things.

The companies are just trying to protect themselves as best they can. Realistically, a European citizen suing a US-only company in a European court over European law is being frivolous and the company will likely not be affected in any way, so the butt-covering of geoip blocking is more a political statement to potential sue-ers than it is actual legal protection.

You figure it out by asking them. There are many sites that don’t serve US citizens for various reasons. When you enter them, they ask you to declare you are not a US citizen. It’s as simple as that. If they lie, it’s on them.

Honestly, this GDPR thing has gotten many Americans acting indignated and generally quite irrational over something that hardly changes anything and is not without a slew of precedent. It’s just the first time US companies are visibly seriously affected by law elsewhere. Now you know how it feels. Get over the feeling and deal with it.

Well, in principle, I would guess that European courts might be apprehensive about dictating law globally, which would essentially be the case if it was found that GDPR applies to European citizens wherever they may be, and even if a website operator had taken all reasonable precautions to block European citizens from using their cite.

Rewind 10 or 15 or 20 years and Flash was killing the web, or Javascript, or CSS, or the img tag, or table based layouts, or whatever

Flash and table based layouts really were and, to the extent that you still see them, are either hostile or opaque to people who require something like a screen reader to use a website. Abuse of javascript or images excludes people with low end hardware. Sure you can disable these things but it’s all too common that there is no functional fallback (apparently I can’t even vote or reply here without javascript being on).

Are these things “killing the web” in the sense that the web is going to stop existing as a result? Of course not, but the fact that they don’t render the web totally unusable is not a valid defense of abuses of these practices.

On top of that, nobody’s twisting anybody’s arm to visit “heavy” sites like CNN. If CNN loads too much crap, visit a lighter site.

Or just use http://lite.cnn.io

nobody’s twisting anybody’s arm to visit “heavy” sites like CNN

Exactly. It’s not a “web developers are making the web bloated” problem, it’s a “news organizations are desperate to make money and are convinced that personalized advertising and tons of statistics (Big Data!!) will help them” problem.

Lobsters is light, HN, MetaFilter, Reddit, GitHub, GitLab, personal sites/blogs, various wikis, forums, issue trackers, control panels… Most of the stuff I use is really not bloated.

If you’re reading general world news all day… stop :)

Thanks! I’d love to open-source it. However, I can’t justify the time commitment it would take yet. I’ve open-sourced many smaller projects, and I always feel compelled to answer every email I get. I wish I could post it and then just ignore it, but I really can’t.

I did make a deal with myself a long time ago. If I can get enough supporters on Patreon, I will open-source it. The code is already pretty cleaned-up and ready to go. It’s pure PHP, no dependencies. No frameworks or anything.

This idea is floating around the interwebz for a long time. I recall it being stated almost verbatim on Reddit, HN, probably on /.

And once you take it a step further, it’s clear that it shouldn’t be in a text file in the first place. Code just isn’t text. If you store it as a tree or a graph in some sort of database, it becomes possible to interact with it in much more powerful ways (including displaying it any way you like). We’ve been hobbled by equating display representation with storage format.

Ultimately I think this is the only teneble solution. I feel I must be in the minority in having an extreme dislike of columnar-style code, and what I call “white space cliffs” where a column dictates a sudden huge increase in whitespace. But I realize how much it comes down to personal aesthetics, so I wish we could all just coexist :)

Yeah, I’ve been messing around with similar ideas, see https://nick.zoic.org/art/waste-web-abstract-syntax-tree-editor/ although it’s only vapourware so far because things got busy …

Many editors already do this to some extent. They just render 4-space tabs as whatever the user asks for. Everything after the indent, though, is assumed to be spaced appropriately (which seems right, anyway?)

Because presentation isn’t just a function of the AST. Indentation usually is, but alignment can be visually useful for all kinds of reasons.

Gopher is an old protocol, I mean it predates the world wide web so it’s not about making an alternative UI to lobste.rs on http:// but on gopher:// for people who like to live in a plain-text world. See https://gopher.floodgap.com/overbite/relevance.html for more informations on gopher.

We’ve spent about half a century refining the email interface: it’s pretty good.

We’ve spent about half a century refining the email interface. Very good clients exist…. but most people still use GMail regardless.

That’s typically the result of a poor email client. We’ve had threaded discussions since at least the early 90s, and we’ve learned a lot about how to present them well. Tools such as gnus do a very good job with this — the rest of the world shouldn’t be held back because some people use poor tools.

I have never seen an email client that presented threaded discussions well. Even if such a client exists, mailing-list discussions are always a mess of incomplete quoting. And how could they not be, when the whole mailing list model is: denormalise and flatten all your structured data into a stream of 7-bit ASCII text, send a copy to every subscriber, and then hope that they’re able to successfully guess what the original structured data was.

You could maybe make a case for using an NNTP newsgroup for project discussion, but trying to squeeze it through email is inherently always going to be a lossy process. The rest of the world shouldn’t be held back because some people use poor tools indeed - that means not insisting that all code discussion has to happen via flat streams of 7-bit ASCII just because some people’s tools can’t handle anything more structured.

I agree with there being value in multipolar standards and decentralization. Between a structured but centralised API and an unstructured one with a broader ecosystem, well, there are arguments for both sides. But insisting that everything should be done via email is not the way forward; rather, we should argue for an open standard that can accommodate PRs in a structured form that would preserve the very real advantages people get from GitHub. (Perhaps something XMPP-based? Perhaps just a question of asking GitHub to submit their existing API to some kind of standards-track process).

…the new PR will lose the history of the old PR.

Why not just link to it?

This is somewhat disingenuous: while GitHub does indeed have an API, the number & maturity of GitHub API clients is rather less than the number & maturity of SMTP+IMAP clients. We’ve spent about half a century refining the email interface: it’s pretty good.

That strikes me as disingenuous as well. Email is older. Of course it has more clients, with varying degrees of maturity & ease of use. That has no bearing on whether the GitHub API or an email-based workflow is a better solution. Your point is taken; the GitHub API is not yet “Just Add Water!”-tier. But the clients and maturity will come in time, as they do with all well-used interfaces.

Github can legally delete projects or users with or without cause.

Whoever is hosting your mailing list archives, or your mail, can do the same. It’s not unheard of.

But of course my own maildir on my own machine will remain.

Meanwhile, the local copy of my git repo will remain.

I think we’re quite aways from the perfect git UI — but I’m fairly certain that it’s not a centralised website.

I’m fairly certain that it’s a website of some sort—that is, if you intend on using a definition of “perfect” that scales to those with preferences & levels of experience that differ from yours.

(author here)

Whether using the web UI or the API, one is still performing the quoted steps

Indeed, but the difference between using the UI and the API, is that the latter is much easier to build tooling around. For example, to start contributing to a random GitHub repo, I need to do the following steps:

• Tell my Emacs to clone & fork it. This is as simple as invoking a shortcut, and typing or pasting the upstream repo name. The integration in the background will do the necessary forking if needed. Or I can opt not to fork, in which case it will do it automatically later.
• Do the changes I want to do.
• Tell Emacs to open a pull request. It will commit my changes (and prompt for a commit message), create the branch, and open a PR with the same commit message. I can use a different shortcut to have more control over what my IDE does, name the branch, or create multiple commits, etc.

It is a heavily customised workflow, something that suits me. Yet, it still uses GitHub under the hood, and I’m not limited to what the web UI has to offer. The API can be built upon, it can be enriched, or customised to fit one’s desires and habits. The difference in what I need to do to get the same steps done differs drastically. Yes, my tooling does the same stuff under the hood - but that’s the point, it hides those detail from me!

(which notably never mention the browser).

Near the end of the article I replied to:

“Tools can work together, rather than having a GUI locked in the browser.”

From this, I concluded that the article was written with the GitHub web UI in mind. Because the API composes very well with other tools, and you are not locked into a browser.

That’s typically the result of a poor email client.

I used Gnus in the past, it’s a great client. But my issue with long threads and lots of branches is not that displaying them is an issue - it isn’t. Modern clients can do an amazing job making sense of them. My problem is the cognitive load of having to keep at least some of it in mind. Tools can help with that, but I can only scale so far. There are people smarter than I who can deal with these threads, I prefer not to.

What he sees as a benefit I see as a detriment: the new PR will lose the history of the old PR. Again, I think this is a tooling issue: with good tools resurrecting an ancient thread is just no big deal. Why use poor tools?

The new PR can still reference the old PR, which is not unlike having an In-Reply-To header that points to a message not in one’s archive. It’s possible to build tooling on top of this that would go and fetch the original PR for context.

Mind you, I can imagine a few ways the GitHub workflow could be improved, that would make this kind of thing easier, and less likely to loose history. I’d still rather have an API than e-mail, though.

This is somewhat disingenuous: while GitHub does indeed have an API, the number & maturity of GitHub API clients is rather less than the number & maturity of SMTP+IMAP clients. We’ve spent about half a century refining the email interface: it’s pretty good.

Refining? You mean that most MUAs look just like they did thirty years ago? There were many quality of life improvements, sure. Lots of work to make them play better with other tools (this is mostly true for tty clients and Emacs MUAs, as far as I saw). But one of the most wide-spread MUA (gmail) is absolutely terrible when it comes to working with code and mailing lists. Same goes for Outlook. The email interface story is quite sad :/

There’s a huge difference between being able to easily download all of one’s email (e.g. with OfflineIMAP) and only being at the mercy of one’s email provider going down, and being at the mercy of GitHub preserving its API for all time.

Yeah, there are more options to back up your mail. It has been around longer too, so that’s to be expected. Email is also a larger market. But there are a reasonable number of tools to help backing up one’s GitHub too. And one always makes backups anyway, just in case, right?

So yeah, there is a difference. But both are doable right now, with tools that already exist, and as such, I don’t see the need for such a fuss about it.

I use & like GitHub, and I don’t think email is perfect. I think we’re quite aways from the perfect git UI — but I’m fairly certain that it’s not a centralised website.

I don’t think GitHub is anywhere near perfect, especially not when we consider that it is proprietary software. It being centralised does have advantages however (discoverability, not needing to register/subscribe/whatever to N+1 places, and so on).

When I skimmed it, the paper was more specific about what doesnt work means. Wild shifts in value causing more holding than spending was one example. That’s also why every person I know IRL who does Bitcoin is a speculator or day trader.

The only purpose of Bitcoin is now to bring money from investors into the gamble

… and also to, you know, pay for products and services.

crypto currencies would let anybody take part of the system “capitalism” and therefore could improve it much faster and easier

So far, that “anybody” has been scammers, ransomware authors and other criminals. I’m not sure how “investing” in literal Ponzi schemes improves anything.

to invest in a company, I need to go through a third party

What’s wrong with that? The third party is legally responsible for the stuff. You can’t sue a trustless p2p ledger for accidentally burning your money.

I tried to collect the pros and cons in this article: https://begriffs.com/posts/2018-06-05-mailing-list-vs-github.html

I also spoke about this at length in a previous article:

https://drewdevault.com/2018/07/02/Email-driven-git.html

While my general experience with git email is bad (it’s annoying to set up, especially in older versions and I don’t like it’s interface too much), my experience of interaction with projects that do this was generally good. You send a patch, you get review, you send a new, self-contained patch, attached to the same thread… etc, in parallel to the rest of the project discussion. It’s a different flavour, but with a project that is used to the flow, it can really be quite pleasing.

What does it add to just using git by itself?

I think the selling point is precisely that it doesn’t add anything else. Creating a PR involves more steps and context changes than git-format-patch git-send-mail.

I have little experience using the mailing list flow, but when I had to do so (because the project required it) I found it very easy to use and better for code reviews.

In the UK, it’s pretty common for new employees to start with a period of ‘probation’ (typically a few months, though it can vary), during which the notice period is much shorter (e.g. a week’s notice, for both sides), so there’s less commitment until the employer and employee are satisfied that they’re a good match. I suspect some companies don’t take full advantage of probation (i.e. they think of it as a backup in case they make a hiring mistake, rather than an opportunity to try someone they’re not sure about after interview), but some do.

I wonder if this is true

It happens all the time in the general workplace. The South has one of the most heated histories you’ll find in things like race and gender issues. We mostly get along anywhere from tolerance to being friends. My government class was mostly split 50/50 on abortion debate with most staying friends after within days. Reading from people pushing CoC’s for political reasons, you’d think that was impossible. Yet, we do it every day in any places where peoples’ differences are tolerated. So, they’re wrong about that part. That simple.

The author’s concerns about discrimination are my concerns given I’ve watched almost every group in a dominant position down here reward members of their own group and discriminate against others. Non-whites or non-males were no exception. Their acts of racism and sexism just don’t make the news or waves on social media. Those that didn’t do this were rare, truly-inclusive folks that went out of their way to care about and understand people that were different. I love those people even if their beliefs or political moves piss me off at times. Many get along with or love me, too. I’ve learned a lot from them.

The tech industry, esp in Silicon Valley, is just strange to me vs what I normally encounter in general workplace. They seem to think only young, white males are capable of anything while preaching meritocracy and saying/doing anything without consequences. Then, the other haters, err activists, opposing them seem to think all white males are overprivileged people to minimize while giving opportunities and social dominance to every other group. Well, many of them even bring in just select groups (esp white women) ignoring other groups. Plus, carefully controlling speech and action in all forums with assumption every human is too weak to co-exist with those that disagree. With these factions, it’s as if there’s nothing else possible aside from these extremes despite massive number of counterexamples mostly outside of tech but also some in it. That includes the millions of minority members that seem to have a different opinion about minority or diversity issues.

Note: This is a tech site. I’m talking general trends. If you’re an exception, you know who you are. :)

So, I keep talking about it to try to shake people out of this binary, extremist thinking on opposite ends. For now, I don’t know what else to do given the beliefs are deeply social and emotional. That traditional and social media keeps putting them in bubbles seeing only people they’ll like the most or piss them off the most isn’t helping. One of best things I ever learned to do is keep people who oppose or aggravate me on social media. I watch their reactions to every hot topic, reading what evidence they post. Very enlightening. Plus, keep bringing the counterpoints in nice-as-I-can way to folks on the other side targeted to their perspective and terms rather than mine. Think on theirs carefully. I don’t what else to do about the herd or extremist mentalities many are about.

Btw rain1, I don’t know if you were back in time for the last thread on this but it was more interesting than most political ones. I experienced a jaw-dropping surprise or two there.

Richard Stallman said, regarding an abortion joke in glibc

IIRC he was strongly of the opinion that the joke was not about abortion, but about censorship.

I am very positive this is true. Granted, the own Weltanschauung truly reflects in one’s coding style in most cases, however, both pro-life and pro-choice advocates can have e.g. a profound desire for simplicity in their designs regardless of their opinions.

Things like this, in my opinion, are more rooted in self-discipline and habit, which is more or less not correlated with one’s opinion.

Slacking usually requires you to be in n office, so you’re still working

Exactly, when I ran my own startup, it was like working at 2 jobs. Always something to do, fix, research, discuss, plan, etc.

He did found a startup in the early 2000s.