-
For those intrigued by HyperCard, there is a modern day descendant that is able to produce standalone software for macs, windows, linux, iOS and Android called LiveCode. It is a joy to use, specially when you’re just building tools for your personal use, more focused in solving your own problems than building the next unicorn thing. Nothing is faster, IMHO, than dragging and droping a bunch of controls, writing some glue script, and scratching some itch. It can (and is) used to ship real products in all platforms. I think it shines in Desktop cross-platform development and for internal tools, those are my preferred use-cases for it.
-
-
You can actually have it for free. They have an open source GPL version at https://livecode.org/, it is targeted at professional developers but I know a ton of non-developers using it (I used to be a quite active member of their community) and techers in K12 space using it as well so you can still have that feeling of using stacks in HC.
-
-
-
I always use it when I need to transform data for some other stuff I am doing, or to scrape stuff for personal use, or to do some form of batch processing.
A recent example, I was building a little API backend server for a project that is not related to LiveCode, just normal web stuff. It was easier for me to cook up a little stack with buttons, fields and some diagnostics and debug my little server while I was building it than use those generic tools such as insomnia.
Those generic tools are awesome, pretty and powerful, but my own handmade tools, which I create specifically to a given project have the advantage of being tailored to whatever I am building, so they might be ugly but they are my special-purpose tools that help me develop and debug my own projects. There is a lot of developer ergonomics when you can quickly come up with GUI tools to debug whatever you’re doing.
Another example is when I had to do some complex batch renaming of thousand of files. The process involved a little crawler going on disk into the folders, inspecting some configuration files relative to the folders and renaming stuff inside them. I could do this with visual feedback, progress bars, etc…
I am quite bad at design but I am scratching my itches, not selling itch scratchers. My little stacks help me a lot.
-
-
-
-
What the hell, @rain1.
Find something kinder to do with your time.
Bringing other people down while adding nothing to the conversation isn’t something we need here.
-
-
-
WebUSB is a mistake.
And with WASM, we will have even less chance of catching malware that can leverage it.
-
-
What’s the connection to WASM?
-
The dangers of exposing APIs like web USB are compounded with performant and inscrutable blobs run in the browser. Thus, WASM exacerbates these issues.
-
Is WASM more inscrutable than obfuscated JS?
My experience that we suffer far more from the fact that we have no idea when a payload is delivered, since a web server can serve distinct content to every viewer, than we do from the fact that some payloads are difficult to untangle.
-
I’ve seen arguments like this before but never fully understood them. It seems to me like asm.js is just as inscrutable as WASM, but it’s more annoying to work with for a couple reasons:
- It’s fast, but somewhat inconsistently so as compared to WASM
- Large download size
Not to mention all of the minifiers and manglers that exist for conventional JS. Why the WASM hate? It seems more useful to programmers than the alternatives, and we’re already paying the security cost of running untrusted executable code from the internet in browsers today.
-
asm.js is similarly gross, but people appear to be moving to its successor WASM.
Reversing minified and mangled JS is, I submit, a different level of inconvenient from reversing bytecode–especially bytecode that can suddenly leverage other language ecosystems obfuscation tools and technique. Just because they’re different levels of inconvenient doesn’t make one more acceptable than the other.
As for the security cost–look, a lot of attacks and nastiness open themselves up once you can leverage that improved performance. Spectre/Meltdown were directly enabled by better performance primitive for timing and shared array buffers, and yet some people refuse to acknowledge the problems they pose by their very existence.
I’ve griped about this all before, and at this point I’m basically resigned to the idea that fanboys and nerds more excited about performance and shiny and their chance to leave their teeny mark on the web ecosystem than about user security and rights and conservative engineering are probably going to win on this in the end.
:(
-
I get the woes of security on the web — it’s really, really hard to make running untrusted code secure, especially with the “dancing pigs” problem. My point with asm.js, though, was that WASM doesn’t add anything new: before WASM, people were compiling to a fast subset of JavaScript, and that was equally difficult to decompile. And that really puts the problem squarely back in “running untrusted code securely is hard” camp: if you were a browser vendor, what would you do? Any language will have fast paths (and as a vendor you’re also incentivized to make those paths very fast), and if you enforce running only a single language, people can always compile to the set of operations that are fast in that language. WASM is an improvement over the ad-hoc version, at least.
But yeah, definitely get that security on the web is hard :(
-
-
-
-
I can see your fear but it might be unfounded. WASM doesn’t have access to all the Web Platforms API, that is not how it works. The WASM “ISA” is specified, it doesn’t have access to stuff outside it, you might be curious to check the specs at https://webassembly.github.io/spec/
Since the WASM file formats (both the bytecode one and the text one, which is based on S-expressions) are easy to parse, it is not too far-fetched to have static analysers checking the code out.
WASM doesn’t have access to file system or sockets or even the DOM among other limitations. It is basically a faster way to number crunch and/or port existing code written in other languages. All those side-effecty things need to be proxied over through JS and the Web Platform that will ask permissions and sandbox a ton of it.
In my humble option, I am much more confortable executing JS/WASM things on the client-side than trusting arbitraty SaaS backends with my data. I know what the Web Platform has access to and what I allow it to peer with.
I find WebUSB a really nice step forward as it allows WebAuth to provide stronger authentication schemes, which are always a good idea.
-
Thanks for the link. I was wanting to learn more about it. The intro is really good, too. Many desirable properties. I bet it was hard to design trying to balance all of that. Usually, that also means a formal specification might uncover some interesting issues.
-
-
-
Git-ssb is a great proof of the Secure Scuttlebutt community eating its own dogfood. Great Work!
-
-
-
Dogfood has a negative connotation. Is this like a dry joke or a commendation?
-
It’s an industry term at this point
https://en.wikipedia.org/wiki/Eating_your_own_dog_food#Origin_of_the_term
-
right right I just was trying to see if it wasn’t negative because often the term is used disparagingly.
-
-
@voronoipotato and @gerikson, no negative connotation was implied. I used the term as a positive aspect of the ecosystem (which I am a part of). I like when I see communities building their own tools on top of their own tools :-)
-
-
-
-
-
-
Thanks for the write up, ssb-dns looks really nice.
-
They could’ve just build a OpenGL compatibility library on top of Metal right? Apple keeps playing the silo card…
-
-
Some people have a hard time understanding that some programs have a focus, that they want to cause impact in some specific area that they seem important. The important part of having focus is to be able to frame exactly what you want to achieve and with whom you want to achieve it with.
Outreachy is a program that is focused on unlocking agency and empowering under represented groups. Part of being able to do this, is to focus on the group you want to help. Looking at “focus” and perceiving “discrimination” is lacking basic understanding.
You go to a party and gets interested in a specific person and focus your charming efforts at them, you’re not being discriminatory, you have a focus, and objective.
You decide to improve the lives of a fishermans village near where you grow up, but you’re not focused in improving some other village, you’re focused on the fisherman place.
There are many different internship opportunities out there, GSoC, RSoC, etc, just because you’re not a part of their target, doesn’t mean it is discrimination or wrong. I was excluded from 2017 GSoC because I participated more than once already. I don’t think this is discrimination, I understand that they want to focus on “getting new people onboard instead of the same people everytime”. A conference I wanted to go had diversity scolarships which were very generous but I as a white cis middle-class male don’t qualify for them, and guess what, they are right! There are a ton of people who need it more than I do even though I’d love to go there for free.
I am kinda disappointed in the lack of understanding and empathy I see online these days.
-
The author could check Red language, it has a GUI toolkit quite similar to that in its feel.
-
LibertarianLlama
4 months ago
|
link
| on:
Richard Stallman: A radical proposal to keep your personal data safe
I disagree with Stallman here.
If you surrender your data, then you do not have any right over them. If you upload your photos to facebook, then facebook has them.
For public utility, it is fine to restrict the collection and usage of personal data. But for private corporations, the private individuals should be able to decide for themselves if giving a corporation access to your entire search history for wifi access at the coffee shop is worth it.
-
More and more we are getting forced to use services that spy on us. Cash is being phased out for credit cards and mobile payments. I can’t even pay for parking at my uni without installing their mobile app. We need laws to protect us from these companies because they are impossible to 100% avoid.
-
-
-
Not anymore… at least here where I live, Government is composed of people and people will have their own agendas which might not include protecting other people or even obeying the laws they’ve passed. I see government as an instrument of power, some will use this power to help society, others to accumulate wealth at the expense of society.
-
-
That is true but still, you can probably agree with me that when dealing with the real world, the creators intention has very little bearing in whatever usage people do of something. For example: the web was a way to share scientific hypertext and now we’re doing crazy stuff with it, or, tide pods were supposed to be used for laundry… governments, much like many other human creations happened over time, in different places, with different purposes. Monarchy is government but one can argue that historically it was not meant to protect people, dictatorships also work that way. We can say that the “platonic ideal of a pure and honest government” is to protect people but thats just us reasoning after the fact. There are no “letter of intention” about creation of government which all governments across time and space need to follow. What we perceived as “purpose” has very little meaning to what actually happens.
Personally, I find most interesting when things are not used accordingly to the creators intention, this creative appropriation of stuff by inventive users is at the same time what spurs a lot of cool stuff and what dooms us all, we here in Brazil have a moniker for it “Jeitinho Brasileiro” which could be translated as an affectionate version of “the brazilian way”. Everyone here is basically born in a fractal of stuff whose real world usage does not reflect its ideal purpose to the point that it is IMHO what makes us creative and cunning.
-
Monarchy is government but one can argue that historically it was not meant to protect people…
Well, monarchy was actually a simple protection racket. It enabled a significant growth of the agricultural society through stabilization of violent power — no raids, just taxes.
We can say that the “platonic ideal of a pure and honest government” is to protect people…
That’s unreasonable. Establishment of a democratic government is just a consensus seeking strategy of it’s electorate. A move from a simple racket to a rule of law that is a compromise of various interests.
In feudalism, people choose other people to follow. In democracy, people chose policies to enact. Both systems are very rough and fail in various ways, but democracy has evolved because it just makes more people a lot less unhappy than an erratic dictator ever can.
… people will have their own agendas which might not include protecting other people or even obeying the laws they’ve passed…
You seem to be alienated from the political process and perceive your government as something that is not actually yours to establish and control. That’s a very dangerous position for you to take, since government has a monopoly on violence. Of course others won’t take you automatically into consideration. That’s what you do every time you do virtually anything — you never take the full situation into account.
But you just can’t quite ditch the government… otherwise your neighbor might try building a nuclear reactor using whatever he got from the Russians, which is something you (and perhaps a few other neighbors) might be against. Then on the other hand, he might convince a few others that the energy will be worth it… so you meet up, decide on some rules that will need to be followed so as to prevent an armed conflict and in the end, some who originally opposed the project might even join it to ensure it’s safety and everyone will benefit from the produced energy.
-
Friend, lets agree to disagree. What you say do make sense, I am not saying you’re talking bullshit or anything like that, on the contrary, I find your arguments plausible and completely in tune with what I’ve learned at the university buuuuut my own country has been a monarchy, an “empire”, a monarchy again, a republic, a dictatorship, a republic again, an who knows what will happen before 2018 ends.
Our experience, is vastly different than what is explained above. I haven’t said we’re out of the political process, heck, I’ve organized demonstrations, helped parties I was aligned with, entered all the debates I could long ago, I was a manager for a social program, and am married to an investigative journalist. I am no stranger to political processes, but it is a very simplistic approach to say “(…) your government as something that is (…) yours to establish and control”, this sidesteps all the historical process of governments here and how the monopoly of violence is used by the powerful (which might or might not be actual government) with impunity on anyone who tries to pull government into a different path. Couple weeks ago, one of our councilwoman was executed by gunshots to her car (where a friend of mine was as well as she worked for her), killing our rising star politician, and the driver, and forever traumatizing my friend. I have tons of stories about people dying while trying to change things. Talking about the root of feudalism is meaningless to whatever is happening today. Today people die for defending human rights here (and elsewhere).
Academic and philosophical conversations about the nature and contracts of government are awesome but please, don’t think this shit is doable, lots of people here died trying to improve the lifes of others. I don’t know if you’ve ever been to a place like here, those conversations don’t really apply (we still have them though).
-
-
-
-
-
I clicked at your profile with absolute certain that you’d be from Brazil. Now I’m kinda depressed I was right.
-
-
I can feel your pain (and I admire your courage for talking in a public space about the issues you see in your government).
But @Yogthos is right: we should not be afraid of our governments, at least not of democratic ones.
In democracy the government literally exists to serve people. If it doesn’t, it’s not a democracy anymore.
-
@soapdog @yogthos @dz This is an interesting discussion for me (though not appropriate for lobste.rs). Any interest in discussing this together, say over email or something else. I’ve always wanted to discuss this topic of government vs individual corporations but it’s a complex subject and hard to keep devolving into a bar-fight.
-
-
-
-
Why do you believe that is the purpose of governments? Can you imagine a situation where something recognized as a government doesn’t protect it’s citizens in some cases?
Is the government supposed to protect you if you put your hand in a garbage disposal, slip in the shower, or attempt suicide?
-
-
Governments aren’t there to protect you.
They’re definitely there to protect us. However, they’re also their own separate entity. They’re also a group of ambitious, often-lying people with a variety of goals. They can get really off track. That’s why the folks that made the U.S. government warned its people needed to be vigilant about it to keep it in check. Then, its own agents keep the individuals or businesses in check. Each part does its thing with discrepencies corrected by one of the others hopefully quickly. The only part of this equation failing massively is the people who won’t get the scumbags in Congress under control. They keep allowing them to take bribes for laws or work against their own voters. Fixing that would get a lot of rest in line.
We have seen plenty of protection of individuals by laws, regulations, and courts, though. Especially whenever safety is involved. In coding, the segment with highest-quality software on average right now is probably group certifying to DO-178B for use in airplanes since it mandates lots of activities that reduce defects. They do it or they can’t sell it. The private sector’s solution to same problem was almost always to lie about safety while reducing liability with EULA’s or good legal teams. They didn’t produce a single, secure product until regulations showed up in Defense sector. For databases, that wasn’t until the 1990’s with just a few products priced exhorbitantly out of greed. Clearly, we need a mix of private and public action to solve some problems in the marketplace.
-
Governments shouldn’t impose speed limits, people should just drive at reasonably safe speeds.
Just because a particular behaviour might be most beneficial to a person, does not mean they will do it. Because consumers’ behaviour has not changed (and will not), this type of surveillance has proliferated to the point it’s nearly impossible to escape, even for the most dedicated privacy advocate.
-
Funny you should mention that…the setting of speed limits to drive revenue irrespective of actual engineering and human factors is pretty well documented at this point.
-
-
-
-
For public utility, it is fine to restrict the collection and usage of personal data. But for private corporations, the private individuals should be able to decide for themselves if giving a corporation access to your entire search history for wifi access at the coffee shop is worth it.
But that’s precisely what fails when dealing with Facebook et al, isn’t it?
No matter how assiduously you or I might refuse to sign up for Facebook and its ilk, block their tracking scripts, refuse to upload our photos, our text messages, our data – other people sign up for these things, and give these services permission to index their photos and text message logs etc, and Facebook builds a comprehensive shadow profile of you and I anyways.
There is no avoiding or opting out of this short of opting out of all human contact, at this point, and the “simple”-sounding solution of “let every individual decide for themselves!” completely fails to engage with the collective consequences that everyone is losing privacy regardless of what decision they make individually.
When your solution doesn’t engage with reality, it’s not useful.
-
But for private corporations, the private individuals should be able to decide for themselves if giving a corporation access
This will be true when everybody will be able to program and administrate a networking system.
That’s the only way people can understand what they are giving and for what.
Till then, you must protect them from people who use their ignorance against them.
-
You can’t protect people from their own ignorance, long-term, except by education.
-
-
The technology we use today is too complicated to understand all of it.
The entire field of engineering is predicated on being able to do things without understanding how they work. Ditto beer brewing, baking, cooking, and so forth.
That’s why generally everything needs to be safe by default.
Bathtubs are not safe by default. Kitchen knives are not safe by default. Fire is not safe by default. Even childbirth isn’t safe by default, and you’d think that would’ve been solved generations ago by evolution.
No citizen can foresee the effects of all their actions.
Then why would we trust policies enacted by a handful of citizens deemed able to create laws any more than individual citizens making their own decisions? That’s a far riskier proposition.
~
We can’t make the world safe for people that won’t learn how to be safe, and efforts to do so harm and inhibit everybody else.
-
The entire field of engineering is predicated on being able to do things without understanding how they work. Ditto beer brewing, baking, cooking, and so forth. … You can’t protect people from their own ignorance, long-term, except by education.
Try buying an oven that will spontaneously catch fire just by being on. It’s going to be complicated, because there are mandatory standards. And it’s a good thing they are this reliable, right? Leaves us time to concentrate on our work.
Then why would we trust policies enacted by a handful of citizens deemed able to create laws any more than individual citizens making their own decisions? That’s a far riskier proposition.
Because a lot of shouting from many sides went into the discussions before the laws were enacted. Much like you discuss your network infrastructure policies with your colleagues instead of just rewiring the DC as you see fit every once in a while.
-
The entire field of engineering is predicated on being able to do things without understanding how they work. Ditto beer brewing, baking, cooking, and so forth.
No.
Engineering is about finding solutions by using every bit of knowledge available.
Ignorance is an enemy to fight or work around, but for sure it’s not something to embrace!
That’s why generally everything needs to be safe by default.
Bathtubs are not safe by default. Kitchen knives are not safe by default. Fire is not safe by default. Even childbirth isn’t safe by default, and you’d think that would’ve been solved generations ago by evolution.
I agree that we should work to make programming a common knowledge, like reading and writing so that everyone can build his computing environment as she like.
And to those who say it’s impossible I’m used to object that they can read, write and count just because someone else, centuries before, said “no, it’s possible to spread this knowledge and we have the moral duty do spread it”.
But all your example are wrong.
They are ancient technologies and techniques that are way simpler than programming: humans have learnt to master them and teach each generation how to do so.
We have to protect people.
The states and laws can help, but the first shield of the people against the abusive use of technology are hackers.
We must spread our knowledge and ethics, not exploit the ignorance of others for a profit.
-
-
-
-
-
-
Isn’t this just a frustration with the fact that so many packages depend on so many packages? Because the same rogue actor stuff would apply to any tree dependency self-published system. See your local Gemfile. Do you really know what’s being installed?
So what’s the proposed fix? Stop depending on so many packages?
Perhaps there should be a line drawn for the major packages, to use less of these tiny modules.
But this is also part of the beauty of single responsibility packages. Composing extremely simple parts is all we really need, right?
Think about all of the tiny programs you run on your Unix machine of choice. Perhaps those are also at fault for the “too small to be worth it” sin.
Again, where do we draw lines?
-
The elm package manager will refuse to publish a package that violates semantic versioning. So if you’re a malicious actor, changing the API of some package for nefarious purposes, you’d be doing a bit of a hard job because since functions can’t change their signatures without you bumping the major version and since most elm-packages.json files will not update major versions automatically, it becomes harder to ship evil code. Also, a simple elm-package diff command would tell you what changed between versions, making it easier for you to audit the code. There is a lot of beauty in it. It is not evil proof, but it makes it a bit harder.
-
I wonder if you can push this to an extreme, where each public function is independently versioned. Then you could upgrade to a new version even if there are breaking changes, as long as they’re not in any part of the API you use. I’m not sure if it would be useful but its a fascinating idea.
-
-
-
I just took a look at the Gemfile for one of my websites and there are a lot of gems but ~80% come from the rails team and most of the rest are trusty sources like amazon. This is not even close to as bad as when I created a blank Vue project that already had thousands of packages many about 3 lines long.
-
Good heuristic. Still possible to see bad stuff come down the pipe, but perhaps not as common just by way of community.
Could we imagine the same thing happening, though, in a parallel universe? I think so.
Then again, standard libs for Ruby do a lot of the small stuff for you. Even/odd come to mind.
-
Ruby seems to have lots of mega libs that do big tasks but JS devs seem to have taken the path of making a new package for every function. I do wonder how often JS devs add 2 packages that do the same thing because they forgot about the last one. The result is also that questions online about ruby often tell you to use methods built in to ruby or ActiveSupport where as JS questions either get you to build it yourself or use jquery.
-
In defense of ActiveSupport, you can include individual pieces of it at whatever granularity you like, and the documentation explicitly calls this out to you at the very beginning.
Even in projects that are not web-related, I sometimes bring ActiveSupport along but will onlyrequire 'active_support/core_ext'and add things later if I need them as the project grows (often things liketime_with_zoneornumber_helper).I think that it’s a good way to balance “provides a lot of stuff” and “forces you to use all of its stuff”. I want to complain that the rest of Rails’ sub-projects don’t provide the level of utility when included gradually, but I also appreciate that that is the whole bargain: Rails’ perceived productivity boosts are derived from a tight coupling that pays dividends, you as long as you go with the Rails Way.
Edit/Afterthought: Over the years, some of the better Ruby libs to hit this balance of providing a lot but allowing for gradual or clean interop (with other libs, or with your application code) have been those authored or worked on by Piotr Solnica.
-
-
-
-
What I do in my Python work is generally be willing to depend on large, tested projects with well established, thriving communities that have a good history of responding to security incidents. These packages usually do not depend on other packages or when they do, on well established ones (e.g. requests library).
I might include other, less known packages, if I intend to use most of their functionality and if it is not easy to replicate on my own. Otherwise I write my own version or copy with attribution and license only the relevant parts.
This is not perfect, but gives me some confidence that things will be fine.
It is also an approach that completely breaks down in my Javascript/Typescript work because of so many packages being pulled in and everything seemingly depending on everything else (yes, I am exaggerating).
-
The problem already starts with licenses. For many apps for example you’ll have to list the licenses of all used libraries, and the libraries, including all transitive dependencies in the UI.
For my Android app that’s a few dozen overall, and it took only a few hours to do this. For even the smallest Angular project, this is insanity.
So if you want compliance, you’ll need to throw the entire ecosystem out right now. Or you just violate the licenses. Often even projects such as angular have dependencies that have no license.
-
-
-
don’t know why this is here. Brick was an experiment during Firefox OS era, that is like four years ago. It haven’t been worked on or changed as far as I know.
It was a cool idea and project but it is not something that is news…
-
-
Looks like you’re right, last commit was in 2014. Weird that they didn’t update the landing page to state that it’s no longer in development.
-
-
sspiff
edited
5 months ago
|
link
| on:
LG open sources webOS to foster startup scene in South Korea
Wasn’t webOS open-sourced by HP when they acquired it from Palm and subsequently gave up on the whole thing?
So what does this even mean? Were further developments by LG closed-source?
It seems like they have a board-support package (BSP) for Raspberry Pi 3, which is very nice.
-
When HP released the source, it was not the full system but parts of it. More like a kit where you needed to build the missing parts. This new release has a lot of new stuff in it and you can actually run it.
There is a new framework for it which is not EnyoJS anymore but looks quite great, it is React based, called EnactJS:
Some highlights of the new system:
- QT and QML for native stuff
- services using NodeJS
- Chromium-based runtime for apps
-
-
I am new here but I’ve always enjoyed these “What are you working on this week?” and have discovered many cool things from the previous posts, so thanks everyone.
Recently I got a patch into Firefox that added some decentralization custom protocol schemas to the webextension whitelist. With that ready, I started working on a Secure Scuttlebutt client as a Firefox Add-on built with WebExtensions API. I recently got a grant to develop that and am maintaining a developer diary on Scuttlebutt itself but you can view it on the web too.
-
I wish the browser wars meant we got some more variety rather than more of the same. We are getting boxed in between two vendors (three if you count webkit/safari).
While I understand everyone wants their browser to be snappy, and speed perception drives user adoption, I have other priorities.
- I’d like the browser to help me with usability using larger fonts or disable some effects (gradients and low contrast are the new blink).
- Videos sometimes dont play at all, or have choppy sound. But the native video players in my system can play the same stream just fine. Why can’t I just outsource playback to the OS?
- input handling in the browser always defers to the web page. Sometimes I just want to scroll the page or paste on an input field - but the webpage defined some bindings that prevent me from doing it. I tried to hack around this with some webkitgtk code, but even then I was not 100% successful (lets face it I want normal mode in my browser)
I’m savvy enough to have a long list of hacks to do some of this stuff. But it seems to be getting harder to do it. I consider Firefox to be the most configurable of the two, but each release breaks something or adds some annoyance that breaks something else. Currently I’m seriously pondering switching from firefox to chromium because alsa does not work with the new sandbox.
The wide scope of browser APIs means they are more like full operating systems than single applications. In fact I think my laptop lacks the disk/ram to build chrome from source. Webkit is likely the most hackable of the bunch, but then again I have no experience with CEF. It seems likely that the major browsers will continue to converge until they become more or less the same, unless some other player steps up.
-
Firefox is introducing support for decentralized protocols in FF 59. The white-listed protocols are:
- Dat Project (dat://)
- IPFS (dweb:// ipfs:// ipns://)
- Secure Scuttlebutt (ssb://)
I think that’s moving things in an interesting direction as opposed to doing more of the same.
-
Hey! I made that patch! :-D
so basically the explanation is simple. There is a whitelist of protocols you can have your WebExtension take over.
If the protocol you want to control is not on that whitelist such as an hypothetical “catgifs:” protocol, you need to prefix it like: “web+catgifs” or “ext+catgifs” depending if it will be used from the Add-on or by redirection to another Web page. This makes it inconvenient to use with lots of decentralization protocols because in many other clients we are already using urls such as “ssb:” and “dat:” (eg, check out beaker browser). In essence this allows us to implement many new cool decentralization features as add-ons now that we can take over protocols, so, you could be in Firefox browsing the normal web and suddenly see a “dat:” link, normally you’d need to switch clients to a dat enabled app, now, you can have an add-on display that content in the current user-agent you’re using.
Still, there is another feature that we need before we can start really implementing decentralization protocols as pure WebExtensions, we need both TCP and UDP APIs like we had in Firefox OS (as an example, Scuttlebutt uses UDP to find peers in LAN and its own muxrpc TCP protocol to exchange data, DAT also uses UDP/TCP instead of HTTP).
I have been building little experiments in Firefox for interfacing with Scuttlebutt which can be seen at:
https://viewer.scuttlebot.io/%25csKtp9VmxTjJoKy17O7GA6%2F3S8…
https://viewer.scuttlebot.io/%25uBev5w8m8iZGVbQDo9fpr%2BCXLB…
I hope to start a conversation in the add-ons list about TCP and UDP APIs for WebExtensions soon :-)
-
-
I am interested in personal opinions about CHICKEN vs Racket. I want to get into one of them but I am not sure which one. I am looking at them from the point of view.of someone who likes developing web and apps. Can anyone share some of their experiences with me?
Caveat: I’m a CHICKEN user.
Racket is a kitchen-sink/batteries-included kind of Scheme that compiles to bytecode that runs in a virtual machine. It’s got the largest Scheme community and ecosystem by far. It seems to excel in GUI in particular. It also has its own varieties like Typed Racket and Lazy Racket, which are quite neat. (You could argue that Racket is a separate dialect of Scheme at this point, as it doesn’t exactly follow the RnRS.)
CHICKEN is a much more minimal Scheme dialect that compiles to C. It’s fast and portable, and the compiled applications are very easy to deploy elsewhere, given you bundle libchicken.so with the executable (or statically link it). It has a very clean C FFI. It implements most of R5RS with growing R7RS support.
Honestly, if you like developing web apps, I’d personally recommend Racket since it has a sizable and mature codebase for web dev, mostly using a sublanguage called Insta.
On top of other comment, Racket has advantage of How to Design Programs written for it.
What does this mean?
The book How to Design Programs is written by Racket authors and uses Racket throughout.
Ooh, thanks for the context! :)