1. 5

    I’m really amused they generate a C file and call out to gcc / clang. I wonder if they plan to move away from that strategy.

    1. 3

      This is a draft implementation of the concept, so probably yes.

      1. 2

        What would be gained by moving away from that?

        1. 6

          For one, no runtime dependency on a C compiler.

          C compilers are also fairly expensive to run, compared to other more targeted JIT strategies. And it’s more difficult to make the JIT code work nicely with the regular uncompiled VM code.

          Take LuaJIT. It starts by compiling the Lua code to VM bytecode. Then instead of interpreting the bytecode, it “compiles” the bytecode into native machine code that calls the interpreter functions that would be called by a loop { switch (opcode) { ... } }. That way when the JIT compiles a hot path, it directly encodes all entry points as jumps directly into the optimized code, and all exit conditions as jumps directly back to the interpreter code.

          Compare this to a external compiled object, which can only exit wholesale, leaving the VM to clean up and figure out the next step. A fully external object—C compiled or not—can’t thread into the rest of the execution, so its scope is limited to pretty isolated functions that only call similarly isolated functions, or functions with very consistent output.

          1. 2

            Compare this to a external compiled object, which can only exit wholesale, leaving the VM to clean up and figure out the next step. A fully external object—C compiled or not—can’t thread into the rest of the execution, so its scope is limited to pretty isolated functions that only call similarly isolated functions, or functions with very consistent output.

            This doesn’t seem to be related to the approach Ruby is taking, though? They’re callng out to the compiler to build a shared library, and then dynamically linking it in. There shouldn’t be anything stopping the code in the shared object from calling back into the rest of the Ruby runtime.

            1. 2

              Right, it can use the Ruby runtime, but it can’t jump directly to a specific location in the VM bytecode. It has to call a function that can execute for it, and will return back into the compiled code when that execution finishes. It’s very limited, compared to all types of code being able to jump between each other at any time.

          2. 4

            exec’ing a new process each time probably gets expensive.

            1. 3

              Typically any kind of JIT startup cost is quite expensive, but as long as you JIT the right code, the cost of exec’ing clang over the life of a long running process should amortize out to basically nothing.

              I’d expect that the bare exec cost would only become a significant factor if you were stuck flip-flopping between JITing a code section and deoptimizing it, and at that point you’d gain more from improving your JIT candidate heuristics rather than folding the machine code generator in process and continuing to let it flip-flop.

              There are other reasons they may want to move away from this C-intermediary approach, but exec cost doesn’t strike me as one of them.

        1. 10

          Huh. I didn’t realize Java is going the Firefox/Chrome model of releases.

          Overall if you have good unit tests in your software, this shouldn’t be a big deal. Update to Java x, run sbt test or gradel test or whatever, update your test-running CI container to java x, let it run there, update your production Dockerfiles to java x, deploy and check your integration tests.

          Oh you don’t have a lot of unit tests? .. wait, you don’t have any unit tests?! … Well it will probably just work .. have fun!

          1. 5

            I don’t think it’s that straightforward for everyone. It’s hard to measure the performance impact of changes to the JVM, as well as potential obscure bugs, from just unit testing. I think most big deployments and libraries will stick to LTS releases as a result, which isn’t that bad given it’s about the old pace of updates anyway.

            1. 6

              To support this point, for a specific example of a more obscure change in a JDK that caused programs to fail, see http://www.oracle.com/technetwork/java/javase/8u20-relnotes-2257729.html - it’s a long list but note this

              Collection.sort defers now defers to List.sort

              Previously Collection.sort copied the elements of the list to sort into an array, sorted that array, then updated list, in place, with those elements in the array, and the default method List.sort deferred to Collection.sort. This was a non-optimal arrangement.

              The consequence of changing to sorting in place (the optimal arrangement), is that programs which sorted in one thread and concurrently iterated in another are more likely to crash with this JVM than previously. Might be hard to test for that even in an integration test!

              Unit testing is dangerous because it gives inexperienced coders false confidence that changes are good.

            2. 2

              Huh. I didn’t realize Java is going the Firefox/Chrome model of releases.

              Well, at least Firefox has train releases + a long term release. Java doesn’t seem to have that.

              1. 11

                Didn’t the article mention Java 8 being a long term release?

                1. 13

                  Yes, Java has LTS releases, currently 8 and then 11. http://www.oracle.com/technetwork/java/eol-135779.html

                  1. 4

                    Ah, sorry, I had missed the precise scheme. I thought 8 was LTS, as it was the last “old-fashioned” release.

                    1. 1

                      Note that Red Hat will support OpenJDK 8 after Oracle discontinues their support as they have with previous releases in the past; they commit to it up to October 2020: https://access.redhat.com/articles/1299013

              1. 10

                If maintaining a popular free and open source software project is producing stress… don’t do it!

                Really, just stop. Maintaining it, I mean. Unless you have contractual obligations or it’s a job or something, just tune it all out. Who cares if people have problems. Help if you can, help if it makes you happy, and if it doesn’t, it’s not your problem and just walk away. It’s not worth your unhappiness. If you can, put a big flag that says “I’m not maintaining this, feel free to fork!” and maybe someone else will take it over, but if they don’t, that’s fine too. It’s also fine if you don’t put a flag! No skin off your nose! You don’t owe anything to anyone!

                Now I’m gonna grump even more.

                I think this wave of blog posts about how to avoid “open source burnout” and so forth might be more of a Github phenomenon. The barrier to entry has been set to too low. Back in the day, if you wanted to file a bug report, you had to jump through hoops, and those hoops required reading contributor guidelines and how to submit a bug report. Find the mailing list, see which source control they used (if they used source control), see what kind of bug tracker they used (if they use one), figure out a form to see what to submit where… Very often, in the process of producing a bug report that would even pass the filters, you would even solve the problem yourself or at the very least produce a very good bug report that nearly diagnosed the problem.

                Now all of this “social coding” is producing a bunch of people who are afraid of putting code out there due to having to deal with the beggar masses.

                Just don’t.

                1. 7

                  I totally agree that your own needs are the top priority if you are an OSS provider. Nobody has a divine right to your time.

                  I do think that having people be able to report bugs easily is really good. For even relatively small projects, this also serves as a bit of a usability forum, with non-maintainers able to chime in and help. This can give the basis for a supportive community so the owner isn’t swamped with things. Many people want to help as well.

                  Though if this is your “personal project”, then it could be very annoying (I think you can turn off issues in GH luckily?).

                  Ultimately though, the fact that huge projects used by a bazillion tech companies have funding of around $0 is shameful. Things like Celery, used by almost every major Python shop, do not have the resources to package releases because it’s basically a couple people who spend their time getting yelled at. We desperately need more money in the OSS ecosystem so people can actually build things in a sustainable way without having to suffer all this stress.

                  Hard to overestimate how much a stable paycheck makes things more bearable

                  1. 5

                    “Back in the day, if you wanted to file a bug report, you had to jump through hoops”

                    This is where I disagree. Both maintainer and other contributors’ time are valuable. Many folks won’t contribute a bug report or fix if you put time wasting obstacles in their path. Goes double if they know it was there intentionally. I remember I did one for Servo on Github just because it was easy to do so. I didnt have time to spare to do anything but try some critical features and throw a bug report on whatever I found.

                    I doubt Im the only one out there that’s more likely to help when it’s easy to do so.

                    1. 5

                      This is where I disagree. Both maintainer and other contributors’ time are valuable.

                      !!!!!

                      I remember I did one for Servo on Github just because it was easy to do so. I didnt have time to spare to do anything but try some critical features and throw a bug report on whatever I found.

                      @manishearth, who set up http://starters.servo.org, dropped this very nice sentence about contribution: “People don’t start out serious, they start out curious.”

                      1. 4

                        The problem is that projects don’t survive on such drive-by fixes alone. Yes, you fixed a bug and that’s a good thing, but the project would probably still run along just fine without that fix. And you never came back. In the long term, what projects have to care about are interested people who keep coming back. The others really don’t matter that much.

                        1. 5

                          I think this is a bit like a consumer acquisition funnel.

                          Every contributor first started off by providing a drive-by fix. If they do it enough, now they’re contributing a lot. Now you have full-time contributors.

                          1. 1

                            Sure but the question was about how high the bar for such drive-by contributions can be while still keeping a project healthy, based on the premise that making drive-by contributions too easy can result in toxic community behaviour overwhelming active maintainers.

                            1. 3

                              The “height of the contribution bar” as quality control is - in my experience - a myth. The “denying low quality contributions” is not.

                              I’ll explain why: the bar to unfounded complaints and troll is always very low. If you have an open web form somewhere, someone will mistake it for a garbage bin. And that’s what sucks you down. Dealing with those in an assertive manner gets easier when you have a group.

                              The bar to attempting contribution should be as low as possible. You’d want to make people aware that they can contribute and that they can get started very easily. You will always have to train - projects got workflows, styles, etc. that people can’t all learn in one go. Mentoring also gets somewhat easier as a group.

                              Saying “no” to a contribution is a hard. Get used to it, no one takes that off you. But it must be done.

                              Also, there’s a trend to have people voicing their frustrations blamed as “no respecting the maintainers”. There’s pretty often complaints that have some truth in them. Often, a “you’re right, can we help you with fixing it on your own?” is better then throwing stuff screenshots on Twitter.

                              1. 1

                                I agree with you but quality control is, again, a separate question. I wasn’t talking about quality control. The question is about how to best attract only those people with an appropriate kind of behaviour that won’t end up burning out maintainers, and whether a bar to contribution can factor into this.

                                I think JordiGH’s point was that if someone has to jump through some hoops to even find the right forum of communication to use (which mailing list and/or bug tracker, etc.), just by showing up at a place where maintainers will listen a contributor shows they have spent time and enganged their brains a bit to read a minimum necessary amount of text about how the project and its community works. This can be achieved, for instance, with a landing page that doesn’t directly ask people to submit code by pushing a simple button, but directs them to a document which explains how and where to make contributions.

                                If instead people can click through a social media website they sign up on only once and then have their proposed changes to various projects appear in every maintainer’s face right away with minmal effort because that’s how the site was designed, it’s no surprise that mentoring new contributors becomes relatively harder for maintainers, isn’t it? I mean, seriously, blog posts about depressed open source maintainers seem to mostly involve people using such sites.

                          2. 1

                            Id considered this but do we really have data proving it? And on projects trying to cast a wide net vs those that dont? I could imagine that scenario would be fine for OpenBSD aiming for quality but Ruby library or something might be fine with extra little commits over time.

                            1. 2

                              I think you’ll always need at least one developer dedicated enough to give the project a home, integrate changes, drive releases, and so on.

                              A pile of drive-by patches and pull requests with nothing holding them together is not a “project”.

                              Edit: BTW you said “extra little commits” and i said “drive-by fixes alone” so we may be talking past each other a bit… :)

                        2. 3

                          Really, just stop. Maintaining it, I mean. Unless you have contractual obligations or it’s a job or something, just tune it all out. Who cares if people have problems. Help if you can, help if it makes you happy, and if it doesn’t, it’s not your problem and just walk away. It’s not worth your unhappiness. If you can, put a big flag that says “I’m not maintaining this, feel free to fork!” and maybe someone else will take it over, but if they don’t, that’s fine too. It’s also fine if you don’t put a flag! No skin off your nose! You don’t owe anything to anyone!

                          Totally. In this scenario, you should just quit cold turkey.

                          The rest of the post is more advice that I’ve found myself giving multiple times to people who do want to keep maintaining the project, or be active in their larger community, but aren’t super focused on that particular library anymore.

                          1. 2

                            There’s a lot of poor communication out there with unstated assumptions on each side for relationships not just open source and that drives a lot of frustration and resentment. There are dozens of books on the subject in the self-help aisle of bookstores. The points in the article are all good advice but I think the best advice is to make it clear what on terms you volunteer your work and not be ashamed to say “I don’t want to do this but feel free to do it or fork it” if it’s not scratching your itch.

                            Personally, I’ve turned away issues resulting from old and on bleeding-edge compiler or library releases and on OS’s or equipment I don’t run (doesn’t behave on Windows XP? doesn’t work with Chinese clone of hardware? Hell if I know…)

                          1. 25

                            I think ads are the worst way to support any organization, even one I would rate as highly as Mozilla. People however are reluctant to do so otherwise, so we get to suffer all the negative sides of ads.

                            I just donated to Mozilla with https://donate.mozilla.org, please consider doing the same if you think ads/sponsored stories are the wrong path for Firefox.

                            1. 14

                              Mozilla has more than enough money to accomplish their core task. I think it’s the same problem as with Wikimedia; if you give them more money, they’re just going to find increasingly irrelevant things to spend it on. Both organizations could benefit tremendously from a huge reduction in bureaucracy, not just more money.

                              1. 9

                                I’ve definitely seen this with Wikimedia, as someone who was heavily involved with it in the early years (now I still edit, but have pulled back from meta/organizational involvement). The people running it are reasonably good and I can certainly imagine it having had worse stewardship. They have been careful not to break any of the core things that make it work. But they do, yeah, basically have more money than they know what to do with. Yet there is an organizational impulse to always get more money and launch more initiatives, just because they can (it’s a high-traffic “valuable” internet property).

                                The annual fundraising campaign is even a bit dishonest, strongly implying that they’re raising this money to keep the lights on, when doing that is a small part of the total budget. I think the overall issue is that all these organizations are now run by the same NGO/nonprofit management types who are not that different from the people who work in the C-suites at corporations. Universities are going in this direction too, as faculty senates have been weakened in favor of the same kinds of professional administrators. You can get a better administration or a worse one, but barring some real outliers, like organizations still run by their idiosyncratic founders, you’re getting basically the same class of people in most cases.

                              2. 21

                                So Mozilla does something bad, and as a result I am supposed to give it money?? Sorry, that doesn’t make any sense to me. If they need my money, they should convince me to donate willingly. What you are describing is a form of extortion.

                                I donate every month to various organizations; EFF, ACLU, Wikipedia, OpenBSD, etc. So far Mozilla has never managed to convince me to give them my money. On the contrary, why would I give money to a dysfunctional, bureaucratic organization that doesn’t seem to have a clear and focused agenda?

                                1. 9

                                  They may be a dysfunctional bureaucratic organisation without a focused agenda (wouldn’t know as I don’t work for it) which would surely make them less effective, but shouldn’t the question instead be how effective they are? Is what they produce a useful, positive change and can you get that same thing elsewhere more cost-effectively?

                                  If I really want to get to a destination, I will take a run-down bus if that is the only transport going there. And if you don’t care about the destination, then transport options don’t matter.

                                  1. 17

                                    They may be a dysfunctional bureaucratic organisation without a focused agenda (wouldn’t know as I don’t work for it) which would surely make them less effective, but shouldn’t the question instead be how effective they are? Is what they produce a useful, positive change and can you get that same thing elsewhere more cost-effectively?

                                    I am frequently in touch with Mozilla and while I sometimes feel like fighting with windmills, other parts of the org are very quick moving and highly cost effective. For example, they do a lot of very efficient training for community members like the open leadership training and the Mozilla Tech speakers. They run MDN, a prime resource for web development and documentation. Mozilla Research has high reputation.

                                    Firefox in itself is in constant rebuild and is developed. MozFest is the best conferences you can go to in this world if you want to speak tech and social subjects.

                                    I still find their developer relationship very lacking, which is probably the most visible part to us, but hey, it’s only one aspect.

                                    1. 9

                                      The fact that Mozilla is going to spend money on community activities and conferences is why I don’t donate to them. The only activity I and 99% of people care about is Firefox. All I want is a good web browser. I don’t really care about the other stuff.

                                      Maybe if they focused on what they’re good at, their hundreds of millions of dollars of revenue would be sufficient and they wouldn’t have to start selling “sponsored stories”.

                                      1. 18

                                        The only activity I and 99% of people care about is Firefox.

                                        This is a very easy statement to throw around. It’s very hard to back up.

                                        Also, what’s the point of having a FOSS organisation if they don’t share their learnings? This whole field is fresh and we have maintainers hurting left and right, but people complain when organisations do more then just code.

                                        1. 6

                                          To have a competitive, web browser we can trust plus exemplary software in a number of categories. Mozilla couldve been building trustworthy versions of useful products like SpiderOak, VPN services, and so on. Any revenue from business licensing could get them off ad revenue more over time.

                                          Instead, they waste money on lots of BS. Also, they could do whaf I say plus community work. It’s not either or. I support both.

                                          1. 8

                                            To have a competitive, web browser we can trust plus exemplary software in a number of categories. Mozilla couldve been building trustworthy versions of useful products like SpiderOak, VPN services, and so on. Any revenue from business licensing could get them off ad revenue more over time.

                                            In my opinion, the point of FOSS is sharing and I’m pretty radical that this involves approaches and practices. I agree that all you write is important, I don’t agree that it should be the sole focus. Also, Mozilla trainings are incredibly good, I have actually at some point suggested them to sell them :D.

                                            Instead, they waste money on lots of BS. Also, they could do whaf I say plus community work. It’s not either or. I support both.

                                            BS is very much in the eye of the beholder. I also haven’t said that they couldn’t do what you describe.

                                            Also, be aware that they often collaborate with other foundations and bring knowledge and connections into the deal, not everything is funded from the money MozCorp has or from donations.

                                            1. 1

                                              “Also, Mozilla trainings are incredibly good, I have actually at some point suggested them to sell them :D.”

                                              Well, there’s a good idea! :)

                                          2. 3

                                            That’s a false dichotomy because there are other ways to make money in the software industry that don’t involve selling users to advertisers.

                                            It’s unfortunate, but advertisers have so thoroughly ruined their reputation that I simply will not use ad supported services any more.

                                            I feel like Mozilla is so focused on making money for itself that it’s lost sight of what’s best for their users.

                                            1. 2

                                              That’s a false dichotomy because there are other ways to make money in the software industry that don’t involve selling users to advertisers.

                                              Ummm… sorry? The post you are replying to doesn’t speak about money at all, but what people carry about?

                                              Yes, advertising and Mozilla is an interesting debate and it’s also not like Mozilla is only doing advertisement. But flat-out criticism of the kind “Mozilla is making X amount of money” or “Mozilla supports things I don’t like” is not it

                                            2. 3

                                              This is a very easy statement to throw around. It’s very hard to back up.

                                              Would you care to back up the opposite, that over 1% of mozilla’s userbase supports the random crap Mozilla does? That’s over a million people.

                                              I think my statement is extremely likely a priori.

                                              1. 1

                                                I’d venture to guess most of them barely know what Firefox is past how they do stuff on the Internet. They want it to load up quickly, let them use their favorite sites, do that quickly, and not toast their computer with malware. If mobile tablet, maybe add not using too much battery. Those probably represent most people on Firefox along with most of its revenue. Some chunk of them will also want specific plugins to stay on Firefox but I don’t have data on their ratio.

                                                If my “probably” is correct, then what you say is probably true too.

                                            3. 5

                                              This is a valid point of view, just shedding a bit of light on why Mozilla does all this “other stuff”.

                                              Mozilla’s mission statement is to “fight for the health of the internet”, notably this is not quite the same mission statement as “make Firefox a kickass browser”. Happily, these two missions are extremely closely aligned (thus the substantial investment that went into making Quantum). Firefox provides revenue, buys Mozilla a seat at the standards table, allows Mozilla to weigh in on policy and legislation and has great brand recognition.

                                              But while developing Firefox is hugely beneficial to the health of the web, it isn’t enough. Legislation, proprietary technologies, corporations and entities of all shapes and sizes are fighting to push the web in different directions, some more beneficial to users than others. So Mozilla needs to wield the influence granted to it by Firefox to try and steer the direction of the web to a better place for all of us. That means weighing in on policy, outreach, education, experimentation, and yes, developing technology.

                                              So I get that a lot of people don’t care about Mozilla’s mission statement, and just want a kickass browser. There’s nothing wrong with that. But keep in mind that from Mozilla’s point of view, Firefox is a means to an end, not the end itself.

                                              1. 1

                                                I don’t think Mozilla does a good job at any of that other stuff. The only thing they really seem able to do well (until some clueless PR or marketing exec fucks it up) is browser tech. I donate to the EFF because they actually seem able to effect the goals you stated and don’t get distracted with random things they don’t know how to do.

                                        2. 3

                                          What if, and bear with me here, what they did ISN’T bad? What if instead they are actually making a choice that will make Firefox more attractive to new users?

                                        3. 9

                                          The upside is that atleast Mozilla is trying to make privacy respecting ads instead of simply opening up the flood gates.

                                          1. 2

                                            For now…

                                        1. 6

                                          Anyone know of cloud providers (either virtualized or real hardware) that either offer OpenBSD, or allow you to install OpenBSD easily and without hacks?

                                          I only know of prgmr.com, RootBSD and ARP Networks. I am interested in companies offering real professional support running on server grade hardware (ECC, Xeon, etc) with proper redundant networking, etc, so amateur (but cheap) stuff like Hetzner doesn’t count.

                                          Somewhat tangential, but I am also interested in European companies. I only know of CloudSigma, Tilaa, Exoscale and cloudscale.ch. Are they any good?

                                          EDIS and ITL seem to be Russian companies or shells operating in European locations, not interested in those.

                                          Many thanks!

                                          1. 5

                                            https://www.vultr.com/servers/openbsd

                                            I wouldn’t consider Gilles’ method a hack at this point, now that online.net gives you console access. Like usual, you first have to get the installer on to a disk attached to the machine. Since you can’t walk up to the machine with a stick of USB flash, copying it to the root disk from recovery mode makes all the sense.

                                            1. 2

                                              Thanks, I forgot about vultr.

                                              As for installing, I would vastly prefer PXE boot. It’s not just about getting it installed. It’s about having a supported configuration. I am not interested in running configurations not supported by the provider. What if next year they change the way they boot the machines and you can’t install OpenBSD using the new system anymore? A guarantee for PXE boot ensures forward compatibility.

                                              Or what if some provider that is using virtualization updates their hypervisor which has a new bug that only affects OpenBSD? If the provider does not explicitly support OpenBSD, it’s unlikely they will care enough to roll back the change or fix the bug.

                                              You’re not paying for hardware, as Hetzner showed, hardware is cheap, you’re paying for support and for the network. If they don’t support you, then why pay?

                                              1. 2

                                                Yeah I share your concerns. That’s why I’ve hesitated to pay for hosting and am still running all my stuff at home. It would suck to pay only to hear that I’m on my own if something changes and my system doesn’t work well after that change.

                                                Given how often OpenBSD makes it to the headlines on HN and other tech news outlets, it is really disappointing how few seem to actually care enough to run or support it. It’s also disappointing considering that the user base has a healthy disdain for twisting knobs, and the system itself doesn’t suffer much churn. It should be quite easy to find a stable & supported hardware configuration that just works for all OpenBSD users.

                                                1. 1

                                                  It should be quite easy to find a stable & supported hardware configuration that just works for all OpenBSD users.

                                                  Boom! There it is. The consumer side picks their own hardware expecting whatever they install to work on it. They pick for a lot of reasons other than compatibility, like appearance. OpenBSD supporting less hardware limits it a lot there. I’ve always thought an OpenBSD company should form that uses the Apple model of nice hardware with desktop software preloaded for some market segment that already buys Linux, terminals, or something. Maybe with some must-have software for business that provides some or most of the revenue so not much dependency on hardware sales. Any 3rd party providing dediboxes for server-side software should have it easiest since they can just standardize on some 1U or 2U stuff they know works well with OpenBSD. In theory, at least.

                                            2. 4

                                              https://www.netcup.de/

                                              I run the above setup on a VPS. OpenBSD is not officially supported, but you can upload custom images. Support was very good in the last 3-4 years (didn’t need it recently).

                                              1. 2

                                                Looks nice, especially since they are locals :) Do you mind answering some questions?

                                                • Do they support IPv6 for VPS (/64)?
                                                • Have you tried to restore a snapshot from a VPS?
                                                • Mind sharing a dmesg?
                                                1. 3
                                              2. 2

                                                I have two OpenBSD vservers running at Hetzner https://www.hetzner.com . They provide OpenBSD ISO images and a “virtual KVM console” via HTTP. So installing with softraid (RAID or crypto) is easily possible.

                                                Since one week there is no official vServer product more. Nowadays, they call it … wait for it … cloud server. The control panel looks different, however, I have no clue if something[tm] changed.

                                                Here is a dmesg from one server: http://dmesgd.nycbug.org/index.cgi?do=view&id=3441

                                                1. 2

                                                  Joyent started providing a KVM OpenBSD image for Triton last May: https://docs.joyent.com/public-cloud/instances/virtual-machines/images/openbsd

                                                  (This has been possible for some time if you had your own Triton cluster, but there was no official way until this was published.)

                                                  1. 1

                                                    What’s the deal for cloud providers for not making OpenBSD available? Is it technically complex to offer, or just that they don’t have the resources for the support? Maybe just a mention that it’s not supported by their customer service would already help users no?

                                                    1. 11

                                                      As far as I know, it’s a mix of things. Few people ask for OpenBSD, so there’s little incentive to offer it. Plus a lot of enterprise software tends to target RHEL and other “enterprise-y” offerings. Even in the open source landscape, things are pretty dire:

                                                      OpenBSD also seems to have pretty bad timing issues on qemu/KVM that have fairly deeply rooted causes. Who knows what other horrors lurk in OpenBSD as a guest.

                                                      OpenBSD doesn’t get people really excited, either. Many features are security features and that’s always a tough sell. They’d rather see things like ZFS.

                                                      For better or for worse, OpenBSD has a very small following. For everybody else, it just seems to be the testing lab where people do interesting things with OS development, such as OpenSSH, LibreSSL, KASLR, KARL, arc4random, pledge, doas, etc. that people then take into OSes that poeple actually use. Unless some kind of Red Hat of OpenBSD emerges, I don’t see that changing, too. Subjectively, it feels very UNIX-y still. You can’t just google issues and be sure people have already seen them before; you’re on your own if things break.

                                                      1. 8

                                                        Rust’s platform support has OpenBSD/amd64 in tier 3 (“which are not built or tested automatically, and may not work”).

                                                        I can talk a little about this point, as a common problem: we could support OpenBSD better if we had more knowledge and more people willing to integrate it well into our CI workflow, make good patches to our libc and so on.

                                                        It’s a damn position to be in: on the one hand, we don’t want to be the people that want to inflict work to OpenBSD. We are in no position to ask. On the other hand, we have only few with enough knowledge to make OpenBSD support good. And if we deliver half-arsed support but say we have support, we get the worst of all worlds. So, we need people to step up, and not just for a couple of patches.

                                                        This problem is a regular companion in the FOSS world, sadly :(.

                                                        Also, as noted by mulander: I forgot semarie@ again. Thanks for all the work!

                                                        1. 7

                                                          semarie@ has been working upstream with rust for ages now… It would be more accurate to say ‘we need more people to step up’.

                                                          1. 2

                                                            Right, sorry for that. I’ll change the wording.

                                                  1. 6

                                                    Is Vala still used and maintained? I thought Gnome dropped support with Gnome 3. In any case, it was a bright idea for the Gnome ecosystem, as raw C is a bit over complicated for desktop apps but scripting languages like Python are too slow for serious apps. There was Mono for a while, bit I’m glad it never caught on. Hope this will make Vala a viable alternative to C again!

                                                    1. 7

                                                      Vala is still used and maintained. Quite a few official Gnome apps are still written in Vala. Notably all of the games were ported to Vala.

                                                      As for development, it has actually picked up quite a bit in the last couple of months. The language has improved significantly in the last year. If you haven’t tried it in a while now is a good time to in my opinion.

                                                      1. 3

                                                        Interesting. Last time I checked, Vala was pretty unmaintained.

                                                        Happy to hear that changed. \o/

                                                        1. 1

                                                          This is really good to read, I also thought the project was going dormant. Vala is a tremendously under appreciated language and environment.

                                                      1. 1

                                                        Oh, another yakshave! :)

                                                        1. 4

                                                          A solid list, with one question mark.

                                                          Lynn Conway started life as a man. does this mean he/then her achievements give equally credited to men/women?

                                                          1. 52

                                                            No. Trans women are women.

                                                            1. 10

                                                              Thank you . I want to live in a world where this is just taken as a given. Lets start with our little world here people.

                                                              1. 8

                                                                What is the goal of creating a list of women in CS? If it’s to demonstrate to young girls that they can enter the field, it seems unproductive to include someone who grew up experiencing life as a man.

                                                                If the goal of creating the list is some kind of contest, then it’s counterproductive for entirely different reasons.

                                                                1. 28

                                                                  someone who grew up experiencing life as a man

                                                                  Do you know any trans women who have said they grew up experiencing life as a man? I know quite a few and none of them have expressed anything like this, and my own experience was certainly not like that.

                                                                  However, if you mean that we were treated like men, with the privilege it brings in many areas, then yes, that became even more obvious to me the moment I came out.

                                                                  Regardless, trans folks need role models too, and we don’t get a lot of respectful representation.

                                                                  1. 21
                                                                    $ curl https://www.hillelwayne.com/post/important-women-in-cs/ | grep girl | wc -l
                                                                    0
                                                                    

                                                                    The motivation for the post are clearly layed out in the first paragraph:

                                                                    I’m tired of hearing about Grace Hopper, Margaret Hamilton, and Ada Lovelace. Can’t we think of someone else for once?

                                                                    It’s a pretty pure writeup for the sake of being a list you can refer to.

                                                                    On your statement about “girls”. It’s quite bad to assume a list of women is just for kids, it’s also bad to assume trans women can’t be examples to (possibly themselves trans) girls.

                                                                    1. 4

                                                                      That’s not a motivation, that’s a tagline.

                                                                      The primary reason I would refer to a list like this is if I was demonstrating to a young woman considering CS that, perhaps despite appearances, many women have historically made major contributions to the field. I’m not sure what else I would need something like this for.

                                                                      1. 5

                                                                        Maybe its not for you to distribute but for women to discover …

                                                                      2. 1

                                                                        I don’t see why it’s bad to assume that. It feels like it would be a pretty serious turn off to me if I we’re looking for successful women and found people who were men into adulthood. I find it hard to imagine that I’m unique in that feeling. I’m sure it feels good for trans people but I’d that’s your goal admit the trade-off rather than just telling people they’re women and not transwomen.

                                                                        You can berate people for not considering trans-women to be the same as born women but it will likely just keep them quiet rather than convince them to be inspired.

                                                                        1. 19

                                                                          people who were men into adulthood

                                                                          Now I’m curious what your criteria are, if not self-identification. When did this person cease to be a man, to you?

                                                                          When they changed their name?

                                                                          When they changed their legal gender?

                                                                          When they started hormones?

                                                                          When they changed their presentation?

                                                                          When they got surgery?

                                                                          What about trans people who do none of that? E.g. I’ve changed my name and legal gender (only because governments insist on putting it in passports and whatnot,) because I had the means to do so and it bothered me enough that I did, is that enough? What about trans people who don’t have the means, option, or desire to do so?

                                                                          When biologist say that there’s not one parameter that overrides the others when it comes to determining sex¹, and that it makes more sense to just go by a person’s gender identity if you for whatever reason must label them as male/female, why is that same gender identity not enough to determine someone’s own gender?

                                                                          1. http://www.nature.com/news/sex-redefined-1.16943
                                                                      3. 16

                                                                        If it’s to demonstrate to young girls that they can enter the field, it seems unproductive to include someone who grew up experiencing life as a man.

                                                                        This is a misunderstanding of transexuality. She grew up experiencing life as a woman, but also as a woman housed in a foreign-feeling body and facing a tendency by others to mistake her gender.

                                                                        Does that mean she faced a different childhood from many other women? Sure. But she also shared many of the disadvantages they faced, frequently to a much stronger degree. Women face difficulty if they present as “femme” in this field, but it is much more intense if they present as femme AND people mis-bucket them into the “male” mental box.

                                                                    2. 14

                                                                      If they identified as a woman at the time of accomplishment, it seems quite reasonable that it’d count. For future work, just think about it in terms of trans-woman extends base class woman or at least implements the woman interface.

                                                                      In any event, your comment is quite off-topic. Rehashing this sort of stuff is an exercise that while interesting is better kept literally anywhere else on the internet–if you have questions of this variety, please seek enlightenment via private message with somebody you think may be helpful on the matter, and don’t derail here.

                                                                      1. 7

                                                                        The point of this is not to give more achievements to women… It’s to showcase people who were most likely marginalized.

                                                                        1. [Comment removed by author]

                                                                          1. 9

                                                                            This is definitely not what life is like for trans people pre-transition.

                                                                        2. 12

                                                                          It’s rude to talk about people’s gender like this fyi

                                                                          1. 0

                                                                            It’s ridiculous to allow this framing to suppress a reasonable point.

                                                                            1. 10

                                                                              It’s not a reasonable point. This is not the place to make whatever point you’re trying to make.

                                                                          2. 3

                                                                            Depends on where a person is on political spectrum. I’d probably note they’re trans if targeting a wide audience, not if a liberal one, and leave person off if a right-leaning one.

                                                                            1. 5

                                                                              what they dont know wont hurt them. As far as the right is concerned , she is a woman …

                                                                            2. 2

                                                                              It is irrelevant, and you asking this is offensive.

                                                                              1. -1

                                                                                Interesting question. I think it may be met with hostility, as it brings to mind the contradiction inherent in both claiming that sex/gender is arbitrary or constructed and also intentionally emphasizing the achievements of one gender. Based on the subset of my social circle that engages in this kind of thing, these activities are usually highly correlated. Picking one or the other seems to get people labeled as, respectively, some slang variation of “nerd”, or a “TERF”.

                                                                                1. 34

                                                                                  Can we please not for once? Every time anything similar to this comes up the thread turns into a pissfight over Gender Studies 101. Let’s just celebrate Conway’s contributions and not get into an argument about whether she “counts”.

                                                                                  1. 10

                                                                                    Much as I sympathize, transgender is controversial enough that merely putting a trans person on a list that claims all its members are a specific gender will generate reactions like that due to a huge chunk of the population not recognizing the gender claim. That will always happen unless the audience totally agrees. So, one will always have to choose between not mentioning them to avoid noise or including them combating noise.

                                                                                    1. 20

                                                                                      I would like to live in a world where trangender isnt controversial and we dont have to waste energy discussing this. Can lobsters be that world please ?

                                                                                      1. 18

                                                                                        Perhaps this is why we get accused of pushing some kind of agenda or bringing politics into things, by merely existing/being visible around people who find us ”controversial” or start questioning whether our gender is legit or what have you. I usually stay out of such discussions, but sometimes feel the need to respond to claims about trans folks that I feel come from a place of ignorance rather than bigotry or malice, but most of the time I’m proven wrong and they aren’t really interested in the science or whatever they claim, they just want an excuse to say hateful things about us. I’ve had a better than average experience on this website, when it comes to responses.

                                                                                        1. 6

                                                                                          I cant speak for everyone on the side that denies trans identity. Just my group I guess. For us and partly for others, the root of the problem is there is a status quo with massive evidence and inertia about how we categorize gender that a small segment are countering in a more subjective way. We dont think the counters carry the weight of status quo. We also prefer objective criteria about anything involving biology or human categorization where possible. I know you’ve heard the details so I spare you that

                                                                                          That means there will be people objecting every time a case comes up. If it seems mean, remember that there’s leftists who will be quick to counter anything they think shouldn’t be tolerated on a forum (eg language policing) on their principles. For me, Im just courteous with the pronouns and such since it has no real effect on me in most circumstances: I can default on kindness until forced to be more specific by a question or debate happening. Trans people are still people to me. So, I avoid bringing this stuff up much as possible.

                                                                                          The dont-rock-the-boat, kinder approach wouldve been for person rejecting the gender claim to just ignore talking about the person he or she didnt think was a woman to focus on others. The thread wouldve stayed on topic. Positive things would be said about about deserving people. And so on. Someone had to stir shit up, though. (Sighs)

                                                                                          And I agree Lobsters have handled these things much better than other places. I usually like this community even on the days it’s irritating. Relatively at least. ;)

                                                                                          1. 6

                                                                                            For us and partly for others, the root of the problem is there is a status quo with massive evidence and inertia about how we categorize gender that a small segment are countering in a more subjective way.

                                                                                            I know you’re a cool dude and would be more than happy to discuss this with you in private, but I think we all mostly agree that this is now pretty outside the realm of tech, so continuing to discuss it publicly would be getting off topic :) I’ll DM you?

                                                                                            1. 7

                                                                                              I was just answering a question at this point as I had nothing else to say. Personally, Id rather the political topics stay off Lobsters as I voted in community guidelines thread. This tangent couldnt end sooner given how off topic and conflict-creating it is.

                                                                                              Here’s something for you to try I did earlier. Just click the minus next to Derek’s comment. This whole thread instantly looks the way it should have in first place. :)

                                                                                            2. 4

                                                                                              I find the idea that everyone who disagrees with these things should avoid rocking the boat extremely disconcerting. It feels like a duty to rock it on behalf of those who agree but are too polite or afraid for their jobs or reputations to state their actual opinions, to normalize speaking honestly about uncomfortable topics.

                                                                                              I mean, I also think it’s on topic to debate the political point made by the list.

                                                                                              1. 4

                                                                                                I agree with those points. It’s why I’m in the sub-thread. The disagreement is a practical one a few others are noting:

                                                                                                “I mean, I also think it’s on topic to debate the political point made by the list.”

                                                                                                I agree. I told someone that in private plus said it here in this thread. Whether we want to bring it up, though, should depend on what the goal is. My goal is the site stays focused on interesting, preferably-deep topics with pleasant experience with minimal noise. There’s political debates and flamewars available all over the Internet with the experience that’s typical of Lobsters being a rarity. So, I’d just have not brought it up here.

                                                                                                When someone did, the early response was a mix of people saying it’s off-topic/unnecessary (my side) and a group decreeing their political views as undeniable truth or standards for the forum. Aside from no consensus on those views, prior metas on these things showed that even those people believed our standards would be defined by what we spoke for and against with silence itself being a vote for something. So, a few of us with different views on political angle, who still opposed the comment, had to speak to ensure the totality of the community was represented. It’s necessary as long as (a) we do politics here and (b) any group intends to make its politics a standard or enforeable rule. Countering that political maneuvering was all I was doing except for a larger comment where I just answered someone’s question.

                                                                                                Well, that plus reinforcing I’m against these political angles being on the site period like I vote in metas. You can easily test my hypothesis/preference. Precondition: A site that’s usually low noise with on-topic, productive comments. Goal: Identify, discuss, and celebrate the achievements of women on a list or in the comments maintaining that precondition. Test: count the comments talking about one or more women versus the gender identity of one (aka political views). It’s easier to visualize what my rule would be like if you collapse Derek’s comment tree. The whole thread meets the precondition and goal. You can also assess those active more on politics than the main topic by adding up who contributed something about an undisputed woman in CompSci and who just talked about the politics. Last I looked, there were more users doing the politics than highlighting women in CompSci as well. Precondition and goal failed on two measurements early on in discussion. There’s a lot of on-topic comments right now, though, so leaned back in good direction.

                                                                                                Time and place for everything. I’d rather this stuff stay off Lobsters with me only speaking on it where others force it. It’s not like those interested can’t message each other, set up a gender identity thread on another forum, load up IRC, and so on to discuss it. They’re smart people. There’s many mediums. A few of us here just want one to be better than the rest in quality and focus. That’s all. :) And it arguably was without that comment tree.

                                                                                              2. 8

                                                                                                So, I avoid bringing this stuff up much as possible.

                                                                                                Keep working on this

                                                                                                1. 2

                                                                                                  The dont-rock-the-boat, kinder approach wouldve been for person rejecting the gender claim to just ignore talking about the person he or she didnt think was a woman to focus on others. The thread wouldve stayed on topic. Positive things would be said about about deserving people.

                                                                                                  Do you believe the most deserving will be talked about most? If you have a population that talks positively about people whether or not they are trans, and you have a smaller population that talks only about non trans people and ignores the trans people, Which people will be talked about most in aggregate? It isn’t kinder to ignore people and their accomplishments.

                                                                                                  It is also very strange for technology people to reject a technology that changes your gender. What if you had a magic gun and you can be a women for a day, and then be a man the next, why the hell not? We have a technology now where you can be a man or a women or neither or both if you wanted to. Isn’t technology amazing? You tech person you!

                                                                                      1. [Comment from banned user removed]

                                                                                        1. 3

                                                                                          Accusations of bribery are really a low blow.

                                                                                          1. [Comment from banned user removed]

                                                                                            1. 5

                                                                                              It’s a tech acquisition, so the profit of the company is of no interest.

                                                                                              The technology of RIL is of interest for Mozilla, which is the vendor of Firefox, but also so much more.

                                                                                              Also, I kind of shrug at “10s of millions”. A million is about the price you need to hire 5-10 engineers for a year, depending on where you are. Software is expensive.

                                                                                              Jumping to bribery without anything else but pointing at “they bought a non-profitable company” is malicious, yes!

                                                                                              1. 2

                                                                                                The technology of RIL is of interest for Mozilla

                                                                                                How so? It’s yet another rehash of that trivial “save web pages for offline/later reading” concept. No technological innovation whatsoever, no interest among Firefox users either.

                                                                                          2. 1

                                                                                            If you want to choke just read the Mozilla Foundation’s financial disclosures

                                                                                            1. 2

                                                                                              Where are these hosted? I can only find general accounting information, without specific spending breakdowns.

                                                                                          1. 6

                                                                                            An interesting set of notes. I’m dubious about how much you can rely on this sort of thing. It leaves out a vast swath of the industry - e.g. private repos. I know several companies with huge and established Ruby code bases so I’m not sure I’d say “avoid Ruby”.

                                                                                            I think it’s more interesting to consider what communities are aggressively adopting open source policies. For example, science likes python (e.g. NumPy, SciPy, Jupyter) and python is heavily represented on Github. Does that mean science has embraced uploading more content to places like Github in an open fashion? (Caveat: correlation =/= causation, etc etc).

                                                                                            1. 10

                                                                                              The incredible bias here is that Ruby is the core language of GitHub. Their first big project was Rails. At some time, the only community purely happening at GitHub was Ruby. It can only go down from there.

                                                                                              What is happening in this graph is the whole world moving to GitHub, expanding its size extremely and fixing the bias that GitHub had. You can’t read anything notable in that graph. They even admit that factor and still draw that conclusion.

                                                                                              1. 9

                                                                                                Even then it’s still not accurate just yet. For every Ruby/JavaScript/Python company there’s 10 Java/.NET ones that we never hear about because they aren’t really part of the GitHub/startup/Twitter/HN sphere.

                                                                                                1. 2

                                                                                                  Yep, very much this.

                                                                                            1. 58

                                                                                              The successful applicant will be hired as freelancer (independent contractor) through the Mozilla Foundation’s third-party service Upwork (www.upwork.com).

                                                                                              Terrible idea, for a corporation with a revenue of $520,000,000 in 2016. Upwork is extremely humiliating for programmers.

                                                                                              For hourly contracts they take random snapshots of your desktop in 10 minutes intervals and they measure your mouse movements and key presses to show your activity, because design doesn’t matter, only implementation. Then they take a 2.75% cut from the client, a 20% cut from the freelancer plus extra wire transfer fees when your hard earned funds are available, some 4 weeks later, after they earned interest for Upwork.

                                                                                              Then they decided to punish those freelancers who did not upload silly promotional videos on their profiles by forcing them to have video calls for “verification” or get suspended from the platform.

                                                                                              Fuck Upwork and fuck Mozilla.

                                                                                              1. 23

                                                                                                Ugh, yes. I can totally see why they hire through external agencies, but this is totally at miss with their stated goals. Even if they don’t use the feature (it’s not necessary on fixed contracts), they shouldn’t work with a company that even does this. Independent whether this even makes sense or not.

                                                                                                (Yeah, and it’s complete bullshit, as - especially in programming - my thinking time needs to be paid)

                                                                                              1. 4

                                                                                                I use http://qutebrowser.org on my NixOS machines but it doesn’t run on other platforms. What alternative browsers are there for Mac OS?

                                                                                                edit: I’m wrong about this! https://lobste.rs/s/biqv7l/update_on_pocket_firefox_integration#c_3c8u5d

                                                                                                1. 7

                                                                                                  Are you saying you’d stop using Firefox because of default “sponsored content” in New Tab?

                                                                                                  It’s pretty easy to turn that off, just like all the other New Tab content. The article even links detailed instructions.

                                                                                                  Or is it a matter of principle for you? How do you suppose Mozilla should make money?

                                                                                                  1. 5

                                                                                                    It is not “sponsored content” - that concept does not exist in Firefox. Nobody is paying Mozilla to show specific content on New Tab.

                                                                                                    1. 3

                                                                                                      I already didn’t use Firefox, but I also don’t think browsers should have ads or be monetized.

                                                                                                      1. 2

                                                                                                        There are no ads in Firefox. Why did you think there are?

                                                                                                        1. 4

                                                                                                          There absolutely are—or were until fairly recently—ads in unfilled tiles on the new tab page. Here’s an example support forum thread asking how to get rid of them.

                                                                                                          1. 4

                                                                                                            That was two years ago and that feature was completely dropped.

                                                                                                      2. 2

                                                                                                        How do you suppose Mozilla should make money?

                                                                                                        Should Mozilla make money? Should one of the most important applications in modern-day computing be produced by a company that is incentivized to produce a profit?

                                                                                                        1. 6

                                                                                                          Mozilla corp is not incentivized to produce a profit, it is quite openly their goal to “just” keep the lights on. But that already needs quite a bit of cash. That’s a huge difference.

                                                                                                          Mozilla corp is for-profit, as for certain legal reasons, producing software is not 501(c)3 compatible. It’s a very usual setup.

                                                                                                          Yes, Mozilla should make money. Otherwise, they’d shut down.

                                                                                                          1. 2

                                                                                                            Mozilla is a non-profit, so no, they don’t have to make money. But the people who work for Mozilla don’t work for free. You can’t build a product like Firefox purely on volunteers, so Mozilla should at least be able to pay their workforce.

                                                                                                            They can’t keep up with the rest of the world and provide a quality, free software alternative browser without money.

                                                                                                            If you think the work Mozilla does is valuable (I do!) and feel like they should stay away from alternative monetization methods (I do!), you should consider donating to Mozilla so that they don’t have to find other ways of funding development.

                                                                                                        2. 3

                                                                                                          Does it have to be libre? If not, Vivaldi is an excellent web browser that believes in making easy things easy and customization easy. It’s the spiritual successor to Opera 12, which was the pinnacle of browser experiences.

                                                                                                          1. 3

                                                                                                            what do you mean? they even have prebuilt images for all major platforms. On MacOS, you can install it from Homebrew as well (brew cask install qutebrowser).

                                                                                                            1. 1

                                                                                                              What do you do about plugins? I miss a few plugins from Chrome when I tried out qutebrowser, primarily my RSS feed monitoring one as well as my usenet one.

                                                                                                              The other big one I miss is Join, but that’s sort of a separate thing in terms of how “encompassing” it is.

                                                                                                              1. 1

                                                                                                                I just installed qutebrowser too. That is just brilliant. Thanks for linking - I remember stories coming about it before but never made the effort to try it out, but now I can see it becoming pretty regular.

                                                                                                              1. 7

                                                                                                                Very disappointing. It was one of very few projects that was aiming to push beyond incrementalism and advance computing in the spirit of Engelbart and Kay.

                                                                                                                I think it was a fluke that it got funded even for this period of time. IIRC, they got some VC money. No matter what VCs say, they just can’t be interested in long term improvements without a clear way to make a profit.

                                                                                                                1. 2

                                                                                                                  I think it was a fluke that it got funded even for this period of time. IIRC, they got some VC money. No matter what VCs say, they just can’t be interested in long term improvements without a clear way to make a profit.

                                                                                                                  VC investments are bets. And I can totally see betting on something that could be a very fresh approach to getting started with computing. Programming languages might not be a viable business, but programming environments on the other hand certainly are.

                                                                                                                  1. 2

                                                                                                                    Sure, I agree, but I think Eve was about inventing a programming paradigm, not even a language, let alone an environment (the environment was sort of a consequence). From what I gleaned from their blog, it looked very much like a research project: they went through heaps of re-implementations and changed the programming paradigm a couple of times. It’s tough to get a good return on a research project in a couple of years!

                                                                                                                    1. 1

                                                                                                                      While that might be true, I’m pretty sure they didn’t get funded for researching the paradigm. If they had succeeded, they would end up with a product.

                                                                                                                      The apparent problem for me is that interest in short-term gains and research don’t really mix.

                                                                                                                      1. 2

                                                                                                                        The apparent problem for me is that interest in short-term gains and research don’t really mix.

                                                                                                                        Short-term thinking dominates both tech and the larger business context it operates in. And that is a huge problem, because short-term thinking displaces dreaming, which is required for transformative technologies.

                                                                                                                1. 12

                                                                                                                  I’d prefer it if there was no design. Just the content.

                                                                                                                  1. 16

                                                                                                                    Which you get with a (full) RSS feed.

                                                                                                                    1. 7

                                                                                                                      Yup!

                                                                                                                      Take care if you use hugo, the default rss template does not render the full article.

                                                                                                                      Here’s a modified one that renders the full article in the feed:

                                                                                                                      <rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
                                                                                                                        <channel>
                                                                                                                          <title>{{ .Title}} </title>
                                                                                                                          <link>{{ .Permalink }}</link>
                                                                                                                          <description>Recent posts</description>
                                                                                                                          <generator>Hugo -- gohugo.io</generator>{{ with .Site.LanguageCode }}
                                                                                                                          <language>{{.}}</language>{{end}}{{ with .Site.Author.email }}
                                                                                                                          <managingEditor>{{.}}{{ with $.Site.Author.name }} ({{.}}){{end}}</managingEditor>{{end}}{{ with .Site.Author.email }}
                                                                                                                          <webMaster>{{.}}{{ with $.Site.Author.name }} ({{.}}){{end}}</webMaster>{{end}}{{ with .Site.Copyright }}
                                                                                                                          <copyright>{{.}}</copyright>{{end}}{{ if not .Date.IsZero }}
                                                                                                                          <lastBuildDate>{{ .Date.Format "Mon, 02 Jan 2006 15:04:05 -0700" | safeHTML }}</lastBuildDate>{{ end }}
                                                                                                                          {{ with .OutputFormats.Get "RSS" }}
                                                                                                                              {{ printf "<atom:link href=%q rel=\"self\" type=%q />" .Permalink .MediaType | safeHTML }}
                                                                                                                          {{ end }}
                                                                                                                          {{ range .Data.Pages }}
                                                                                                                          <item>
                                                                                                                            <title>{{ .Title }}</title>
                                                                                                                            <link>{{ .Permalink }}</link>
                                                                                                                            <pubDate>{{ .Date.Format "Mon, 02 Jan 2006 15:04:05 -0700" | safeHTML }}</pubDate>
                                                                                                                            {{ with .Site.Author.email }}<author>{{.}}{{ with $.Site.Author.name }} ({{.}}){{end}}</author>{{end}}
                                                                                                                            <guid>{{ .Permalink }}</guid>
                                                                                                                            <description>{{ .Content | html }}</description>
                                                                                                                          </item>
                                                                                                                          {{ end }}
                                                                                                                        </channel>
                                                                                                                      </rss>
                                                                                                                      

                                                                                                                      I probably should have included that in the article… Too late now.

                                                                                                                      1. 3

                                                                                                                        Why is it too late now?

                                                                                                                        1. 5

                                                                                                                          I was about to answer laziness and realized this is not something that should be celebrated.

                                                                                                                          It’s now included.

                                                                                                                          1. 1

                                                                                                                            Thank you for adding it, it will be handy for me when I go back to your post in a few weeks and look for how to do this. :)

                                                                                                                      2. 1

                                                                                                                        Blogs should just be an XSLT transform applied to RSS ;)

                                                                                                                      3. 2

                                                                                                                        The built-in Firefox Reader mode is a godsend. I feel much more comfortable reading long texts in the same font, page width, background color + the scrollbar on the right now gives me a pretty good estimate of reading time.

                                                                                                                        1. 1

                                                                                                                          Weirdly, though, that all comes down to the good design of Firefox reader mode :D.

                                                                                                                        2. 1

                                                                                                                          RSS, lightweight versions (light.medium.com/usual/url ?), heck even gopher, perfectly does the job! we need these things.

                                                                                                                        1. 3

                                                                                                                          500 upvotes from me to give a little context to that mail <3. I had nearly forgotten how Eve looked like.

                                                                                                                          Sad to see it go.

                                                                                                                          1. 9

                                                                                                                            It’s a bit sad he’s taking Rust mostly as a stepping stone to sell his thing. For example, he’s not showing any examples of code that actually has that problem. But, he’s definitely right.

                                                                                                                            That being said, I find the following comment from Manish worth cross-posting: https://www.reddit.com/r/rust/comments/7sq8xl/unsafe_zig_is_safer_than_unsafe_rust/dt75ny6/

                                                                                                                            I mean, unsafe C++ is also safer than unsafe rust (all zig is unsafe zig, all c++ is unsafe c++)

                                                                                                                            Generally c++ does try to make it tedious to do really footgunny things. It’s hard to compare because UB is UB and nasal demons come out regardless, but ime the scarier kinds can be harder to trigger in c++ in many cases. Plus Rust has noalias. But this is very anecdotal, others may disagree.

                                                                                                                            1. 4

                                                                                                                              I don’t see why it is sad, it seems quite intelligent for him to adopt strategies that reach his target audience. What would really be sad is if he did all that work making zig and nobody gave it a shot because there was no reasonable way to get people to read about it.

                                                                                                                              1. 4

                                                                                                                                It’s generally not a good strategy to take simple shots at others. We’re as excited about zig as anyone else, but this sets up for an annoying and unnecessary competition.

                                                                                                                                Framing it as “Zig gets pointer alignment right” and using Rust as an example later in the post is a much better strategy. People appreciate if you point out flaws in a not-too-annoying way. That’s for example a reason why I promote Pony at any moment I can, they really get this right.

                                                                                                                                In any case, I definitely don’t intent on telling you how you should feel about it. I don’t like it and Rust happens to be the project I align with :).

                                                                                                                                1. 4

                                                                                                                                  I understand what you’re saying about putting it in a positive light instead, but honestly I’m not sure I would’ve read the article if it had been “Zig gets pointer alignment right”.

                                                                                                                                  Rust has taken a similar approach, many times it has taken “shots” at C++ and Go (I say “Rust” but of course it’s about individuals) and that is fine IMO. It is both helpful for the language to get attention, and helpful for the reader to have it compared to something more widely known.

                                                                                                                                  I’m keeping an interested eye on Zig as I think it can turn into something great, that “better C” place that’s closer to C than Go and farther from C++ than Rust (that’s my impression of the language, I may be wrong as I don’t follow it that closely yet).

                                                                                                                                  1. 3

                                                                                                                                    I don’t see it as taking a shot at Rust. At the end of the day here’s what I think will happen:

                                                                                                                                    • Rust will improve handling of this particular problem (there’s no fundamental reason Rust can’t do it)
                                                                                                                                    • Zig gets some attention

                                                                                                                                    Both wins, in my book.

                                                                                                                                    1. 7

                                                                                                                                      I don’t see it as taking a shot at Rust.

                                                                                                                                      The post starts with a language that’s safe-by-default with the temporal safety very rare in general. Cyclone and Clay are only predecessors coming to mind. The post then drops into unsafe Rust to focus on its weakest area: an area where you really want external tools like symbolic analysis or fuzzers running on it like with C. Then, post compares another language, Zig, with less safety in general to Rust in unsafe mode to show unsafe Rust is less safe in a specific case. Readers will find that the post pushing Zig sniping a weak area of Rust is also written by the author of Zig.

                                                                                                                                      That is exactly how most language promoters take a cheap shot at another language getting more attention. You might have not intended it that way but many readers will perceive it that way. skade’s suggested framing here is always better for this sort of thing. Double true if you’re authoring both the post and a competing language.

                                                                                                                                      And good luck on Zig since it’s an interesting language in the system space which I love seeing people try to improve. :)

                                                                                                                                    2. 2

                                                                                                                                      It’s generally not a good strategy to take simple shots at others. We’re as excited about zig as anyone else, but this sets up for an annoying and unnecessary competition.

                                                                                                                                      It is a competition already, people can only use a finite number of programming languages. If someone is using rust on a project, they are not using zig and vice versa.

                                                                                                                                  2. 1

                                                                                                                                    Not requiring a keyword to do unsafe operations doesn’t mean all code in a language is unsafe, it just isn’t explicitly spelled out when it is.

                                                                                                                                    1. 6

                                                                                                                                      Sure, but it means that any line of code is potentially unsafe.

                                                                                                                                      1. 5

                                                                                                                                        I like that the unsafe keyword in Rust makes it explicit. Makes it very easy to grep for unsafe behavior without additional tooling. Also frees up the mind from remember a list of unsafe operations while programming or while understanding other people’s code.

                                                                                                                                        1. 3

                                                                                                                                          That’s exactly it. Wirth did this in his languages like Oberon. Safe by default with unsafe modules saying so loud and clear.

                                                                                                                                    1. 2

                                                                                                                                      Good thing this was never a known security threat vector.

                                                                                                                                      Between this and the other recent exploits that are aided by having EVER MORE PERFORMANT JAVASCRIPT, maybe we should pump the brakes a little on things like wasm and other tools.

                                                                                                                                      1. 1

                                                                                                                                        Indeed, have they never read Cryptonomicon ?

                                                                                                                                        1. 1

                                                                                                                                          That part of the book was so weird.

                                                                                                                                          1. 1

                                                                                                                                            I thought it rather cool actually. Defeating Van Eck phreaking by using the caps lock LED as an output device :)

                                                                                                                                            1. 1

                                                                                                                                              I was referring to the first mention of Van Eck phreaking where some hackers read some very weird erotica…

                                                                                                                                        2. 1

                                                                                                                                          To be fair, they do mention related works on the github repo’s README.

                                                                                                                                          https://www.usenix.org/node/190937

                                                                                                                                          1. 1

                                                                                                                                            Also from the README:

                                                                                                                                            Publicly available documents already discuss exfiltration from secured systems using various electromagnetic radiations. This is documented in the TEMPEST guidelines published by the US National Security Agency and the US Department of Defense. This project simply adds to that discussion.

                                                                                                                                            (Emphasis mine)

                                                                                                                                            1. 1

                                                                                                                                              To be clear, that annoyance was not for the authors of this repo (who did very neat work!), but for the public at large seemingly militantly against any form of secure practices and the devs who enable that.

                                                                                                                                        1. 31

                                                                                                                                          I don’t disagree with the article. However I also can’t help but to be reminded of the “I only own 1 fork, 2 tshirts, a backpack, and a laptop” people.

                                                                                                                                          “I disable HTML, CSS, Javascript and all that bloat … I only browse the internet with Emacs … ALSO … oh my god did I tell you how much RAM this Electron blasphemy uses? … what is wrong with some good old ugly lightweight Tk GUIs? I mostly use tmux over SSH anyways so who needs GUIs right right? Everything is bloated. Everything is unnecessary. Disable everything. And make sure that your stuff gracefully falls back from 2018 to this authentic vintage record player that I feel like using as my alternative web browser today for extra privacy protection.”

                                                                                                                                          I get it. I don’t even particularly disagree with it. But it’s turning into a bit of a meme.

                                                                                                                                          Also for clarity I don’t mean to imply that the author said those things. The post just reminded me of this theme.

                                                                                                                                          1. 5

                                                                                                                                            I get it. I don’t even particularly disagree with it. But it’s turning into a bit of a meme.

                                                                                                                                            It’s to distinguish yourself, as opposed to those that that run Wordpress and use IDEs. And yes, it relates to the minimalism you mention.

                                                                                                                                            (Did I mention my writing space uses pandoc and a couple of lines of shell ?)

                                                                                                                                            1. 1

                                                                                                                                              I tried that, too, but found that pandoc is actually quite difficult to maintain, since it lives in the haskell ecosystem (which isn’t too available on the non-GNU Linux ecosystem)

                                                                                                                                              Im with the markdown/jekyll stack now, i dont think its less bloated, but at least i can outsource the rendering (and therefore having the stuff installed) to github pages.

                                                                                                                                              1. 1

                                                                                                                                                It has a lot of weird issues, like pandoc output not being really stable, so compiling with a newer version of pandoc leads to a lot of churn in the results.

                                                                                                                                                pandoc releases binaries though, and whenever I’m on non-GNU, I just get the installer and install it.

                                                                                                                                            2. 5

                                                                                                                                              I want to add that minimalism can have an nice payout: reduced resource usage. If you use tmux instead of Xorg, w3m instead of firefox, suddenly an 15 year old Laptop is not scrap metal anymore. They cost like 60$ each on eBay, but you can usually get them for free from relatives.

                                                                                                                                              1. 3

                                                                                                                                                I think it’s good to have both extremes, like that everyone can choose something in the middle.
                                                                                                                                                However, 2016 and 2017 have shown that there’s a trend to not take that middle way.

                                                                                                                                                1. 2

                                                                                                                                                  Maybe it gets a meme. There are memes for everything nowadays. There are meme for GUI too, or the GUI was a meme that grew too big to be called a meme, now it is the standard way of computing for most people.

                                                                                                                                                  If bulk can be stripped out of the interfaces (graphical, text, any kind!) it is good, but if it becomes yet another meme… Yes, it kills all the fun.

                                                                                                                                                1. 11

                                                                                                                                                  Sorry, but as we’re on that level already: Is this craptography?

                                                                                                                                                  1. 2

                                                                                                                                                    As used in Craptocurrencies like IOTA across the board!

                                                                                                                                                  1. 30

                                                                                                                                                    I disagree. I find the posts useful since I’m not a regular follower of LKML/OpenBSD’s dev list or other interesting mailing lists grappling with these sorts of issues.

                                                                                                                                                    1. 2

                                                                                                                                                      I have not said that we should not run them as submissions at all, but that I have find the current submission style problematic.