1. 5

    I recently discovered how horribly complicated traditional init scripts are whilst using Alpine Linux. OpenRC might be modern, but it’s still complicated.

    Runit seems to be the nicest I’ve come across. It asks the question “why do we need to do all of this anyway? What’s the point?”

    It rejects the idea of forking and instead requires everything to run in the foreground:

    /etc/sv/nginx/run:

    #!/bin/sh
    exec nginx -g 'daemon off;'
    

    /etc/sv/smbd/run

    #!/bin/sh
    mkdir -p /run/samba
    exec smbd -F -S
    

    /etc/sv/murmur/run

    #!/bin/sh
    exec murmurd -ini /etc/murmur.ini -fg 2>&1
    

    Waiting for other services to load first does not require special features in the init system itself. Instead you can write the dependency directly into the service file in the form of a “start this service” request:

    /etc/sv/cron/run

     #!/bin/sh
     sv start socklog-unix || exit 1
     exec cron -f
    

    Where my implementation of runit (Void Linux) seems to fall flat on its face is logging. I hoped it would do something nice like redirect stdout and stderr of these supervised processes by default. Instead you manually have to create a new file and folder for each service that explicitly runs its own copy of the logger. Annoying. I hope I’ve been missing something.

    The only other feature I can think of is “reloading” a service, which Aker does in the article via this line:

    ExecReload=kill -HUP $MAINPID

    I’d make the argument that in all circumstances where you need this you could probably run the command yourself. Thoughts?

    1.  

      Instead you can write the dependency directly into the service file in the form of a “start this service” request

      But that neither solves starting daemons in parallel, or even at all, if they are run in the ‘wrong’ order. Depending on network being setup, for example, brings complexity to each of those shell scripts.

      I’m of the opinion that a dsl of whitelisted items (systemd) is much nicer to handle than writing shell scripts, along with the standardized commands instead of having to know which services that accepts ‘reload’ vs ‘restart’ or some other variation in commands - those kind of niceties are gone when the shell scripts are individually an interface each.

      1.  

        The runit/daemontools philosophy is to just keep trying until something finally runs. So if the order is wrong, presumably the service dies if a dependent service is not running, in which case it’ll just get restart. So eventually things progress towards a functioning state. IMO, given that a service needs to handle the services it depends on crashing at any time anyways to ensure correct behaviour, I don’t feel there is significant value in encoding this in an init system. A dependent service could also be moved to running on another machine which this would not work in as well.

        1.  

          It’s the same philosophy as network-level dependencies. A web app that depends on a mail service for some operations is not going to shutdown or wait to boot if the mail service is down. Each dependency should have a tunable retry logic, usually with an exponential backoff.

      2.  

        I’d make the argument that in all circumstances where you need this you could probably run the command yourself. Thoughts?

        It’s nice to be able to reload a well-written service without having to look up what mechanism it offers, if any.

        1.  

          Runits sv(8) has the reload command which sends SIGHUP by default. The default behavior (for each control command) can be changed in runit by creating a small script under $service_name/control/$control_code.

          https://man.voidlinux.eu/runsv#CUSTOMIZE_CONTROL

        2.  

          Dependency resolving on daemon manager level is very important so that it will kill/restart dependent services.

          runit and s6 also don’t support cgroups, which can be very useful.

          1.  

            Dependency resolving on daemon manager level is very important so that it will kill/restart dependent services

            Why? The runit/daemontools philsophy is just to try to keep something running forever, so if something dies, just restart it. If one restarts a service, than either those that depend on it will die or they will handle it fine and continue with their life.

            1.  

              either those that depend on it will die or they will handle it fine

              If they die, and are configured to restart, they will keep bouncing up and down while the dependency is down? I think having dependency resolution is definitely better than that. Restart the dependency, then the dependent.

              1.  

                Yes they will. But what’s wrong with that?

                1.  

                  Wasted cycles, wasted time, not nearly as clean?

                  1.  

                    It’s a computer, it’s meant to do dumb things over and over again. And presumably that faulty component will be fixed pretty quickly anyways, right?

                    1.  

                      If those thing bother you, why run Linux at all? :P

              2.  

                I really like runit on void. I do like the simplicity of SystemD target files from a package manager perspective, but I don’t like how systemd tries to do everything (consolekit/logind, mounting, xinet, etc.)

                I wish it just did services and dependencies. Then it’d be easier to write other systemd implementations, with better tooling (I’m not a fan of systemctl or journalctl’s interfaces).

              3.  

                I hoped it would do something nice like redirect stdout and stderr of these supervised processes by default. Instead you manually have to create a new file and folder for each service that explicitly runs its own copy of the logger. Annoying. I hope I’ve been missing something.

                I used to use something like logexec for that, to “wrap” the program inside the runit script, and send output to syslog. I agree it would be nice if it were builtin.

              1. 3

                If a specific class of licenses becomes unenforceable, what does that actually mean to software currently under that license?
                Does the software, in that jurisdiction, simply behave as if it has no license?
                Or would the copyleft /portion/ of the license simply no longer apply (eg. people would now get it without those restrictions)?

                1. 3

                  Those would have been good questions to answer, but alas. It seems like the “give away” parts are still in effect, but the “give back” condition is what is ruled invalid, but that’s a vague guess.

                  1. 2

                    Most open source licenses revert to plain old copyright if the license is broken.

                    1. 6

                      This news caused the public release for XSA-267 / CVE-2018-3665 (Speculative register leakage from lazy FPU context switching) to be moved to today.

                      1. 16

                        These embargoed and NDA’d vulnerabilities need to die. The system is broken.

                        edit: Looks like cperciva of FreeBSD wrote a working exploit and then emailed Intel and demanded they end embargo ASAP https://twitter.com/cperciva/status/1007010583244230656?s=21

                        1. 8

                          Prgmr.com is on the pre-disclosure list for Xen. When a vulnerability is discovered, and the discoverer uses the responsible disclosure process, and the process works, we’re given time to patch our hosts before the vulnerability is disclosed to the public. On balance I believe participating in the responsible disclosure process is better for my customers.

                          Pre-disclosure gives us time to build new packages, run through our testing process, and let our users know we’ll be performing maintenance. Last year we found a showstopping bug during a pre-disclosure period: it takes time and effort to verify a patch can go to production. With full disclosure, we would have the do so reactively, with significantly more time pressure. That would lead to more mistakes and lower quality fixes.

                          1. 2

                            This is a bad response to the issue. The bad guys probably already have knowledge of it and can use it. A few players deemed important should not get advanced notification.

                            1. 15

                              Prgmr.com qualifies for being on the Xen pre-disclosure list by a) being a vendor of a Xen-based system b) willing and able to maintain confidentiality and c) asking. We’re one of 6 dozen organizations on that list–the criteria for membership is technical and needs-based.

                              If you discover a vulnerability you are not obligated to use responsible disclosure. If you run Xen you are not obligated to participate in the pre-disclosure list. The process consists of voluntary coordination to discover, report, and resolve security issues. It is for the people and organizations with a shared goal: removing security defects from computer systems.

                              By maintaining confidentiality we are given the ability, and usually the means to have security issues resolved before they are announced. Our customers benefit via reduced exposure to these bugs. The act of keeping information temporarily confidential provides that reduced exposure.

                              You have described a voluntary process with articulable benefits as “needing to die,” along with my response being “bad.” As far as I can tell from your comments you claim “the system is broken” because some people “should not get advanced notice.” I’ve described what I do with that knowledge, and why it benefits my users. I’m thankful the security community tells me when my users are vulnerable and works with me to make them safer.

                              Can you improve this process for us? Have I misunderstood you?

                              1. 11

                                Some bad guys might already have knowledge of it. Once it’s been disclosed, many bad guys definitely have knowledge of it, and they can deploy exploits far, far faster than maintainers, administrators and users can deploy fixes.

                                1. 8

                                  You’re treating “the bad guys” like they’re all one thing. In actuality, there’s a string of bad guys from people who will use a free, attack tool to people who will pay a few grand for one to people who can customize a kit if it’s just a sploit to people who can build a sploit from a description to rare people who had it already. There’s also a range in intent of attackers from DOS to data integrity to leaking secrets. The folks who had it already often just leak secrets in stealthy way instead of do actual damage. The also use the secrets in a limited way compared to average, black hat. They’re always weighing use vs detection of their access.

                                  The process probably shuts down quite a range of attackers even if it makes no difference for the best ones who act the sneakiest.

                                  1. 4

                                    The process probably shuts down quite a range of attackers even if it makes no difference for the best ones who act the sneakiest.

                                    I believe the process is so effective at shutting down “quite a range of attackers” that it works despite: a) accidental leaks [need for improvement of process] b) intentional leaks [abuse] c) black hats on the pre-disclosure list reverse engineering an exploit from a patch. [fraud] In aggregate, the benefit from following the process exceeds the gain a black hat would have from subverting it.

                              2. 9

                                Well, it’s complicated. (Disclosure: we were under the embargo.)

                                When a microprocessor has a vulnerability of this nature, those who write operating systems (or worse, provide them to others!) need time to implement and test a fix. I think Intel was actually doing an admirable job, honestly – and we were fighting for them to broaden their disclosure to other operating systems that didn’t have clear corporate or foundation backing (e.g., OpenBSD, Dragonfly, NetBSD, etc). That discussion was ongoing when OpenBSD caught wind of this – presumably because someone who was embargoed felt that OpenBSD deserved to know – and then fixed it in the worst possible way. (Namely, by snarkily indicating that it was to address a CPU vulnerability.) This was then compounded by Theo’s caustic presentation at BSDCan, which was honestly irresponsible: he clearly didn’t pull eager FPU out of thin air (“post-Spectre rumors”), and should have considered himself part of the embargo in spirit if not in letter.

                                For myself, I will continue to advocate that Intel broaden their disclosure to include more operating systems – but if those endeavoring to write those systems refuse to honor the necessary secrecy that responsible disclosure demands (and yes, this means “embargoed and NDA’d vulnerabilities”), they will make such inclusion impossible.

                                1. 18

                                  We could also argue Theo’s talk was helpful in that the CVE was finally made public.

                                  Colin Percival tweeted in his thread overview about the vulnerability that he learned enough from Theo’s talk to write an exploit in 5 hours.

                                  If Theo and and the OpenBSD developers pieced enough together from rumors to make a presentation that Colin could turn into an exploit in hours, how long have others (i.e., bad guys) who also heard rumors had working exploits?

                                  Theo alone knows whether he picked-up eager FPU from developers under NDA. Even if he did, there’s zero possibility outside of the law he lives under (or contracts he might’ve signed) that he’s part of the embargo. As to the “spirit” of the embargo, his decision to discuss what he knew might hurt him or OpenBSD in the future. That was his call to make. He made it.

                                  Lastly, I was at Theo’s talk. Caustic is not how I would describe it, nor would I categorize it as irresponsible. Theo was frustrated that OpenBSD developers who had contributed meaningfully to Spectre and Meltdown mitigation had been excluded. He vented some of that frustration in the talk. I’ve heard more (and harsher) venting about Linux in a 30 minute podcast than all the venting in Theo’s talk.

                                  On the whole Theo’s talk was interesting and informative, with a sideshow of drama. And it may have been what was needed to get the vulnerability disclosed and more systems patched.


                                  Disclosure: I’m an OpenBSD user, occasional port submitter, BSDCan speaker and workshop tutor, FreeNAS user and recommender, and have enjoyed many podcasts, some of which may have included venting.

                                  1. 4

                                    If Theo and and the OpenBSD developers pieced enough together from rumors to make a presentation that Colin could turn into an exploit in hours, how long have others (i.e., bad guys) who also heard rumors had working exploits?

                                    It was clear to me the day Spectre / Meltdown were disclosed that there would be future additional vulnerabilities of the same class based on that discovery. I think there is circumstantial evidence suggesting the discovery was productive for the people who knew about it in the second half of 2017 before it was publicly disclosed. One can safely assume black hats have had the ability to find and use novel variations in this class of vulnerability for at least six months.

                                    If Theo did pick up eager FPU from a developer under embargo that demonstrates just how costly it is to break embargo. Five hours, third hand.

                                    1. 4

                                      If Theo did pick up eager FPU from a developer under embargo that demonstrates just how costly it is to break embargo. Five hours, third hand.

                                      I have absolutely no idea what point you’re trying to make. Certainly, everyone under the embargo knew that this would be easy to exploit; in that regard, Theo showed people what they already knew. The only new information here is that Theo is every bit as irresponsible as his detractors have claimed – and those detractors would (of course) point out that that information is not new at all…

                                      1. 1

                                        With respect, how is Theo irresponsible for reducing the time the users of his OS are vulnerable?

                                        Like, the embargo thing sounds a lot to the ill-informed like some kind of super-secret clubhouse.

                                    2. 4

                                      Theo definitely wasn’t part of the embargo, but it’s also unquestionable that Theo was relying on information that came (ultimately) from someone who was under the embargo. OpenBSD either obtained that information via espionage or via someone trying to help OpenBSD out; either way, what Theo did was emphatically irresponsible. Of course, it was ultimately his call – but he is not the only user of OpenBSD, and is unfortunate that he has effectively elected to isolate the community to serve his own narcissism.

                                      As for the conjecture that Theo served any helpful role here: sorry, that’s false. (Again, I was under the embargo.) The CVE was absolutely going public; all Theo did was marginally accelerate the timeline, which in turn has resulted in systems not being as prepared as they otherwise could be. At the same time, his irresponsible behavior has made it much more difficult for those of us who were advocating for broader inclusion – and unfortunately it will be the OpenBSD community that suffers the ramifications of any future limited disclosure.

                                      1. 6

                                        Espionage? You’re suggesting one of:

                                        1. Someone stole the exploit information, leaked it to the OpenBSD team, a team known for proactively securing their code, on the off-chance Theo would then further leak it (likely with mitigation code), causing the embargoed details to be released sooner than expected,

                                        2. OpenBSD developers stole the exploit information, then leaked it (while committing mitigation code), causing the embargoed details to be released sooner than expected.

                                        The first doesn’t seem plausible. The second isn’t worthy of you or any of the developers on the OpenBSD team.

                                        I’m sure you’ve read Colin’s thread. He contacted folks under embargo after he wrote his exploit code based on Theo’s presentation. The release timeline moved forward. OSs that had no knowledge of the vulnerability now have patches in place. Perhaps those users view “helpful” in a different light.


                                        Edit: Still boggling over the espionage comment. Had to flesh that out more.

                                        1. 8

                                          Theo has replied:

                                          In some forums, Bryan Cantrill is crafting a fiction.

                                          He is saying the FPU problem (and other problems) were received as a leak.

                                          He is not being truthful, inventing a storyline, and has not asked me for the facts.

                                          This was discovered by guessing Intel made a mistake.

                                          We are doing the best for OpenBSD. Our commit is best effort for our user community when Intel didn’t reply to mails asking for us to be included. But we were not included, there was no reply. End of story. That leaves us to figure things out ourselves.

                                          Bryan is just upset we guessed right. It is called science.

                                          He’s also offered to discuss the details with Bryan by phone.

                                          1. 4

                                            Intel still has 7 more mistakes in the Embargo Execution Pipeline™️ according to a report^Wspeculation by Heise on May 3rd.

                                            https://www.heise.de/ct/artikel/Exclusive-Spectre-NG-Multiple-new-Intel-CPU-flaws-revealed-several-serious-4040648.html

                                            Let the games begin! 🍿

                                            1. 1

                                              What’s (far) more likely: that Theo coincidentally guessed now, or that he received a hint from someone else? Add Theo’s history, and his case is even weaker.

                                              1. 13

                                                While everyone is talking about Theo, the smart guys figuring this stuff out are Philip Guenther and Mike Larkin. Meet them over beer and discuss topics like ACPI, VMM, and Meltdown with them and you won’t doubt anymore that they can figure this stuff out.

                                                1. 6

                                                  In another reply you claim your approach is applied Bayesian reasoning, so let’s go with that.

                                                  Which is more likely:

                                                  1. A group of people skilled in the art, who read the relevant literature, have contributed meaningful patches to their own OS kernel and helped others with theirs, knowing that others besides themselves suspected there were other similar issues, took all that skill, experience and knowledge, and found the issue,

                                                  or

                                                  1. Theo lied.

                                                  Show me the observed distribution you based your assessment on. Show me all the times Theo lied about how he came to know something.

                                                  Absent meaningful data, I’ll go with team of smart people knowing their business.

                                                  1. 4

                                                    Absent meaningful data

                                                    Your “meaningful data” is 11 minutes and 5 seconds into Theo’s BSDCan talk: “We heard a rumor that this is broken.” That is not guessing and that is not science – that is (somehow) coming into undisclosed information, putting some reasonable inferences around it and then irresponsibly sharing those inferences. But at the root is the undisclosed information. And to be clear, I am not accusing Theo of lying; I am accusing him of acting irresponsibly with respect to the information that came into his possession.

                                                    1. 3

                                                      Here is at least one developer’s comment on the matter. He points to the heise.de article about Spectre-NG as an example of the rumors that were floating around. That article is a long way from “lazy FPU is broken”.

                                                      Theo has offered to discuss your concerns, what you think you know, what he knew, when and how. He’s made a good-faith effort to get his cellphone number to you. If you don’t have it, ask.

                                                      If you do have his number, call him. Ask him what he meant by “We heard a rumor that this is broken.” Ask him what rumor they heard. Ask him whether he was referring to the Spectre-NG article.

                                                      Seriously, how hard does this have to be? You engaged productively with me when I called you out. You’ve called Theo out. Talk to him.

                                                      And yes, I get it. Your chief criticism at this point is responsible disclosure. But as witnessed by the broader discussion in the security community, there’s no single agreed-upon solution.

                                                      While you’ve got Theo on the phone you can discuss responsible disclosure. Frankly, I suggest beer for that part of the discussion.


                                                      Edit: Clarify that Florian wasn’t saying he knew heise.de were the source.

                                                    2. 0

                                                      Reread the second sentence in my reply you linked.

                                                    3. 2

                                                      This is plain libel, pure and simple.

                                                      1. -2

                                                        It is Bayesian reasoning, pure and simple.

                                                        That said, this is a tempest in a teacup, so call it whatever you want; I’m gonna go floss my cat.

                                                  2. 6

                                                    Sorry – I’m not accusing anyone of espionage; apologies if I came across that way.

                                                    What I am saying is that however Theo obtained information – and indeed, even if that information didn’t originate with the leak but rather by “guessing” as he is now apparently claiming – how he handled it was not responsible. And I am also saying that Theo’s irresponsibility has made the job of including OpenBSD more difficult.

                                                    1. 9

                                                      The spectre paper made it abundantly clear that addtional side channels will be found in the speculative execution design.

                                                      This FPU problem is just one additonal bug of this kind. What I’d like to learn from you is:

                                                      1. What was the original planned public disclosure date before it was moved ahead to today?

                                                      2. Do you really expect that a process with long embargo windows has a chance of working for future spectre-style bugs when a lot of research is now happening in parallel on this class of bugs?

                                                      1. 5
                                                        1. The original date for CVE-2018-3665 was July 10th. After the OpenBSD commit, there was preparation for an earlier disclosure. After Theo’s talk and after Colin developed his POC, the date was moved in from July 10th to June 26th, with preparations being made to go much earlier as needed. After the media attention today, the determination was made that the embargo was having little effect and that there was no point in further delay.

                                                        2. Yes, I expect that long embargo windows can work with Spectre-style bugs. Researchers have been responsible and very accommodating of the acute challenges of multi-party disclosure when those parties include potentially hypervisors, operating systems and higher-level runtimes.

                                                        1. 10

                                                          Thanks for disclosing the date. I must say I am happy that my systems are already patched now, rather than in one month from now.

                                                          I’ll add that some new patches with the goal of mitigating spectre-class bugs are being developed in public without any coordinated disclosure:

                                                          http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/9474cbef7fcb61cd268019694d94db6a75af7dbe

                                                          https://patchwork.kernel.org/patch/10202865/

                                                      2. 5

                                                        Thanks for the clarification.

                                                        I don’t think early disclosure is always irresponsible (the details of what and when matter). Others think it’s never irresponsible; and some that it’s always irresponsible. Good arguments can be made for each position that reasonable people can disagree about and debate.

                                                        One thing I hope we can all agree on is that we need clear rules for how embargoes work (probably by industry). We need clear, public criteria covering who, what, when and how long. And how to get in the program, ideally with little or no cost.

                                                        It’s a given that large companies like Microsoft will be involved. Open-source representatives should have a seat at the table as well. But “open source” can’t just mean Red Hat and a few large foundations. OSs like OpenBSD have a presence in the ecosystem. We can’t just write the rules with a “You must be this high to ride” sign at the door.

                                                        And yeah, Theo’s talk might make this more difficult going forward. Hopefully both sides will use this event as an opportunity to open a dialog and discuss working together.

                                                        1. 6

                                                          Right, I completely agree: I’m the person that’s been advocating for that. I was furious with Intel over Spectre/Meltdown (despite our significant exposure, we learned about it when everyone else did), and I was very grateful for the work that OpenBSD and illumos did together to implement KPTI. This time around, I was working from inside the embargo to get OpenBSD included. We hadn’t been able to get to where we needed to get, but I also felt that progress was being made – and I remained optimistic that we could get OpenBSD disclosure under embargo.

                                                          All of this is why I’m so frustrated: the way Theo has done this has made it much more difficult to advocate this position – it has strengthened the argument of those who believe that OpenBSD should not be included because they cannot be trusted. And that, in my opinion, is a shame.

                                                          1. 11

                                                            Look at it from OpenBSD’s perspective though. They (apparently) tried emailing Intel to find out more, and were told “no”. What were they supposed to do? Just wait on the hope that someone, somewhere, was lobbying on their behalf to be included, with no knowledge of that lobbying?

                                          1. 2

                                            I love how “boring” syspatch is. freebsd-update is certainly more complex, but does a pretty solid job itself.

                                            I am, however, a bit concerned by FreeBSD’s “packaging base” movement, both in terms of complexity (lots of tiny packages), and how long it seems to be taking.

                                            1. 2

                                              lots of tiny packages

                                              illumos is a wonderful example of just how much pain this is.

                                            1. 19

                                              I ran across a pretty interesting talk about zig here.

                                              Note: I got a good laugh at the end of the talk where he said he made tabs in the source a hard compile error. Well played Andrew. ;)

                                              1. 9

                                                I personally loved the whole “Ya I know saying Zig is faster than C is a big statement since programming language performance is measured as a fraction of C, but I’m telling you it’s an improper fraction”

                                                1. 1

                                                  Agreed. It was a good presentation – there were a few memorable moments like that.

                                              1. 5

                                                So TrueOS is now called Project Trident, and there’s a new project that will take the TrueOS name and will add to FreeBSD at a lower level rather than just being a collection of packages on top of FreeBSD?

                                                1. 3

                                                  Wow, it would have made much more sense if the announcement had been phrased that way.

                                                  1. 1

                                                    I’m still not sure if my assessment is correct.

                                                  2. 2

                                                    That’s what I took from it. The blog post was a bit hard to understand, I had to read it twice to actually figure out what they’re trying to say.

                                                  1. 3

                                                    Isn’t this the 2nd renaming in just a few years?
                                                    PC-BSD -> TrueOS -> This new thing…

                                                    I guess naming is hard.

                                                    OpenRC, LibreSSL, and “integrated Poudriere / pkg tools” does sound pretty interesting though. I’ll definitely check it out when something appears.

                                                    1. 4

                                                      Can anyone help me understand why Metal was designed? Apple’s a heavy hitter in Khronos, right? So what was it that they felt like they couldn’t accomplish with OGL/OCL? Are there non-Mac targets that support Metal?

                                                      1. 6

                                                        OpenGL is a tired old API that is too high level for high performance graphics work. At the time when Metal was being developed folks were working on lower level APIs to expose the GPU more, like Mantle and DirectX 12, and Metal was Apple’s offering. I believe Mantle eventually evolved into Vulkan, but for some reason Apple is continuing to promote Metal. It’s a nicer API for Swift users, but that’s about it. I would have preferred that they’d make a safe API over Vulkan for Swift like Vulkano, they seem to be under some weird impression that they’ll be able to trap devs in their platform with their own, proprietary API. Or maybe they just can’t bear to give up all the sunk cost.

                                                        1. 2

                                                          they seem to be under some weird impression that they’ll be able to trap devs in their platform with their own, proprietary API

                                                          Is it not working quite well for Microsoft with DirectX?

                                                        2. 1

                                                          As I vaguely recall, it started on ios as a way to utilize their graphics chips faster and more efficiently (lower overhead).

                                                        1. 11

                                                          Really not happy about this. I mean, I recognize that mac gaming is a tiny sliver market anyway, but this essentially will kill the desktop mac games market, although it’ll mean ports from mobile will get much easier.

                                                          But really, is that what we want? Thank god for Bootcamp I guess?

                                                          1. 5

                                                            OpenGL already seems to be an afterthought for most game developers. It’s basically only a Linux/Mac target in practice, no? For Windows, game devs usually target DirectX, and for PS4 and Xbox, there isn’t even OpenGL support. Games today sometimes even run better on Mac using DirectX under Wine compared to using the native macOS OpenGL, although that admittedly makes them less accessible to the average user.

                                                            1. 2

                                                              But Wine’s DirectX uses OpenGL as backend.

                                                            2. 1

                                                              I assume the major game engines like unity, unreal, and cry, will just emit a Metal taget, like they do for directx and opengl currently? Also, isn’t Vulkan supposed to take over? It seems like OpenGL is just going to die off.

                                                              1. 2

                                                                That’s a big assumption. Said engine makers would need to feel confident enough that there will be ROI for them to spend those man hours and dollars that could more profitably be spent on supporting the next next next gen nvidia card or the Playstation 20 :)

                                                                1. 5

                                                                  Well, MoltenVK is a thing apparently, so I guess if Vulkan does take over, maybe it won’t be /too/ bad as a macos target?

                                                                  EDIT: also looks like (based on very quick searching) that unity and unreal both support Metal as a target already. Being that ios also uses metal, I assume they likely have a vested interest in supporting it there.

                                                                  1. 2

                                                                    You’re clearly way more knowledgeable in this space than I and yeah MoltenVK looks like a thing. Maybe it’s all for the good, I dunno :)

                                                                  2. 3

                                                                    They already do for iOS - Mac OS is trivial after that. It’s no problem for Unity or Epic. It does hurt the little guy with their own engine, however.

                                                                2. 1

                                                                  It’s not going to stop working, they’re just marking it as no-longer a priority that may stop working in a future update. I can’t imagine anybody is going to be forced to update to whatever future version of MacOS does not include OGL by default. If it’s that important to the industry, people other than Apple will pick up the implementation work. Most professional tools already support Metal and Vulcan, and it seems pretty clear to me that on all platforms, the trend away from OGL is going to continue. Vendors of various rendering and scenegraph libraries can work with their customers to determine what backends they need to support.

                                                                  1. 2

                                                                    Truthfully I’m kind of out of step with that end of things. I was just thinking in terms of all the open source I’ve seen through the years that wanted OpenGL on OSX.

                                                                    Maybe all of it’s been ported to Vulcan or Metal? I dunno.

                                                                1. 7

                                                                  I always laugh when people come up with convoluted defenses for C and the effort that goes into that (even writing papers). Their attachment to this language has caused billions if not trillions worth of damages to society.

                                                                  All of the defenses that I’ve seen, including this one, boil down to nonsense. Like others, the author calls for “improved C implementations”. Well, we have those already, and they’re called Rust, Swift, and, for the things C is not needed for, yes, even JavaScript is better than C (if you’re not doing systems-programming).

                                                                  1. 31

                                                                    Their attachment to this language has caused billions if not trillions worth of damages to society.

                                                                    Their attachment to a language with known but manageable defects has created trillions if not more in value for society. Don’t be absurd.

                                                                    1. 4

                                                                      [citation needed] on the defects of memory unsafety being manageable. To a first approximation every large C/C++ codebase overfloweth with exploitable vulnerabilities, even after decades of attempting to resolve them (Windows, Linux, Firefox, Chrome, Edge, to take a few examples.)

                                                                      1. 2

                                                                        Compared to the widely used large codebase in which language for which application that accepts and parses external data and yet has no exploitable vulnerabilities? BTW: http://cr.yp.to/qmail/guarantee.html

                                                                        1. 6

                                                                          Your counter example is a smaller, low-featured, mail server written by a math and coding genius. I could cite Dean Karnazes doing ultramarathons on how far people can run. That doesn’t change that almost all runners would drop before 50 miles, esp before 300. Likewise with C code, citing the best of the secure coders doesn’t change what most will do or have done. I took author’s statement “to first approximation every” to mean “almost all” but not “every one.” It’s still true.

                                                                          Whereas, Ada and Rust code have done a lot better on memory-safety even when non-experts are using them. Might be something to that.

                                                                          1. 2

                                                                            I’m still asking for the non C widely used large scale system with significant parsing that has no errors.

                                                                            1. 3

                                                                              That’s cheating saying “non-c” and “widely used.” Most of the no-error parsing systems I’ve seen use a formal grammar with autogeneration. They usually extract to Ocaml. Some also generate C just to plug into the ecosystem since it’s a C/C++-based ecosystem. It’s incidental in those cases: could be any language since the real programming is in the grammar and generator. An example of that is the parser in Mongrel server which was doing a solid job when I was following it. I’m not sure if they found vulnerabilities in it later.

                                                                          2. 5

                                                                            At the bottom of the page you linked:

                                                                            I’ve mostly given up on the standard C library. Many of its facilities, particularly stdio, seem designed to encourage bugs.

                                                                            Not great support for your claim.

                                                                            1. 2

                                                                              There was an integer overflow reported in qmail in 2005. Bernstein does not consider this a vulnerability.

                                                                          3. 3

                                                                            That’s not what I meant by attachment. Their interest in C certainly created much value.

                                                                          4. 9

                                                                            Their attachment to this language has caused billions if not trillions worth of damages to society.

                                                                            Inflammatory much? I’m highly skeptical that the damages have reached trillions, especially when you consider what wouldn’t have been built without C.

                                                                            1. 12

                                                                              Tony Hoare, null’s creator, regrets its invention and says that just inserting the one idea has cost billions. He mentions it in talks. It’s interesting to think that language creators even think of the mistakes they’ve made have caused billions in damages.

                                                                              “I call it my billion-dollar mistake. It was the invention of the null reference in 1965. At that time, I was designing the first comprehensive type system for references in an object oriented language (ALGOL W). My goal was to ensure that all use of references should be absolutely safe, with checking performed automatically by the compiler. But I couldn’t resist the temptation to put in a null reference, simply because it was so easy to implement. This has led to innumerable errors, vulnerabilities, and system crashes, which have probably caused a billion dollars of pain and damage in the last forty years.

                                                                              If the billion dollar mistake was the null pointer, the C gets function is a multi-billion dollar mistake that created the opportunity for malware and viruses to thrive.

                                                                              1. 2

                                                                                He’s deluded. You want a billion dollar mistake: try CSP/Occam plus Hoare Logic. Null is a necessary byproduct of implementing total functions that approximate partial ones. See, for example, McCarthy in 1958 defining a LISP search function with a null return on failure. http://www.softwarepreservation.org/projects/LISP/MIT/AIM-001.pdf

                                                                                1. 3

                                                                                  “ try CSP/Occam plus Hoare Logic”

                                                                                  I think you meant formal verification, which is arguable. They could’ve wasted a hundred million easily on the useless stuff. Two out of three are bad examples, though.

                                                                                  Spin has had a ton of industrial success easily knocking out problems in protocols and hardware that are hard to find via other methods. With hardware, the defects could’ve caused recalls like the Pentium bug. Likewise, Hoare-style logic has been doing its job in Design-by-Contract which knocks time off debugging and maintenance phases. The most expensive. If anything, not using tech like this can add up to a billion dollar mistake over time.

                                                                                  Occam looks like it was a large waste of money, esp in the Transputer.

                                                                                  1. 1

                                                                                    No. I meant what I wrote. I like spin.

                                                                                2. 1

                                                                                  Note what he does not claim is that the net result of C’s continued existence is negative. Something can have massive defects and still be an improvement over the alternatives.

                                                                                3. 7

                                                                                  “especially when you consider what wouldn’t have been built without C.”

                                                                                  I just countered that. The language didn’t have to be built the way it was or persist that way. We could be building new stuff in a C-compatible language with many benefits of HLL’s like Smalltalk, LISP, Ada, or Rust with the legacy C getting gradually rewritten over time. If that started in the 90’s, we could have equivalent of a LISP machine for C code, OS, and browser by now.

                                                                                  1. 1

                                                                                    It didn’t have to, but it was, and it was then used to create tremendous value. Although I concur with the numerous shortcomings of C, and it’s past time to move on, I also prefer the concrete over the hypothetical.

                                                                                    The world is a messy place, and what actually happens is more interesting (and more realistic, obviously) than what people think could have happened. There are plenty of examples of this inside and outside of engineering.

                                                                                    1. 3

                                                                                      The major problem I see with this “concrete” winners-take-all mindset is that it encourages whig history which can’t distinguish the merely victorious from the inevitable. In order to learn from the past, we need to understand what alternatives were present before we can hope to discern what may have caused some to succeed and others to fail.

                                                                                      1. 2

                                                                                        Imagine if someone created Car2 which crashed 10% of the time that Car did, but Car just happened to win. Sure, Car created tremendous value. Do you really think people you’re arguing with think that most systems software, which is written in C, is not extremely valuable?

                                                                                        It would be valuable even if C was twice as bad. Because no one is arguing about absolute value, that’s a silly thing to impute. This is about opportunity cost.

                                                                                        Now we can debate whether this opportunity cost is an issue. Whether C is really comparatively bad. But that’s a different discussion, one where it doesn’t matter that C created value absolutely.

                                                                                  2. 8

                                                                                    C is still much more widely used than those safer alternatives, I don’t see how laughing off a fact is better than researching its causes.

                                                                                    1. 10

                                                                                      Billions of lines of COBOL run mission-critical services of the top 500 companies in America. Better to research the causes of this than laughing it off. Are you ready to give up C for COBOL on mainframes or you think both of them’s popularity were caused by historical events/contexts with inertia taking over? Im in latter camp.

                                                                                      1. 7

                                                                                        Are you ready to give up C for COBOL on mainframes or you think both of them’s popularity were caused by historical events/contexts with inertia taking over? Im in latter camp.

                                                                                        Researching the causes of something doesn’t imply taking a stance on it, if anything, taking a stance on something should hopefully imply you’ve researched it. Even with your comment I still don’t see how laughing off a fact is better than researching its causes.

                                                                                        You might be interested in laughing about all the cobol still in use, or in research that looks into the causes of that. I’m in the latter camp.

                                                                                        1. 5

                                                                                          I think you might be confused at what I’m laughing at. If someone wrote up a paper about how we should continue to use COBOL for reasons X, Y, Z, I would laugh at that too.

                                                                                          1. 3

                                                                                            Cobol has some interesting features(!) that make it very “safe”. Referring to the 85 standard:

                                                                                            X. No runtime stack, no stack overflow vulnerabilities
                                                                                            Y. No dynamic memory allocation, impossible to consume heap
                                                                                            Z. All memory statically allocated (see Y); no buffer overflows
                                                                                            
                                                                                            1. 3

                                                                                              We should use COBOL with contracts for transactions on the blockchains. The reasons are:

                                                                                              X. It’s already got compilers big businesses are willing to bet their future on.

                                                                                              Y. It supports decimal math instead of floating point. No real-world to fake, computer-math conversions needed.

                                                                                              Z. It’s been used in transaction-processing systems that have run for decades with no major downtime or financial losses disclosed to investors.

                                                                                              λ. It can be mathematically verified by some people who understand the letter on the left.

                                                                                              You can laugh. You’d still be missing out on a potentially $25+ million opportunity for IBM. Your call.

                                                                                              1. 1

                                                                                                Your call.

                                                                                                I believe you just made it your call, Nick. $25+ million opportunity, according to you. What are you waiting for?

                                                                                                1. 4

                                                                                                  You’re right! I’ll pitch IBM’s senior executives on it the first chance I get. I’ll even put on a $600 suit so they know I have more business acumen than most coin pitchers. I’ll use phrases like vertical integration of the coin stack. Haha.

                                                                                            2. 4

                                                                                              That makes sense. I did do the C research. Ill be posting about that in a reply later tonight.

                                                                                              1. 10

                                                                                                Ill be posting about that in a reply later tonight.

                                                                                                Good god man, get a blog already.

                                                                                                Like, seriously, do we need to pass a hat around or something? :P

                                                                                                1. 5

                                                                                                  Haha. Someone actually built me a prototype a while back. Makes me feel guilty that I dont have one instead of the usual lazy or overloaded.

                                                                                                    1. 2

                                                                                                      That’s cool. Setting one up isn’t the hard part. The hard part is doing a presentable design, organizing the complex activities I do, moving my write-ups into it adding metadata, and so on. I’m still not sure how much I should worry about the design. One’s site can be considered a marketing tool for people that might offer jobs and such. I’d go into more detail but you’d tell me “that might be a better fit for Barnacles.” :P

                                                                                                      1. 3

                                                                                                        Skip the presentable design. Dan Luu’s blog does pretty well it’s not working hard to be easy on the eyes. The rest of that stuff you can add as you go - remember, perfect is the enemy of good.

                                                                                                        1. 0

                                                                                                          This.

                                                                                                          Hell, Charles Bloom’s blog is basically an append-only textfile.

                                                                                                        2. 1

                                                                                                          ugh okay next Christmas I’ll add all the metadata, how does that sound

                                                                                                          1. 1

                                                                                                            Making me feel guilty again. Nah, I’ll build it myself likely on a VPS.

                                                                                                            And damn time has been flying. Doesnt feel like several months have passed on my end.

                                                                                                  1. 1

                                                                                                    looking forward to read it:)

                                                                                            3. 4

                                                                                              Well, we have those already, and they’re called Rust, Swift, ….

                                                                                              And D maybe too. D’s “better-c” is pretty interesting, in my mind.

                                                                                              1. 3

                                                                                                Last i checked, D’s “better-c” was a prototype.

                                                                                              2. 5

                                                                                                If you had actually made a serious effort at understanding the article, you might have come away with an understanding of what Rust, Swift, etc. are lacking to be a better C. By laughing at it, you learned nothing.

                                                                                                1. 2

                                                                                                  the author calls for “improved C implementations”. Well, we have those already, and they’re called Rust, Swift

                                                                                                  Those (and Ada, and others) don’t translate to assembly well. And they’re harder to implement than, say, C90.

                                                                                                  1. 3

                                                                                                    Is there a reason why you believe that other languages don’t translate to assembly well?

                                                                                                    It’s true those other languages are harder to implement, but it seems to be a moot point to me when compilers for them already exist.

                                                                                                    1. 1

                                                                                                      Some users of C need an assembly-level understanding of what their code does. With most other languages that isn’t really achievable. It is also increasingly less possible with modern C compilers, and said users aren’t very happy about it (see various rants by Torvalds about braindamaged compilers etc.)

                                                                                                      1. 4

                                                                                                        “Some users of C need an assembly-level understanding of what their code does.”

                                                                                                        Which C doesnt give them due to compiler differences and effects of optimization. Aside from spotting errors, it’s why folks in safety- critical are required to check the assembly against the code. The C language is certainly closer to assembly behavior but doesnt by itself gives assembly-level understanding.

                                                                                                  2. 2

                                                                                                    So true. Every time I use the internet, the solid engineering of the Java/Jscript components just blows me away.

                                                                                                    1. 1

                                                                                                      Everyone prefers the smell of their own … software stack. I can only judge by what I can use now based on the merits I can measure. I don’t write new services in C, but the best operating systems are still written in it.

                                                                                                      1. 5

                                                                                                        “but the best operating systems are still written in it.”

                                                                                                        That’s an incidental part of history, though. People who are writing, say, a new x86 OS with a language balancing safety, maintenance, performance, and so on might not choose C. At least three chose Rust, one Ada, one SPARK, several Java, several C#, one LISP, one Haskell, one Go, and many C++. Plenty of choices being explored including languages C coders might say arent good for OS’s.

                                                                                                        Additionally, many choosing C or C++ say it’s for existing tooling, tutorials, talent, or libraries. Those are also incidental to its history rather than advantages of its language design. Definitely worthwhile reasons to choose a language for a project but they shift the language argument itself implying they had better things in mind that werent usable yet for that project.

                                                                                                        1. 4

                                                                                                          I think you misinterpreted what I meant. I don’t think the best operating systems are written in C because of C. I am just stating that the best current operating system I can run a website from is written in C, I’ll switch as soon as it is practical and beneficial to switch.

                                                                                                          1. 2

                                                                                                            Oh OK. My bad. That’s a reasonable position.

                                                                                                            1. 3

                                                                                                              I worded it poorly, I won’t edit though for context.

                                                                                                    1. 4

                                                                                                      Oh man, the memories. Great video, thanks for sharing – I doubt I would have run across it otherwise.

                                                                                                      1. 2

                                                                                                        tl;dw, what is it about? A documentary about the game?

                                                                                                        1. 6

                                                                                                          It’s really an overview of adventure games during the late 80s through the 90s all the way to today - with a focus on the Monkey Island games and SCUMM-built games (as well as their competitors). If you love that style of adventure game you’d probably get a lot out of this video.

                                                                                                          1. 2

                                                                                                            Ah, alright! Thanks! I’ll take a look later when I have time.

                                                                                                            1. 1

                                                                                                              I watched the one about Quake from the same channel. It was nicely done, but a bit long and minor repetitive. Will keep this one for later since I still want to play Monkey Island unspoiled one day :)

                                                                                                        1. 9

                                                                                                          I’m not qualified to make any judgment on the technical merits of several dependency management solutions, but as someone working primarily in Go, the churn of solutions is starting to have a real cognitive cost.

                                                                                                          1. 6

                                                                                                            Some of the solutions suggested from a couple of the Go devs in that “thread” sound.. almost surreal to me.

                                                                                                            My favorite one so far:

                                                                                                            We’ve been discussing some sort of go release command that both makes releases/tagging easy, but also checks API compatibility (like the Go-internal go tool api checker I wrote for Go releases). It might also be able to query godoc.org and find callers of your package and run their tests against your new version too at pre-release time, before any tag is pushed. etc.
                                                                                                            https://github.com/golang/go/issues/24301#issuecomment-390788506

                                                                                                            With all the cloud providers starting to offer pay-by-the-second containers-as-a-service, I see no reason we couldn’t provide this as an open source tool that anybody can run and pay the $0.57 or $1.34 they need to to run a bazillion tests over a bunch of hosts for a few minutes. There’s not much Google secret sauce when it comes to running tests.
                                                                                                            https://github.com/golang/go/issues/24301#issuecomment-390790036

                                                                                                            That sounds… kind of crazy for anyone that isn’t Google scale or doesn’t have Google money.
                                                                                                            Are the Go devs just /that/ divorced from the (non Google) reality that the rest of us live in?

                                                                                                            1. 10

                                                                                                              Kind of crazy, but not super crazy. As another example, consider Rust’s crater tool. When the Rust team are trying to evaluate the impact of fixing a syntax quirk or behavioural bug, they make a version of the Rust compiler with the change and a version without, and boot up crater to test every publicly available Rust package with both compiler versions to see if anything breaks that wasn’t already broken.

                                                                                                              crater runs on Mozilla’s batch-job infrastructure (TaskCluster), and Mozilla is much, much smaller than Google scale. On the other hand, they’re still bigger than a lot of organisations, and I believe a crater run can take a few days to complete, so it’s going to be a lot more than “$1.34 … for a few minutes” on public cloud infrastructure.

                                                                                                              1. 1

                                                                                                                I get the spirit of those responses; we’re getting to the point with cloud services were that kind of integration test suite could happen cheaply.

                                                                                                                But it is not the answer to the problems that prompted those responses.

                                                                                                                Dependency management is hard, and there isn’t a perfect solution, mvs is a cool approach and I’m curious how it shakes out in practice, but to OP’s point, I’m not sure I can do another switch like we’ve done up to now

                                                                                                                Manual Vendoring ($GOPATH munging)
                                                                                                                govendor
                                                                                                                dep
                                                                                                                vgo
                                                                                                                whatever fixes the problems with vgo

                                                                                                                1. 3

                                                                                                                  Agreed. I have a couple of projects that I have switched solutions at least 4 or 5 times already (manual GOPATH munging, godep, gpm, gb, dep), because each time it was either a somewhat commonly accepted solution, or seemed the least worst alternative (before there was any kind of community consensus).

                                                                                                              2. 3

                                                                                                                I have yet to migrate a project between dependency managers.

                                                                                                                The old ones work exactly as well as they always have.

                                                                                                                1. 2

                                                                                                                  I’ve reverted to using govendor for all new projects. I might be able to skip dep if vgo proves to be a good solution.

                                                                                                                  1. 1

                                                                                                                    similar story for us; govendor works better with private repos

                                                                                                              1. 5

                                                                                                                Yawn. The answers are predictable (Linux tries to emulate Windows, Linux driver quality is bad), often incorrect (FreeBSD on mainframes… right) and not very insightful. FreeBSD currently has virtually no desktop market share compared to Windows, macOS, and Linux, because:

                                                                                                                • They have better support from software and hardware vendors.
                                                                                                                • They are easier to install and configure for the average person.
                                                                                                                • They are easier to use for the average person.
                                                                                                                • Most people don’t even know FreeBSD and don’t care about their OS.
                                                                                                                • Inertia.

                                                                                                                Of course, the more interesting question is why Linux became more popular than FreeBSD, despite FreeBSD having a more friendly license for commercial/proprietary use.

                                                                                                                1. 8

                                                                                                                  Of course, the more interesting question is why Linux became more popular than FreeBSD, despite FreeBSD having a more friendly license for commercial/proprietary use.

                                                                                                                  I think there’s a better answer to that on Server Fault. UC Berkeley was fighting off a lawsuit from AT&T over BSD, and by the time all of that was resolved Linux had already gotten off the ground and achieved sufficient popularity that the SCO lawsuit couldn’t stop its momentum.

                                                                                                                  1. 2

                                                                                                                    This is often used as one of the explanations. I am sure that it is one of the factors, but the lawsuit was already settled in 1994. I remember buying a FreeBSD 2.1.5 CD set in 1996, long after the lawsuit was settled. In 1996 Linux was still very primitive and a hobbyist thing. Slackware still reigned, SuSE had just moved from Slackware to Jurix as its base, RPM did not even exist yet. I was surprised at the time how much better FreeBSD was - technically, it’s ports collection, the documentation, etc. Also, FreeBSD and BSD/OS were still much more popular on ‘serious’ servers at the time.

                                                                                                                    I think there are other important (internal) factors. E.g., the development model (outside OpenBSD) favored long-running stable branches and only branching from -current every 2-4 years, whereas Linux distributions were always pushing the latest (except uneven kernel versions), allowing Linux to surpass the BSDs in driver support, etc. Also, the Linux distributions at the time already focused on a wider user base, e.g. Caldera and others had graphical installers near the end of the nineties. And due to many distributions being commercial, they had more incentive pushing Linux boxes to stores and do marketing. E.g., local book stores in The Netherlands would carry Red Hat, SUSE, etc.

                                                                                                                    1. 1

                                                                                                                      Good points here.

                                                                                                                      1. 1

                                                                                                                        the development model (outside OpenBSD) favored long-running stable branches and only branching from -current every 2-4 years, whereas Linux distributions were always pushing the latest (except uneven kernel versions), allowing Linux to surpass the BSDs in driver support, etc.

                                                                                                                        Both Richard Gabriel’s Worse is Better and entrepreneurs’ highlighting execution over ideas/quality show that this strategy by itself could cause a lot of the momentum of Linux. Also, Caldera was the first one I used since I could buy a CD with graphical installer at Best Buy for $20.

                                                                                                                    2. 1

                                                                                                                      Citation needed. ;)

                                                                                                                      While I see where you are getting to I think those are at least partly myths. I have yet to see a person who can use Linux on the desktop on their own and cannot use FreeBSD or OpenBSD.

                                                                                                                      While I hear these arguments over and over I just don’t see them mapping to the real life. When people start using OpenBSD or FreeBSD they usually end up thinking it would be a lot harder, because of these myths.

                                                                                                                      Now I don’t wanna say they are easy to install, but if you want to use one of these systems for day to day life, they are certainly more friendly then Debian and Arch Linux for example. About others one might argue, but really, the first half of the Windows install was about as hard as installing either Linux (aside from Gentoo, Arch, etc.) until fairly recently. I really do thing that the effect of the initial installation is overrated.

                                                                                                                      What is a bigger problem of course is support for recent hardware. Looking at how far FreeBSD lags behind with Intel graphics (OpenBSD and DragonFly do way better here) or its sometimes desktop-unfriendly defaults (changing a sysctl to make Chrome run correctly) are bigger issues. One can be mitigated by using a recent Apple laptop or an older generation Thinkpad, the other by using a “distribution”.

                                                                                                                      I think a big reason is that all the commercial interest in something for end users was around Playstations. There is no SuSE, no RedHat, no Ubuntu, all having at least some money and grip to push their systems to the desktop, and be it just to get future sysadmins, selling their products for them.

                                                                                                                      Right now I think the comparison that would make more sense is Arch Linux vs FreeBSD, simply because these are a lot more similar, than Ubuntu which won by a huge initial investment in tech, branding and marketing, more than anything.

                                                                                                                      Arch Linux and FreeBSD have a lot more in common - speaking purely about desktop. They have a somewhat technical users in mind, they are not backed by some big organization, they value certain forms of simplicity (not exactly the one OpenBSD is thinking about, but still), they both have huge repositories of easy to install and very up to date software, that can be either taken from packages or source, they like to tune, configure and optimize, they enjoy having packages close to upstream, etc.

                                                                                                                      My best guess here would be stuff like steam and other things that became available as Linux blobs, that were “made possible” due to the investments from various other companies, which started out in the B2B field. Now one might ask why the BSDs don’t have strong companies in that sector, but at least to me it seems that the idea of using BSD outside of networks (routers, servers, etc.) infrastructure and the need of having something GPL-free (gaming consoles, etc.) just never occurred to people until Linux did lift off.

                                                                                                                      The reasons to use BSD often were a lot more more pragmatic and there weren’t really people with that dream of one day replacing Windows, in which Linux so far succeeded on the phone, but more in a way that one could say it’s Linux + lots of BSD code and macOS and iOS are BSD after all.

                                                                                                                      Even though BSD people often don’t want to hear that, but the license might be a part, especially on the hardware support side and you simply have code flowing in, for mostly legal reasons that one at least can look at.

                                                                                                                      I am sure that’s not the only reason and of course it will be a mixture, but the person running Linux on their own free will likely won’t decide against FreeBSD because it looks text based, especially not your average Arch Linux, Gentoo, Debian, Slackware. They might even find it more convenient.

                                                                                                                      Knowledge is especially historically a huge factor. I haven’t heard about BSD at all before the day I first installed it in 2005, which I think was because I read that Gentoo’s portage was inspired by it.

                                                                                                                      Extremely subjective, but Linux seems to really have a lot more missionary stuff going on. I have met more than one person who was about to duck and cover when I mentioned Linux, fearing a speech about moral and technical reasons on why they should switch. This used to be worse though. I think with the growth of the Linux community people feel a lot less like they have to defend their decision. There are barely any flame wars about Windows vs Linux vs macOS these days.

                                                                                                                      So I think marketing and in general network and social effects, as well as a hype and a nice story together with quite a bit of ideological undertone make up a large portion, of the history leading to status quo. I know a few people that tried BSD liked it and only switched back for ideological reasons.

                                                                                                                      While the BSDs are certainly not easy to use compared to macOS or Windows, I think argument is not holding true as big driving factor at all, when comparing to Linux in general and longer term desktop usage. Even holding on to Ubuntu for an extended period of time (upgrading from one release to another) will require a similar level of interest.

                                                                                                                      1. 1

                                                                                                                        I think a lot of it may also have had to do with GCC being so popular, and the push from the GNU folks towards Linux (at least “until Hurd is ready”). Combine that with Linux often being positioned as Anti-Windows by users (I remember a /lot/ of zealous propaganda back in the day), it certainly started to pick up mindshare quickly on college campuses in the mid 90s.

                                                                                                                    1. 4

                                                                                                                      Guess Tesla should have based their stack on one of the *BSD’s, MINIX3, or maybe VxWorks instead? ;)

                                                                                                                      1. 5

                                                                                                                        Like Intel did for the ME. The backdoor is highly reliable, too.

                                                                                                                        1. 3

                                                                                                                          At least it would make upgrades a breeze! ha!

                                                                                                                      1. 1

                                                                                                                        The design is really not mobile friendly :(

                                                                                                                        1. 1

                                                                                                                          No kidding. Somewhat funny (and certainly ironic!), they could take some design notes from OpenBSD’s “papers” page!

                                                                                                                        1. 2

                                                                                                                          Looks like none of the 2018 entries actually have associated papers linked.
                                                                                                                          I do see papers linked for 2016 though, so maybe it is just a case of “not yet”?

                                                                                                                          1. 20

                                                                                                                            sigh

                                                                                                                            So, this has already sparked a discussion about taste, freedom of speech, the whole thing.

                                                                                                                            The joke in question is bad, very bad. It’s plain unfitting, and it isn’t even remotely funny. It’s US-centric. RMS, the person making and subsequently claiming it, has a history of making sexual and other inappropriate commentary (e.g. arguing eugenics). His quoted comment about child birth is another example of RMS speaking about things he probably doesn’t have a very qualified opinion on. Most (all?) of the people mentioned in the article discussing the issue will never be affected by this in the real world. Seriously, I expect one of those people to stand up and say “You know what? We aren’t even the right group to discuss that in!”.

                                                                                                                            And this is the issue he pulls his authority card? Seriously? For a bad joke that was already shit in the 90s? That - even ignoring the punchline being terrible - just plain isn’t funny? Which boundary does that cross? Probably his egos.

                                                                                                                            Seriously, this is a tech manual. This is the place where you can finally have your “let’s just talk tech her”. And there, this discussion comes up?

                                                                                                                            1. 17

                                                                                                                              The thing I find weird is the clear generational gap in Internet users that mean that people end up talking past each other.

                                                                                                                              For older people who grew up thinking that Sendmail m4 macros were somehow intuitive, and that C was the new hotness, this is not a joke about abortion. It’s about censorship. That’s the hill RMS thinks he’s dying on. Removing the joke is at the risk of putting words in his mouth, censoring the manual.

                                                                                                                              Of course, the younger people who live in a world where Javascript isn’t ridiculous to use on a server, where everything-as-a-service is the norm demand takedowns of things outside of their overton window. To them, it’s a matter of not having a frankly disgusting joke about the very real problems of abortion in the US in a technical manual that has nothing to do with those problems. They don’t understand the culture in which GNU was founded, they believe that it is RMS’ job to change to fit with their culture.

                                                                                                                              This is what happens when an unstoppable force meets an immovable object. I’m just not sure who plays which part here. There is a reasonable answer, and the good news for the kids is that this has happened before several times: fork glibc. Fork it to remove RMS’ influence from the project and fork it to remove the offending text (for people that want it removed).

                                                                                                                              1. 17

                                                                                                                                Even as a commentary about censorship, it’s pretty freaking oblique. It should be removed on the technical grounds that it’s inefficient GNU crap.

                                                                                                                                1. 2

                                                                                                                                  Stallman is pretty freaking oblique at the best of times when it comes to his sense of humour. Saying that GNU is full of inefficient crap is like saying that water is wet, or that the Linux kernel is a bug-ridden dumpster fire.

                                                                                                                                  If every GNU inefficiency was removed, it’d be BSD.

                                                                                                                                  1. -1

                                                                                                                                    It should be removed on the technical grounds that it’s inefficient GNU crap.

                                                                                                                                    Nobody force you to use GNU crap.

                                                                                                                                    But GNU is and have always been openly political.

                                                                                                                                    You are free to use software that is apparently neutral. if you don’t like it.
                                                                                                                                    And you have plenty of choice on the market: Microsoft, Apple, Google… all are pretty ready to serve your needs (and collect your data for whatever purpose, and lobbying for DRM and so on../)

                                                                                                                                    But “as a commentary about censorship”, that joke is perfectly fine.

                                                                                                                                    1. 6

                                                                                                                                      Nobody force you to use GNU crap.

                                                                                                                                      The fact that you are saying this to tedu (an OpenBSD developer) is kind of funny.

                                                                                                                                      1. 5

                                                                                                                                        I’m fine with GNU being a political project. Indeed, I actively advocate for projects to make their mind up.

                                                                                                                                        But “as a commentary about censorship”, that joke is perfectly fine.

                                                                                                                                        A lot of the project itself does not seem to agree, especially in the context of having it in the documentation. Except RMS, who pulls rank over a joke that he himself made. Which makes the GNU project his personal opinion/joke vehicle.

                                                                                                                                        1. 3

                                                                                                                                          Except RMS, who pulls rank over a joke that he himself made. Which makes the GNU project his personal opinion/joke vehicle.

                                                                                                                                          I don’t see the point you’re making here? The GNU project was always an expression of political views that were, originally, personal to RMS. If the project ran by majority consensus it would have given up on the whole free software thing a long time ago.

                                                                                                                                          1. -3

                                                                                                                                            Using your “Rust Community Team” hat here is crass, and only reinforces some people’s beliefs (myself included) about these types of thought police organizations.

                                                                                                                                            I sure hope the non-“Rust Community Team” people show less virtue signalling. It puts your project under a terrible spotlight.

                                                                                                                                            1. 5

                                                                                                                                              FWIW, I find the use of the hat inappropriate here as well.

                                                                                                                                              That being said, as discussed below, I think it depends on what you think the hat means, exactly. It seems Florian uses the hat differently than many here might expect.

                                                                                                                                    2. 7
                                                                                                                                      1. I think the joke is funny. It’s even more funny now.
                                                                                                                                      2. RMS’s character has no bearing on the legitimacy of the joke.
                                                                                                                                      3. You don’t need to be qualified to have an opinion.
                                                                                                                                      4. Any group can discuss any topic, there is no “right” group.
                                                                                                                                      5. RMS is the benevolent dictator of GNU, and as such has the authority to veto decisions in rare situations like these.
                                                                                                                                      1. 10

                                                                                                                                        Be that as it may, when the people who have written the code (glibc was originally written by someone else (not RMS), and Ulrich Drepper is now responsible for something like 70% of the code) and make it all work ask you to back off, it’s a stupid hill to die on. Yeah, you might win the battle, but you’ll lose the war.

                                                                                                                                        Last time something like this happened, everyone switched to using eglibc and it wasn’t until the RMS-mandated steering committee was dissolved that people switched back to glibc. If RMS decides to be a jerk about things, watch everyone fork it again or sink their resources into musl.

                                                                                                                                        There’s being right, and there’s being so egotistical that you burn down the house because you didn’t get your way.

                                                                                                                                        1. 4

                                                                                                                                          He has veto power for precisely these cases where “everyone else” disagrees, so I don’t think it’s a stupid hill to die on. In any case, I agree with you, RMS will lose this war, this is just the beginning.

                                                                                                                                          1. 15

                                                                                                                                            Vetoing the removal of a little-used architecture with heavy maintenance burden because they want to support those few users is a good hill to die on. Vetoing the removal of a joke that everyone else wants to remove from the manual and doesn’t in any way affect the operation of the library is a stupid hill to die on.

                                                                                                                                            1. 3

                                                                                                                                              That’s in your opinion. If you care the culture of your project not taking itself so seriously, I think it’s a good hill to die on.

                                                                                                                                      2. 5

                                                                                                                                        As a participant in Rust Community and a proponent of eugenics, your use of Rust Community Team hat makes me uncomfortable. Was it necessary? Are you really speaking for Rust Community Team here? I hope my eugenics advocacy won’t affect my Rust participation.

                                                                                                                                        As for the joke, the joke is clearly about censorship and not about abortion. I think attempt to censor the joke makes it more relevant.

                                                                                                                                        1. 2

                                                                                                                                          As for the joke, the joke is clearly about censorship and not about abortion.

                                                                                                                                          Jokes, by their nature, are not clear and subject to cultural background and education. In my opinion, it’s a bit condescending to claim that it has universal understanding and appeal.

                                                                                                                                          I think attempt to censor the joke makes it more relevant.

                                                                                                                                          The origin of the patch seems to be the person just didn’t think it relayed any meaningful information to a user of the function. I don’t think that falls into common usage of “censorship”.

                                                                                                                                          1. -2

                                                                                                                                            I don’t think that falls into common usage of “censorship”.

                                                                                                                                            Yes, and I have yet to see a documentation patch forced on a project by a state.

                                                                                                                                            1. 2

                                                                                                                                              Censorship exists only when done by the state??

                                                                                                                                          2. 1

                                                                                                                                            On FOSS social issues, I generally put the hat on here. As my work for the Rust project is social, judging which of these issues I should put the hat on would only lead to problems. I’m fine with people knowing my affiliation and I think it’s more honest for people to know it. I don’t speak for the team, but I am a member of the team.

                                                                                                                                            On Eugenics: it’s, in my view, an only thinly veiled form of Ableism, and as such opposed to the goal of being inclusive, especially also to people with disability. Many forms fundamentally attack the right to live of people with disabilities, for example by arguing for their abortion.

                                                                                                                                            Just to be clear on which comment by RMS I’m referring to (on people with Trisomy 21):

                                                                                                                                            If you’d like to love and care for a pet that doesn’t have normal human mental capacity, don’t create a handicapped human being to be your pet. Get a dog or a parrot…

                                                                                                                                            If you want to support that comment, go ahead.

                                                                                                                                            1. 3

                                                                                                                                              I support the idea behind the comment. Given medical acceptance of prenatal screening of trisomy 21, this is one of less extreme among RMS’s positions.

                                                                                                                                              I agree the expression of the idea in the comment you quoted leaves a lot to be desired.

                                                                                                                                              1. -1

                                                                                                                                                Prenatal screening of trisomy 21 are generally accepted as a way to increase survival chances for the fetus.
                                                                                                                                                Trisomy 21 increases the risk of heart issues at birth, that can be handled in the proper structure, but would lead to secure death if not addressed promptly.

                                                                                                                                                Some people use it for eugenetics (usually with amniocentesis, that kills 1 healthy children out of 200 if I remember correctly).

                                                                                                                                                Now, IMO what RMS means is horrible, disgusting and plain dangerous.
                                                                                                                                                But it’s not related to freedom. And he has the right to think (and say) it.

                                                                                                                                                1. 1

                                                                                                                                                  Prenatal screening of trisomy 21 are generally accepted as a way to increase survival chances for the fetus.

                                                                                                                                                  Do you have a citation for your “generally accepted” claim? There appears to be at least some evidence to the contrary:

                                                                                                                                                  About 92% of pregnancies in Europe with a diagnosis of Down syndrome are terminated.[14] In the United States, termination rates are around 67%, but this rate varied from 61% to 93% among different populations.[13] Rates are lower among women who are younger and have decreased over time.[13] When nonpregnant people are asked if they would have a termination if their fetus tested positive, 23–33% said yes, when high-risk pregnant women were asked, 46–86% said yes, and when women who screened positive are asked, 89–97% say yes.[75]

                                                                                                                                                  https://en.wikipedia.org/wiki/Down_syndrome#Abortion_rates

                                                                                                                                                  1. 0

                                                                                                                                                    This is entirely offtopic here, but I don’t want to flee the question.

                                                                                                                                                    My source is my doctor, that incidentally is also my wife.
                                                                                                                                                    When the prenatal screening of our second daughter established 1/350 probability of a Down syndrome, she explained me about amniocentesis, about the risks for the fetus and about the implications and the medical reasoning beyond it. It’s a complex topic and I’m not competent enough to expose it here deeply, but the relevant point was that, while several doctors object to abortion as a murder in contrast with their oath and ethics, prenatal screening is designed to increase the survival of the fetus, so every doctor is fine with it.

                                                                                                                                              2. 1

                                                                                                                                                On FOSS social issues, I generally put the hat on here. As my work for the Rust project is social, judging which of these issues I should put the hat on would only lead to problems. I’m fine with people knowing my affiliation and I think it’s more honest for people to know it. I don’t speak for the team, but I am a member of the team.

                                                                                                                                                While I do not agree with you on the “joke on documentation” issue, I really support this approach.

                                                                                                                                                Hacking is a ethical and political action.

                                                                                                                                              3. -1

                                                                                                                                                I hope my eugenics advocacy won’t affect my Rust participation.

                                                                                                                                                If that’s what you think that means, and you advocate for any intelligence-based eugenics, you might want to reconsider your position on eugenics.

                                                                                                                                                This obviously would only affect you if you attempted to add eugenics commentary to the Rust project itself in some way. Same as if you attempted to add any other irrelevant polarizing commentary.

                                                                                                                                                1. 1

                                                                                                                                                  I don’t talk eugenics on Rust space. Not because eugenics is wrong (it isn’t), but because it’s off-topic.

                                                                                                                                                  1. 2

                                                                                                                                                    it’s off-topic

                                                                                                                                                    Yes. And it’s also off-topic for glibc.

                                                                                                                                                    1. 0

                                                                                                                                                      No, it isn’t. By definition.

                                                                                                                                                      You might not agree with GNU or with rms here, or you might prefer that glibc would not be a GNU project, but it is.

                                                                                                                                                      1. 2

                                                                                                                                                        Fine. But the consensus of the primary maintainers is that it’s off-topic. Therefore it’s off-topic for whatever fork of glibc everyone ends up using. Because if we get another eglibc situation, everyone will use the fork maintained by the maintainers, and no one will use the fork “maintained” by rms.

                                                                                                                                                        It’s de facto off-topic for those who accept reality.

                                                                                                                                                        1. 0

                                                                                                                                                          Anyone who “accepts reality” in that sense wouldn’t be contributing to GNU in the first place. The project has always been about RMS telling the rest of the world they’re wrong.

                                                                                                                                                          1. 1

                                                                                                                                                            See eglibc. A non-GNU fork already happened, and was reintegrated when the issue was dropped.

                                                                                                                                                            I don’t see how you can say that those kind of people wouldn’t be contributing to GNU, when they clearly are and that’s what this is all about. If those kind of people wouldn’t be contributing to GNU, then why is there any debate?

                                                                                                                                                            1. 1

                                                                                                                                                              There is debate precisely because the people contributing don’t subscribe to your notion that the primary maintainer consensus is all that matters. glibc contributors do care about GNU and RMS, otherwise the eglibc-style fork would already have happened and the project would now be being maintained outside the GNU umbrella.

                                                                                                                                            1. 15

                                                                                                                                              Reminds me of some previous glibc governance weirdness (back in 2001)…

                                                                                                                                              In the glibc-2.2.4 release announcement, Ulrich Drepper (the glibc maintainer at the time) said:

                                                                                                                                              And now for some not so nice things.

                                                                                                                                              Stallman recently tried what I would call a hostile takeover of the glibc development. He tried to conspire behind my back and persuade the other main developers to take control so that in the end he is in control and can dictate whatever pleases him. This attempt failed but he kept on pressuring people everywhere and it got really ugly. In the end I agreed to the creation of a so-called “steering committee” (SC). The SC is different from the SC in projects like gcc in that it does not make decisions. On this front nothing changed. The only difference is that Stallman now has no right to complain anymore since the SC he wanted acknowledged the status quo. I hope he will now shut up forever.

                                                                                                                                              The morale of this is that people will hopefully realize what a control freak and raging manic Stallman is. Don’t trust him. As soon as something isn’t in line with his view he’ll stab you in the back. NEVER voluntarily put a project you work on under the GNU umbrella since this means in Stallman’s opinion that he has the right to make decisions for the project.

                                                                                                                                              https://sourceware.org/ml/libc-announce/2001/msg00000.html

                                                                                                                                              Some additional background.

                                                                                                                                              1. 3

                                                                                                                                                Ulrich Drepper is no saint in his management of the glibc project either, and has had multiple conflicts in which he asserted his ultimate control over glibc as well. For a while, Debian switched away from glibc to avoid dealing with Drepper all together.

                                                                                                                                                I think RMS and Drepper are very similar, in the sense that they want the ultimate control over projects they are involved with, and the conflict between Drepper and RMS is simply caused by the fact that they both wanted to control the same project.

                                                                                                                                                1. 1

                                                                                                                                                  One difference was that Drepper was actually the maintainer of glibc. That said, I do agree with you.

                                                                                                                                                2. 1

                                                                                                                                                  NEVER voluntarily put a project you work on under the GNU umbrella since this means in Stallman’s opinion that he has the right to make decisions for the project.

                                                                                                                                                  Well, while I think that Stallman veto is coherent with the GNU philosophy this time, I consider Drepper’s suggestion a good one.

                                                                                                                                                1. 8

                                                                                                                                                  I like https://darksky.net/app for the weather.

                                                                                                                                                  1. 2

                                                                                                                                                    I find WeatherLine to be pretty good too.