1. 2

    Location: Portland, OR, USA | Remote

    Type of Work: Software Engineer

    Hours: Full Time, Contract

    Contact: PM or stephen.judkins@gmail.com

    Description: I’ve spent the last four years writing mostly Scala but have broad experience in the software industry, and am willing to work with all sorts of technologies. I have written front-end code in the past. I’m currently running a small team that focuses on developer ergonomics, build tooling, large-scale refactoring, and support of other developers, but have led teams that have worked with non-technical stakeholders and delivered features. I value clear, robust, reliable, and efficient code. I understand and am comfortable dealing with cryptography-related code. I am familiar with performance-sensitive networking and could be valuable in that context.

    1. 4

      C: 0.73 new features per year, measured by the number of bullet points in the C11 article on Wikipedia which summarizes the changes from C99, adjusted to account for the fact that C18 introduced no new features.

      adjusted to account for the fact that C18 introduced no new features.

      And that is why I love C. Yes, it has its problems (of which there are many), but it’s a much smaller, bounded set of problems. The devil I know. Many other languages are so large, I couldn’t even know all of the devils if I tried.

      1. 25

        The devil I know

        if the devil you know is an omnipotent being of unlimited power that generations of warriors have tried to fight and never succeeded because it’s just too powerful, then I would argue that it might be worth trying to chose a different evil to fight.

        Even in 2019 70% of security vulnerabilities are caused by memory-safety issues that would just not happen if the world wasn’t running on languages without memory-safety.

        1. 1

          I don’t think being memory safe is enough for a programming language to be a good C replacement.

          1. 18

            No. It’s not enough. But IMHO it’s required.

            1. 4

              … a requirement that C, incidentally, does not fulfil. Now that memory-safe low-level languages have swum into our ken, C is no longer a good C replacement. ;-)


              Edited to add a wink. I meant this no more seriously than pub talk – though I believe it has a kernel of truth, I phrased it that way mainly because it was fun to phrase it that way. There are many good reasons to use C, and and I also appreciate those. (And acknowledge that the joke does not acknowledge them.)

              1. 3

                that is my point.

                1. 2

                  Hi, sorry, I spent a lot of time on my edit – everything below the line plus the smiley above it wasn’t there when you replied. Sorry to readers for making this look confusing.

                  It is indeed your point, and I agree with it.

            2. 6

              Nobody is arguing that it’s sufficient, but it is necessary.

              If I were to develop a new language today, a language that was as unsafe as C but had lots of shiny new features like ADTs and a nice package manager and stuff, I’d never get traction. It would be ridiculous.

              1. 1

                I don’t know. PHP and C are still pretty popular. You just target those markets with selective enhancements of a language that fits their style closely. ;)

            3. 1

              Doesn’t web assembly allow unchanged C to be memory safe?

              1. 2

                Sort of, but not really. Unmanaged C isn’t allowed to escape the sandbox it’s assigned but there is still plenty of opportunities for undefined behavior. Process-level isolation in OSes provide similar guarantees. In the context of WebAssembly, even if the TLS stack were segregated into its own module it would do nothing to mitigate a Heartbleed-style vulnerability.

                1. 2

                  There are other environments where the C standard is vague enough to allow for C to compile to a managed and safe environment. As the local AS/400 expert, C there compiles to managed bytecode, which is then compiled again by a trusted translator.

                  1. 1

                    I try to keep up with folks’ skills in case opportunities arise. Do you know both AS/400 and z/OS? Or just AS/400?

                    Also interested in you elaborating on it making C safer.

                    1. 3

                      No, z is a separate thing I don’t know much about.

                      Because C on AS/400 (or i, whatever IBM marketing calls it this week) is managed code, it does things like checking the validity of pointers to prevent things like buffer overflows. It does that by injecting hardware-enforced tagging. To prevent you from cheating it, the trusted translator is the only program allowed to generate native code. (AIX programs in the syscall emulator, however, can generate native code, but are then subject to normal Unix process boundaries and a kernel very paranoid about code running in a sandbox.) The tags are also used as capabilities to objects in the same address space, which it uses in place of a traditional filesystem.

                      1. 1

                        Thanks. That makes sense except for one thing: hardware-enforced tagging. I thought System/38’s hardware enforcement was taken out with things just type- or runtime-checked or something at firmware/software level. That’s at least how some folks were talking. Do you have any references that show what hardware checking the current systems use?

                        1. 1

                          No, tags and capabilities are still there, contrary to rumours otherwise.

                          The tagging apparatus on modern systems are undocumented and as a result I know little about them, but it’s definitely in the CPU, from what I’ve heard.

                          1. 1

                            Ok. So, I guess I gotta press POWER CPU experts at some point to figure it out or just look at the ISA references. Least I know there wasn’t something obvious I overlooked.

                            EDIT: Just downloaded and searched the POWER ISA 3 PDF for capabilities and pointer to see what showed up. Nothing about this. They’re either wrong or it’s undocumented as they told you. If it’s still there, that’s a solid reason for building critical services on top of IBM i’s even if commodity stuff had same reliability. Security be higher. Still gotta harden them, of course.

              2. 1

                Sort of. It had a much larger set of problems than safe, system languages that compete with it. There’s less to know with them unless you choose to dance with the devil in a specific module. Some were more productive with faster debugging, too. So, it seems like C programmers force themselves to know and do more unnecessarily at least on language level.

                Now, pragmatically, the ecosystem is so large and mature that using or at least outputing C might make sense in a lot of projects.

              1. 2

                Neat! Any idea what’s happening for HTTP/3 & QUIC?

                1. 2

                  The RFC describes how WebSocket frames are to be encapsulated in HTTP/2 frames, but does not specify how HTTP/2 frames are represented or transmitted. So I assume any HTTP/2 implementation support WebSockets will continue to support WebSockets when adding HTTP/3 or QUIC support. I would wager that most major HTTP/3 implementations will support both WebSockets and QUIC.

                  1. 1

                    Sorry, I’ve no extra insight.

                  1. 2

                    On the HN version, syrusakbary chimed in to add they were working on something similar with a focus on maintainability. They also got Ngnix running. Reposting here in case any wasm fans find it interesting.

                    1. 3

                      Their claims seem to be exaggerated. They don’t have fork() or sigaction() working, it’s not a very useful server without them. Wasmjit is also focused on maintainability, I’m not sure what they mean by that.

                      1. 1

                        Wasmjit: it promised something similar to our goals, but after digging and trying to contribute to it we realized that all the architecture-specific instructions were hardcoded into the runtime itself. This meant a very steep process to implement WebAssembly instructions, and a considerable effort when reaching other architectures (basically the same effort as creating an IR engine like LLVM by hand). And sadly, the library didn’t have either a single test.

                        Seems pretty clear-cut to me, though I can’t comment on its veracity.

                        1. 2

                          I was referring to their claims on “creating the first WebAssembly runtime able to run Nginx” which is exaggerated since they haven’t implemented a whole slew of critical functionality.

                      2. 3

                        They also posted something today about it and a quick comparaison to the other project including wasmjit: https://medium.com/@syrusakbary/running-nginx-with-webassembly-6353c02c08ac

                      1. -4

                        The upgrade from TCP to QUIC

                        For a guy that says he knows protocols he certainly doesn’t know the OSI layers

                        1. 10

                          Are you sure about this? He specifically talks about moving off TCP to a layer 4+5 solution, UDP headers with QUIC inside.

                          1. 0

                            I’m very sure. He keeps conflating TCP with QUIC which are not at the same layers

                            1. 13

                              But they are. Ask yourself, what does a connection mean in networking context? Previously it was almost always a tcp connection as that’s what tcp does. Now it can be a non-tcp QUIC connection that does it’s own connection handling logic, multiplexing, in-order delivery, etc. That’s the whole point of QUIC-as-the-transport-layer thing at all.

                              People suggested to split QUIC-the-transport layer from HTTP/2 and this is essentially what happened. It’s a transport layer level thing with built-in TLS that can handle arbitrary application protocols on top of it, not just HTTP.

                              1. 5

                                They are at the same layer. I suppose one could imagine a QUIC connection as having two transport protocols (UDP and QUIC) but I just think of it as one most of the time. The reason UDP is there is just because it wouldn’t work over the internet any other way, but you could run QUIC on top of IP if you wanted.

                                1. 1

                                  You certainly could, but it would never work on the real internet because of middleboxes that will only pass TCP and UDP. This is also what is stifling SCTP adoption.

                                  The transport protocol is UDP not QUIC, so it would be good to end the ambiguity when discussing QUIC.

                                  1. 2

                                    There’s no reason why it couldn’t work one day even though it doesn’t work now. QUIC is a transport protocol. It provides all the features of a transport protocol. What do you call SCTP-over-UDP then? Just UDP?

                                    1. 1

                                      SCTP isn’t over UDP. I’m not aware of any implementation in the wild that attempts this. SCTP has its own implementation in OS kernels (Linux, FreeBSD) beside TCP and UDP. It’s not “over UDP”. But middlebox firewalls / shaping devices tend to drop any traffic that is not ICMP, TCP, UDP, or IPSEC which is why SCTP has never gained traction even though it is a superior protocol for many situations especially mobiles where seamless connection roaming between cellular and WiFi would be very much welcomed. Instead we have to live with “some services on iOS devices, for example, use MPTCP which is only supported by Apple services like Siri because very few servers on the internet have MPTCP support in their kernels”.

                                      edit: I’m not an expert on SCTP, but I’ve certainly never heard of it being used over UDP. Would be curious to learn more if you’ve got a source.

                                      edit2: correct acronym for Multipath TCP is MPTCP

                                      1. 3

                                        RFC 6951.

                                        1. 0

                                          Interesting. Is anyone actually using this in the wild or is it just a dead RFC?

                                          1. 3

                                            It’s implemented by the FreeBSD SCTP stack.

                                            1. 0

                                              Yeah, but is anyone actually using it? :) I know dteske was disappointed at all of the missing/broken dtrace hooks for SCTP in FreeBSD

                                              1. 8

                                                I don’t think that was the original argument. You claimed QUIC is not a transport protocol because it sits on top of UDP, but that’s just a consequence of how the internet works. I showed you how SCTP tried to work around the problems around NATs by doing exactly the same: transmitting packets over UDP.

                                                1. 4

                                                  Yes. WebRTC uses SCTP over UDP for its data streams. Google Hangouts, Facebook chat, and Discord all use WebRTC. So a non-trivial portion of internet traffic actually uses it. Further, in this usage it’s implemented with a user-mode library, just like QUIC currently is.

                                                  1. 1

                                                    Excellent, thanks for this info!

                                          2. 1

                                            And had Google said “your web site ranking will drop if we can’t reach your site via SCTP” then you can bet all those middle boxes would be patched, updated or replaced immediately!

                                            1. 4

                                              That only fixes web sites that care about their Google ranking. It doesn’t fix the middle boxes that sit in front of web browsers on corporate intranets and public wifi hotspots, because there’s no website to penalize. It also doesn’t do anything about the deep web sites that aren’t crawled by Google anyway, because you have to log into them.

                                              I strongly suspect that most of the middle boxes in question are being deployed on those things.

                                              1. 4

                                                Those middle boxes are affecting the clients not the servers. Nobody’s going to upgrade their corporate SSL proxy for QUIC if the fallback to HTTP/1.1 is still working fine.

                                1. 7

                                  This is the wrong question to ask. WebAssembly can’t be slower or faster than Javascript; different implementations of WebAssembly or JavaScript runtimes can be slower or faster than each other. Javascript runtimes saw enormous improvements in performance over a period where the language saw relatively little change. It’s very likely that the relative performance of future runtimes could change a lot; WebAssembly is much newer than Javascript and as far as I know doesn’t even have any JITs, but it’s also possible that potential performance gains are smaller there.

                                  It’s true that it there might be some fundamental challenges that make implementing a fast interpreter or compiler relatively more difficult. Garbage collection poses challenges for some workloads that want to be “fast” or at least pause-free, so WebAssembly is attractive to many developers for that reason. I’m sure there exists at least some optimization opportunities for higher-level javascript that don’t exist in WebAssembly. But none of these points–which are vastly more nuanced than “X is faster than Y”–are addressed here.

                                  Further, there’s no mention of the exact toolchain used here. My understanding from dabbling in Rust targeting WebAssembly that changes in compiler versions, settings, and optimization tools can make enormous differences in both speed and compiled size; I know some people are reporting much better results from using the direct wasm32-unknown-unknown target instead of using emscripten, which this benchmark is likely to use.

                                  1. 2

                                    A secondary market for concert/event tickets could bypass the pretty extortionary and abusive middlemen that currently dominate that market. Of course that depends on: a stable value-coin; participation of event promoters; dramatically increased scalability, reliability, efficiency and usability of blockchain and off-chain tools.

                                    I think anything like this, that depends on allocating scarce intangible assets, presents a compelling use case. But all this is contingent on dramatic improvements in technology. Right now there are some really interesting things going on in the Ethereum world involving consensus, sharding, and scalability that, if promises are lived up to, might get us closer to where we’d need to be. As far as I can tell most people involved in other cryptocurrencies space are unhealthily fixated on asset prices and speculation, probably to the detriment of making meaningful progress into building these things into useful tools.

                                    1. 3

                                      I kind of agree, but a “stable value-coin” is a “trusted third party”, I think.

                                      1. 5

                                        Yes. This is an absolutely unavoidable point that people need to accept and not try to find a clever technical solution for, because none exists! The US dollar is useful to people largely because the federal reserve has a staff that produces and considers numerous reports of real-world consumer prices and adjusts policy to keep them changing at a modest and predictable rate. There is no way a fixed set of rules in a blockchain can achieve this: we are intractable bound to these real-world institutions if we want the stable prices average citizens will demand. Cryptocurrency enthusiasts very slowly re-learning–or refusing to learn–these basic tenets of monetary policy is frustrating.

                                        Given this, I feel that being able to trust arbitrary counterparties for a some variety of transactions could still be a very useful tool in the future.

                                        1. 3

                                          I think for at least the early ones it was less ignorance of monetary policy, and more a fundamental philosophical disagreement.

                                      2. 1

                                        Can’t they just sell it centralized online with a limit for each registered customer? Could even bootstrap it at one event by giving customers cards with unique codes on them for use with an app and/or web site. They get them with instructions when they come in. That establishes the unique ID’s that are used to buy tickets for future events.

                                        Whatever is left of the problem should be minimal. If each supplier does this, third parties will show up selling them a solution trying to grab the market. It will get cheaper for those selling tickets.

                                      1. 4

                                        This is a very interesting project I’m excited to follow as it develops.

                                        I’d love to know more, however, on how IPC is implemented such that the performance penalty doesn’t make this prohibitively slow versus monolithic kernels. I know that syscalls in Linux, for example, require context switches that are very expensive relative to a lot of operations. I’ve done some fruitful optimizations that involve simply minimizing the number of syscalls. But the design of Fuchsia implies a much higher number of inter-process context switches. By reading the design docs, it appears sending a message across a TCP connection over wifi could require messages to be sent over several isolated processes (netstack, ethernet driver, WLAN MLME driver, softmac driver). In Linux this would be a single syscall.

                                        I won’t naively assume that syscalls are inherently expensive, and I assume Fuchsia’s syscalls are much cheaper than Linux’s. But is this quantified yet? If Fuchsia’s are much cheaper, what are the architectural and implement decisions that were made to take it true? How does Fuchsia differ from Linux in this respect?

                                        1. 15

                                          It appears that this release will run arbitrary JVM bytecode using the system JDK, if included in a Blu-Ray ISO: git.videolan.org As far as I can tell, it uses a SecurityManager to attempt to sandbox. Here’s a summary of the efficacy of this approach: https://tersesystems.com/blog/2015/12/29/sandbox-experiment/

                                          I don’t see any information on even a cursory security audit of this component. Is this alarming to anyone else?

                                          1. 5

                                            Is this alarming to anyone else?

                                            They put Java into some standard for Blu-Ray. A lot of places and things were using it thanks to the big, marketing push back in the day. Then, to use that or part of it you need to run Java. As usual with Java, using it is a security risk. This kind of thing happening in tech or standards designed by big companies for reasons other than security is so common that it doesn’t even alarm me anymore. I just assume some shit will happen if it involved codecs or interactive applications.

                                            Old, best practice is to run the Internet apps and untrustworthy apps on dedicated box. Netbooks got pretty good. Substitute VM if trading for cost/convenience. Mandatory access control next with low assurance. You’re totally toast next.

                                            1. 5

                                              Like @nickpsecurity said, it is used in lot of places so not including it is same as raising middlefinger to your users (they cannot watch their expensive discs) and they go and use some other application, which probably is even less secured. We really cannot make ordinary users stop wanting to use their goods because now we know that they are insecure. Having secure system does not matter if no one uses it.

                                            1. 5

                                              Li Haoyi has a fantastic piece that’s simultaneously best explanation of how Scala’s de facto official build tool SBT works and also a great description of its fundamental problems: http://www.lihaoyi.com/post/SowhatswrongwithSBT.html

                                              I share most of his frustrations, both about the fundamental design issues and the incidental issues the plague users. However, I think most build systems are pretty dreadful. The only one I’ve used that I’ve been really enthusiastic about is Nix, but it still has many incidental issues that should be addressed.

                                              In general, I think any build tool that thinks of things in terms of a mutable directory full of files that need to be poked and prodded with tools in the correct order is not the way, fundamentally, we should be thinking about things. Thinking of things in terms of a chain of pure functions could make these things conceptually simpler, faster, and more reliable.

                                                1. 3

                                                  Quasar implements continuations by rewriting JVM bytecode. The goal here appears to be to implement similar functionality at a lower level and let existing JVM bytecode transparently access it. It’s not entirely clear from this proposal how different the implementation will be, however.

                                                1. 39

                                                  This is a misleading headline. Twitter has announced they are implementing a separate, explicitly experimental compiler from scratch. I don’t think it’s fair to characterize this as a fork.

                                                  1. 7

                                                    Even more: this compiler will not support all of Scala features (they don’t know yet which features will be dropped from support).

                                                    1. 1

                                                      Which is basically forking it, since it’s going to have it’s own set of features that are a subset of Scala.

                                                  1. 9

                                                    Idris looks really well designed, and I think these improvements are actually quite significant. Strictness by default is a game-changer for me; apparently the records and monads are more convenient to use (and there are effects, too? Not sure how experimental they are). If Idris was self-hosted, produced good static binaries with performance comparable to OCaml, and had a package manager I would definitely give it a serious try.

                                                    1. 6

                                                      Idris also has a quite buggy implementation at the moment, but like everything else you mentioned, it is a solvable problem. I think it’s a contender for a widely used industrial language in the future. Though at the moment it’s mainly used by people with pretty sophisticated FP knowledge, I think its dependent types and effect system may ultimately become something that’s easier for newcomers to understand than a lot of Haskell is.

                                                      1. 7

                                                        They are pretty unapologetic about 1.0 not being industry-grade, and it is not quite the goal of the language:

                                                        Will version 1.0 be “Production Ready”?

                                                        Idris remains primarily a research tool, with the goals of exploring the possibilities of software development with dependent types, and particularly aiming to make theorem proving and verification techniques accessible to software developers in general. We’re not an Apple or a Google or [insert large software company here] so we can’t commit to supporting the language in the long term, or make any guarantees about the quality of the implementation. There’s certainly still plenty of things we’d like to do to make it better.

                                                        All that said, if you’re willing to get your hands dirty, or have any resources which you think can help us, please do get in touch!

                                                        They do give guarantees for 1.0:

                                                        Mostly, what we mean by calling a release “1.0” is that there are large parts of the language and libraries that we now consider stable, and we promise not to change them without also changing the version number appropriately. In particular, if you have a program which compiles with Idris 1.0 and its Prelude and Base libraries, you should also expect it to compile with any version 1.x. (Assuming you aren’t relying on the behaviour of a bug, at least :))

                                                        Don’t get me wrong, I believe Idris is a great language precisely because of that: they want to be primarily a research language, but provide a solid base for research happening on top of their core. They have a small team and use those resources well for one aspect of the language usage. I would highly recommend having a look at it and working with it, this is just something to be aware of.

                                                        from https://www.idris-lang.org/towards-version-1-0/

                                                        1. 5

                                                          Haskell is great because it’s where a lot of these ideas were tested and figured out. But it also has the cruft of legacy mistakes. Haskell can’t get rid of them now, but other languages can certainly learn from them.

                                                      1. 2

                                                        Example 2 will not compile with the options -Xlint -Xfatal-warnings, which I recommend everyone use. We have a quite large codebase, and it hasn’t been arduous to keep these settings on. Failed exhaustiveness checks are sadly only usually a warning, so I highly recommend people keep this setting turned on.

                                                        Both wartremover [https://github.com/wartremover/wartremover] and scapegoat [https://github.com/sksamuel/scapegoat] can prevent example 1, by preventing Serializable (or Product or AnyRef) from being inferred. I understand that “use a third-party linter” isn’t the answer a lot of people want, but it’s quite easy to set up and integrate into an SBT workflow.

                                                        As far as the other problems, they are all syntax-related, and I grant Scala has some annoying ambiguities there.

                                                        1. 1

                                                          So this is where I get confused. What the license seems to be saying is that if I engage Facebook in litigation over some kind of patent of theirs, the license that they are granting me (to use the software freely, etc.) is revoked. If that happens, then what? Would it then be technically illegal to use React? If so, under what law – copyright law? Is this really enforceable?

                                                          What I’m really getting at is, is RMS being a hard-ass and this is actually pretty typical, or is Facebook being sly and hiding restrictions in their software that don’t need to be there?

                                                          1. 3

                                                            Yes, the license is enforced under copyright law. It’s the same mechanism the GNU license uses to enforce its restriction that you must distribute source code with your binary. If you don’t fulfill the requirements of the license, then you don’t have a license to use the code any more.

                                                            What the “first generation” of open source licenses doesn’t deal with is patent rights. Which means you can end up with a license to copy the code but not a license to use the code. Various attempts have been made to address that, including this FB language.

                                                            Whether and how all this enforceable is the eternal question of all open source licenses, and indeed all licenses. :)

                                                            1. 2

                                                              No. The patent grant is an additional grant of rights to React users, above and beyond the BSD license. The patent grant may be revoked if you sue (or countersue) Facebook, but the original BSD license cannot be revoked.

                                                            1. 3

                                                              IANAL, but consider if FB hadn’t created and distributed the patent grant file. My guess is we would probably be worse off. But creating it draws attention to something normally invisible, because I don’t think any software license automatically protects you from patent litigation.

                                                              1. 20

                                                                Also not a lawyer, but Apache 2.0 explicitly mentions patents. As I understand it, it says that you have an automatic grant to all relevant patents owned by all contributors, but if you claim one of your patents is infringed by people using the software, you lose your licence to the software.

                                                                Compare to the React licence, which says you lose your licence to the software if you sue Facebook over any patent at all, regardless of whether it’s related to React or not.

                                                                The Apache 2.0 licence is a well-regarded Free Software licence, but the React licence, it seems, is not.

                                                                1. 5

                                                                  I’ll see myself out. :)

                                                                  1. 9

                                                                    Please don’t remove comments even if they’re incorrect–it makes reading threads later a lot harder.

                                                                    1. 4

                                                                      OK

                                                                      1. 3

                                                                        But editing a comment to state that you retract it would seem valuable. (Elsewhere I’d propose striking it out, e.g. by enclosing the whole shebang in <s></s>; alas, no strikeouts on Lobsters.)

                                                                    2. 4

                                                                      This is incorrect. If you sue Facebook over any patent at all, it does not terminate your software license. It does terminate the additional patent grant. So the patent grant plus the BSD license gives you strictly more legal protection than the BSD license alone does. The Apache 2.0 license also revokes the patent grant, but not the entire license, if you initiate patent litigation against the copyright holder.

                                                                      See the last question at https://code.facebook.com/pages/850928938376556

                                                                      1. 1

                                                                        Apache 2.0 covers you, but the point still stands for other libraries licensed under licenses such as BSD. I’d presume GPL(v2) also protects you against patents, but this is just an assumption. It would be nice to get confirmation for this from a source that is at least somewhat official (regarding US jurisdiction).

                                                                        1. 1

                                                                          GPLv2 does nothing for patents that MIT or BSD doesn’t. That was one of several reasons for GPLv3.

                                                                    1. 3

                                                                      A singleton holds a global static variable. The fact that it’s usually (entirely) private is its only slight slaving grace. Making it a little more public introduces issues of thread-safety and referential transparency that didn’t exist before, and wouldn’t exist at all using a saner pattern.

                                                                      1. 22

                                                                        The cost of adding a networked computer to something is now low and getting lower, but the cost of making the software the runs on it secure or reliable has stayed high. With engineer salaries having grown like they have, it may actually be getting more expensive. In the long term, businesses are going to wake up to liability and customer satisfaction concerns and stop selling insecure, unreliable “internet of things” devices. But I think we’re in for a few years of zero-days on refrigerators, big invasions of privacy, and maybe some injuries and deaths before this happens.

                                                                        1. 17

                                                                          There’s a reason they call it the Internet of Things Targets. We’ve already felt this with consumer routers.

                                                                          1. 4

                                                                            Interestingly enough, around here we have progressed to the point where you don’t buy your home router….. You get a “FREE ROUTER” with your fibre connection.

                                                                            Actually, the reason it’s free, is if you watch carefully, every now and then it quietly updates itself and reboots….

                                                                            ie. The ISP’s have worked out it’s cheaper to bundle a router they can control and update, than to handle the service complaints due to hacked routers.

                                                                            Alas, what worries me more about this story is the implications of it when put together with Snowden’s information.

                                                                            ie. The spooks can easily move one very large step beyond just listening….

                                                                            1. 2

                                                                              Another reason for that shift is that ISPs have started realizing it might be valuable in its own right to own & control a distributed network of access points. For example all newer Comcast routers are dual-SSID routers. One of the SSIDs is configurable by the customer as their usual home wifi network, and the other one is locked to SSID ‘xfinity’, serving as part of Comcast’s national wifi network.

                                                                          2. 4

                                                                            I’d like to see entertainment systems standardized and shared between car manufacturers. Why can’t I just get a double/triple/quad din entertainment drop in replacement at my local electronics shop and have it control exactly the same things the previous one did?

                                                                            In my 1999 car I replaced the single din tape player with a 3rd party one, but had to give up volume buttons. It was worth it. In my 2003 car I replaced the double din stereo with a 3rd party one, but kept all functionality by getting Pioneer -> ISO -> ISO -> Holden.

                                                                            Newer cars than that seem to have an all in one “iDrive” style system that controls entertainment and gps (Which is fine) but also air conditioning, electric seats, car internetting, performance mode/suspension, lap timing. I can do without some of those things, but not being able to control the air conditioning at a minimum is an absolute deal breaker. If you can live with the lose of the other things it is still going to cripple your resale value. Why do they have to tie everything in together? My friend has a Z4M. The stereo isn’t great, but there is no way he is going to throw out this sort of functionality for a better one.

                                                                            I just want them to either use standards so a replacement 3rd party unit doesn’t downgrade functionality (I know car companies aren’t going to do this) or at least split up system so that I could just replace the “entertainment system” (Which would basically be the screen + stereo tuner) and the air conditioning could still be controlled through it because the “entertainment system” and the air conditioner talk to each other over a standard interface (USB/ethernet/wifi with a standard open source “car communications” protocol).

                                                                            1. 4

                                                                              Part of the problems with replacements (in the UK at least) is that they’re easy to steal. One of the large drops in the UK crime rate is because car stereos are now integrated and difficult / impossible to casually take.

                                                                              A nice(?) side effect is that when considering which car to buy next, you’re more likely to go to the same manufacturer so you don’t have to re-learn a new system for changing radio stations.

                                                                              1. 1

                                                                                I always imagined it was because an average $100 3rd party stereo is fine for most people and will only resale for say $30, so it is only worth stealing a $1000+ 3rd party stereo. If you are stealing an original stereo it is only worth stealing it if is actually good, is usable in your car and you have/can crack the code that locks it to the car/ecu.

                                                                            2. 3

                                                                              Depending on how you look at it, a problem on top of this is that technologies keep on removing the ability to control which version of software they run. On my Android phone, if it decides to upgrade a piece of software and I say yes, I cannot downgrade it even if there is a huge security hole in it. I expect to see IoT being even worse about this.

                                                                              One of the reasons I loved OS X so much was because it had a user friendly interface that was pretty good but I could dive below it and be a power user. The mobile platforms are not catering to this at all. The counter argument is that it is better because a centralized authority is making sure everyone is up to date. IMO, there is no reason to believe that is true.

                                                                              1. 1

                                                                                engineer salaries having grown like they have

                                                                                Could you cite? I find maybe a 10% increase (relative to inflation) since 1985.

                                                                                1. 1

                                                                                  I hope not connecting stuff that shouldn’t be connected to the net will help in the meantime. Unless they carry their own gsm modules…

                                                                                1. 4

                                                                                  There are costs with either approach, but for a given problem which is preferable is dependent on all sorts of contingencies. The difficulty of the problem, the existence and usability of a package manager, the expressiveness of the language you’re using, quality of the dependency, and the possibility of forking/maintaining a third-party dependency all should factor into a wise developer’s decision.

                                                                                  Here, I see a lot of complaints about the drawbacks of third-party dependencies (along with a lot of loaded, meaningless language like “trash can full of toxic waste”) but not a very smart breakdown of how frequently these drawbacks occur or how to evaluate or mitigate them.

                                                                                  Further, as another commenter points out, the author takes a very narrow view of what’s a dependency. People claim they have zero- or low-dependency software, but in the big picture it’s hard to characterize a 10kloc program that depends on millions of locs of kernel, compiler, language runtime, standard libraries, and hardware drivers in such a manner.

                                                                                  1. 6

                                                                                    Broadly, I absolutely agree that any solution to the question is very contingent.

                                                                                    The author’s anecdotes in many ways actually show to me how the challenge of finding the best solution to a simple problem that occurs along the way can distract from finding a workable to the messier tasks that usually are the official job. And, ironically, solving the problem of redundancy vs dependency itself is often in this category of “more interesting than the assigned task”.

                                                                                    The thing is that I think experienced programmers deal with the distraction (that comes from problem like this) through folk-wisdom rules of thumb, rules that don’t need to be at all optimal but which, by getting past and bottling up the small and seductively interesting problems, let one accomplish one’s immediate task.

                                                                                    But ironically, this same “folk effect” tends to make these questions seem uninteresting to consider more deeply beyond the solutions of offered by the obsessed. And think that’s a shame because this kind of problem might open some unexpected doors if examined closely.

                                                                                    1. 3

                                                                                      Thanks. Insightful point in that last paragraph.