1. 5

    Over here in US, that usually means someone’s election was financed by industry players who make billions on copywritten material. Are the people pushing this law similarly taking bribes from industry? Or do they have their own motivations for it?

    1. 7

      The newspaper and printing industry in germany is pushing this hard, notably Axel Springer Media (also known for such genius ideas as “Suing Adblock Plus for unfair comeptition”, “Suing Adblock Plus for preventing Free Speech”, “Refusing to adopt the New German Grammar Rules” and “Suing other newspapers for buying the same article from a newsagency but offering it for free instead of behind a paywall”).

      For some bizarre reason the utter failure of similar laws in germany and spain seems to have left no visible trace, it’s like the only lesson they learned is “when you fail small you fail big next”.

      1. 11

        Technically, a law like this is prone to be abused for censorship purposes. Whether this “dual use” is intended or not by parliamentarian voters, is obviously unclear.

        However, always bear in mind Ayn Rand:

        “Did you really think we want those laws observed?” said Dr. Ferris. “We want them to be broken. You’d better get it straight that it’s not a bunch of boy scouts you’re up against… We’re after power and we mean it… There’s no way to rule innocent men. The only power any government has is the power to crack down on criminals. Well, when there aren’t enough criminals one makes them. One declares so many things to be a crime that it becomes impossible for men to live without breaking laws. Who wants a nation of law-abiding citizens? What’s there in that for anyone? But just pass the kind of laws that can neither be observed nor enforced or objectively interpreted – and you create a nation of law-breakers – and then you cash in on guilt. Now that’s the system, Mr. Reardon, that’s the game, and once you understand it, you’ll be much easier to deal with.”

        To make it even worse, such laws don’t “outlaw” some behaviour, but put a high risk on it through civil law. So, it helps multinationals (and a possible malevolent regime) and hurts small companies as well as citizens. To me, it’s hard to believe this is not intended (like so many other (mostly) EU laws.

      1. 3

        The bill really is a disaster. Mainly pushed by conservatives and Axel Voss, who was gotten some backlash from his own party over this because the same copyright bill was a disaster in germany too (though it was less extreme).

        However, to calm the nerves; the bill is not law yet. It has been approved that the parliament may vote over it and then the commission and the parliament will work out a final bill. The earliest date this bill will get real is somewhere in december.

        1. 8

          This is getting more and more common since GDPR. A way to “bypass” these kind of tactics is to enable GDPR / cookie consent blocking with an ad blocker (at least this is possible with uBlock Origin). It automatically hides these annoying banners/popups without forcing you to opt-in.

          1. 3

            It’s even more fun when you consider how many of these websites then set the cookies that you’d actually have to opt in…

            1. 1

              How do you do this with uBlock Origin? I didn’t see a setting about GDPR or cookie/consent blocking.

              1. 12

                If you go in uBlock Origin preferences → Filter lists, under “Annoyances” there’s “Fanboy’s Cookiemonster List” which hides “we use cookies” banners (and apparently will also hide GDPR banners).

                1. 1

                  <3 THANKS!

            1. 2

              The typecast example could be expanded;

              if myNumber == nil {
                  // handle nil
              }
              number := numberPointer.(*myNumber)
              

              I would prefer

              number, ok := numberPointer.(*myNumber)
              

              Though I’m not sure how to syntactically handle it so there is no room for error…

              1. 1

                Great work. I’m working on my own link aggregation software so I’m interested in the ideas that have come up and maybe I’ll steal some code.

                Good work!

                1. 12

                  Unmentioned: Hardware RAID generally has battery backup so writes are completed even if the power fails (or the kernel panics). Software and Fake RAID can’t do that.

                  1. 4

                    Or alternately that having that allows them to (legitimately) acknowledge writes before the data has actually hit disk platters and hence offer better write performance – i.e. that if they didn’t have that they would presumably (hopefully!) wait to acknowledge writes until the data actually had hit the platters rather than “cheating” and losing data on a power loss.

                    That said, with the SSDs that are now easily available you can achieve a similar effect using host-side software layers like bcache/dm-cache in writeback mode.

                    1. 1

                      Generally that is the best option, it would only not apply when the drives are lying about syncing to disk (some cheap models still do on both SSD and HDD controllers, gets better benchmark results).

                    2. 1

                      More unmentioned: with a copy-on-write FS like ZFS, you won’t ever get corruption from incomplete writes, because writes are atomic.

                    1. 2

                      Hmm, you could probably look into HAM radio.

                      A LF or MF can go up to 2000km and 500km respectively (LowFER and MedFER, in reality probably a bit shorter).

                      Considering you need to transfer about 50kb, accounting for some overhead and buffer, a baud rate of about 8000-9000 baud should be enough to ensure up to a thousand stations can get their data send within a day guaranteed. Considering the constraints you’ll probably want to ensure data really gets there so you’d probably want around 200kHz at minimum and maybe transmit in something easy like morse. You’d have to build most of that from ground up and it could be a lot of work if existing tools don’t work (or adapt existing tools)

                      MF should handle your use case if the stations are around 100-200miles apart, if you rely on skywave overnight it can be more.

                      You’ll probably need a license in that band and find a frequency with the properties you want too.

                      Otherwise, there might be satellite internet but that might get expensive. Or Wifi Guns could be a solution.

                      1. 2

                        PeerTube is a very interesting project, though personally I would love some kind of youtube interface so I can watch youtube on PeerTube and maybe live streaming before I’d consider switching away from youtube itself entirely.

                        1. 1

                          Video import from youtube is one of their stretch goals, if I understand you correctly.

                          1. 1

                            You mean like with HookTube? Yeah that’s something I’ve been meaning to implement. It only has a real interest with playlists support and user subscriptions, which is not the case right now. So maybe in the near future!

                            1. 2

                              Probably a bit like that (though it looks like HookTube doesn’t support 1080p).

                              But being able to bring Youtube atleast one-sided into the fediverse could convince a lot of people to switch. It’s what I consider a necessary feature for a lot of federated platforms, atleast in the initial phases.

                              1. 1

                                You’d be suprised what users tell us are “necessary features” ;)

                                While this one should not be part of the core per se, I do see the interest of this one. Decentralizing the content also means migrating the habits. Believe it or not, it should either land as a plugin (much later since there is no plugin system yet) or as a core feature, depending how much free time I can free in the next months. Either way that’s not a priority, as there is much to build apart from that.

                                1. 1

                                  Yeah, I totally understand if it’s not a priority (and I know what users sometimes consider ‘necessary’) so I try to keep my list of necessary things short and reasonable.

                                  Good luck with the platform then :)

                                  1. 1

                                    Thanks :)

                          1. 4

                            I somewhat disagree with the basic premise of this website.

                            The idea of merit is in fact never clearly defined; rather, it seems to be a form of recognition, an acknowledgement that “this person is valuable insofar as they are like me.” […] It is time that we as an industry abandon the notion that merit is something that can be measured, can be pursued on equal terms by every individual, and can ever be distributed fairly.

                            Let me quote dictionary.com;

                            meritocracy, noun:

                            1. an elite group of people whose progress is based on ability and talent rather than on class privilege or wealth.
                            2. a system in which such persons are rewarded and advanced
                            3. leadership by able and talented persons.

                            I think that quite clearly runs contra to these points. Usually you cannot simply put merit, talent and ability in numbers but you can usually make a subjective evaluation and decide based on that. It has little to do with “privilege” or “excluding of underpresented people in technology”. If the person evaluating is fair, there is no reason to believe they will be deciding on Person A over B because B was jewish or of a certain ethnicity. Atleast that is my opinion on the matter. Many corporations will be happy to measure your merit by lines of code written per day.

                            Our professions do not define us; we are more than the work we do.

                            Yes, that is indeed quite a nice sentiment but I do think that when you’re working on a project, your position on that project should be somewhat defined by what you can do. Otherwise we’d be putting our UI designer on the server team.

                            We believe that interpersonal skills are at least as important as technical skills.

                            Agreed there but this doesn’t disagree with meritocracy at all and probably runs orthogonal to it.

                            Homogeneity is an antipattern.

                            Usually yes, but you’ll have to acknowledge all kinds of homogeneity there. If you have 20 people of all kinds of color, sexual orientation, sex, gender, ethnicity, etc. but they all studied CS at Harvard, I don’t think we have a heterogenic group, atleast not as heterogenic as it can be.

                            Homo- and heterogenity of groups are a spectrum, it isn’t a hard yes/no question. Plus, you will have to check which measurements you take to calculate the homogenity of a group. And which not.

                            [… a few points that have little to nothing to do with meritocracy or being against it …]


                            We understand that working in our field is a privilege, not a right. The negative impact of toxic people in the workplace or the larger community is not offset by their technical contributions.

                            Hypothetical scenario. The cure against cancer, aids and death in general is found. The inventor is a homophobe. Should we deny ourselves the cure?

                            I’m all for excluding toxic people from the community but we should still accept code from anyone because the code they contribute in the right projects could save lives or significantly improve the lives of others.

                            Being meritocratic also means recognizing the contributions of people you don’t like, regardless of whether you’re homophobe or anti-homophobe. You don’t have to like them nor let them communicate or integrate/interact with the community.

                            [… another few points that have little to nothing to do with meritocracy or being against it …]


                            I don’t really see the point in any of this as the webpage seems to be largely against discrimination, not meritocracy. A lot of these points aren’t against meritocracy but rather about enabling everyone, especially underrepresented people, to participate to their fullest extend in this meritocracy and thusly also being able to show their merit, so to speak.

                            I think the page should be updated to reflect that they aren’t against meritocracy per-se, just in favor of making it more fair. (“from each according to their ability, to each according to their needs”, I think is a fitting quote if I don’t misunderstand the english context)

                            1. 3

                              if the person evaluating is fair, there is no reason to believe they will be deciding on Person A over B because B was jewish or of a certain ethnicity. Atleast that is my opinion on the matter.

                              However data shows that people can and do believe themselves to be fair and objective when they are not. And many times, people who do evaluation are openly unfair.

                              1. 3

                                Well, the considerations on the webpage don’t make that disappear, worse, pointing out that people will be unfair when the believe to be the opposite, means the website itself can also fall under this category.

                                What’s important is that we try as best as we can.

                            1. 2

                              Privacy is a simple and universal right, why just after GDPR, companies start to express their “strong commitment” with it, considering there have been issues to be addressed since the dawn of the digital age?

                              1. 2

                                Probably because not everyone else has shared your perspective until recently, probably.

                                1. 1

                                  And you still have to trust Microsoft and whoever. IANAL but AFAICT they can still mess about with your data internally.

                                  1. 1

                                    Yes this statement is not legally binding, of course. I think what we’re seeing is more than MSFT is losing and it’s trying to win customers through non-technical means. Everyone knows Google’s business model is using your data and keeping up with that is very hard technically.

                                2. 2

                                  It’s dangerous to adhere to privacy when your competition doesn’t have to. Selling out your users can end up making some nice additional cash.

                                  With the GDPR there is a certain amount of advertising value that comes from it plus your competitors will have to adhere too.

                                1. 7

                                  These articles always attract people who think that being rude and hurtful to others is a political issue and most others stay away because they know that the comment threads in these are a tire fire. If you can’t work with people with differing views without royally pissing them off despite the fact that they didn’t even do anything to you then maybe you shouldn’t work in a diverse project. Go is naturally going to be a diverse project, and many of these people with differing views from you are going to be very talented. If it’s between the person who’s willing to work with others and the person who insists on making everything a political message then the person who makes calling someone “them” a big deal is going to lose every time because open source in the end is about getting things done.

                                  Basically when someone asks you to call them a man or a woman and you refuse and call them something else you are the person creating a needless conflict. Don’t be surprised if you are asked to leave if you do. Many dudes who are offended at their inability to misgender people would be furious if they were called a woman. It’s called treating people with respect. It doesn’t really matter if you think or don’t think they are who they say they are, you treat people as they would like to be treated or you leave them alone. Don’t expect to be antagonistic and develop a good working relationship.

                                  1. 7

                                    I don’t think that’s what it’s about for most people (that participate in an honest discussion here).

                                    Personally the clause that allows the Go team to police how I act outside the project makes me afraid of contributing. Someone might fake a twitter screenshot or discord message with my name on it. What if it happens while I sleep and I have no time to reply by the time the outrage train is going full speed?

                                    I do not want to hurt people or be rude, I know a lot of people from all walks of life, transsexual, gay, jewish, etc. I’m never rude to them because that’s counterproductive. But I also know people who are right wing and I work together with them just fine too in a professional setting. I have a huge collection of bookmarks with both left and rightwing articles, I read newspapers from both sides. I feel afraid that because of this collection, someone will inevitable post the issue “Why is this person allowed to contribute when they bookmarked this?”

                                    I feel like CoC’s like these push a certain kind of diversity, which favors certain groups over others, favoring US politics over what people from other nations might think, instead of having a true diversity by also inviting people from any group as long as they can behave professionally. I don’t see why a devout christian can’t work with someone who is homosexual, in fact, I am currently part of a university project where this is the case. That is what I consider true tolerance. Tolerance not of things that you don’t mind already but tolerance of things you don’t like or even hate.

                                    On another note, the CoC that has been employed is way to broad and “soft”. I would favor a much more stronger approach with stricter and clearer rules with no wiggle room for either side of the political divide and allows no political ideology to permeate the projects execution.

                                    1. 2

                                      In the defense of the CoC it would also protect a christian who is being attacked. Libel is still possible and would still cause you a lot of problems without a CoC. In the end however the CoC isn’t acted on automatically, it is worked through with discussion. It however is correct to protect groups that are at risk of being attacked, for example if Christians were a targeted minority then it would be right and correct to stand up for them despite whatever “Political bias” that might appear to have.

                                  1. 1

                                    it’s curious that people seem to only consider user facing problems of semver and never consider internal dependencies.

                                    CalVer is great for user-only software (such as Ubuntu or youtubedl) but terrible to pin to for a specific internal API.

                                    1. 2

                                      Every Debian package has an OpenPGP signature on it, and thus OpenPGP is making sure my new laptop isn’t pre-rooted with malware.

                                      What?

                                      1. 2

                                        I think the author falsely assumed that when all packages are PGP signed, that the contents on the disk are trustworthy…

                                      1. 12

                                        I can’t really get behind just ignoring headers because some engineer feels like they aren’t useful anymore.

                                        1. 8

                                          He doesn’t just “feel like”, he has a justified technical position, and I don’t see any counter arguments to any of his points.

                                          1. 5
                                            • Via is actually useful, if properly used, and can detect request loops outside your network
                                            • Expires is actually useful if you need to expire a response at a specific date, Cache-Control doesn’t do that, it’s only use isn’t “expire my content and don’t cache”
                                            • X-Frame-Options is needed to support older browser, IE only supports a minimal version of CSP since 10, if you support older clients, XFO is a good security addition as CSP may not be available
                                            1. 5

                                              The repeated use of “deprecation” without obvious links to the RFCs superceding those deprecations doesn’t help. Further, the entire point of the article is pretty clearly to help advertise Fastly (which presumably wants to go after some of Cloudflare’s market).

                                              Like, it’s an interesting read, but I’m a bit concerned about people putting their services behind providers that sanctimoniously decide to break with RFCs because it might get them more business.

                                            2. 3

                                              From the bit at the end it doesn’t sound like they’re doing anything to the headers by default? These are headers they recommend stripping out, and there’s an example at the end of how to strip out individual headers if you want to, but a site owner would have to actually do that to have any effect.

                                              1. 1

                                                Yeah, I don’t really see the problem here.

                                                Nobody’s forced to look at headers they’re not interested in, and the extras don’t hurt anything, except for using a bit of bandwidth.

                                              1. 8

                                                This is a nice summary, thanks for sharing it. Combined with this tweet: https://twitter.com/kellabyte/status/996429414970703872

                                                …I’m inclined to wonder how much time/bandwidth would be saved at larger sites if people cleaned these up, although I suspect that “size of HTTP headers” is not the worst bottleneck for most people.

                                                1. 7

                                                  For most sites the comparison goes something like javascript > unoptimized images > cookie size > other http headers for bytes/load time wasted.

                                                  1. 6

                                                    I suspect the impact is minimal. It’s a few hundred bytes at worst, and the site is probably more affected by 3rd party adtech or unoptimized pictures.

                                                    1. 7

                                                      Somewhat related, but even small changes to the request/response can have large impact on the bandwidth consumed.

                                                      From Stathat “This change should remove about 17 terabytes of useless data from the internet pipes each month” https://blog.stathat.com/2017/05/05/bandwidth.html

                                                      1. 5

                                                        Optimized Images alone would most likely save a lot more since they can save a lot more too. A recent google blog loaded a 8MB GIF image to show a few second long animation in a 250x250 thumbnail. 2 minutes in ffmpeg reduced that to about 800KB.

                                                        Imagine if people did this on sites with more traffic than some random google product announcement blog…

                                                  1. 12

                                                    I would probably start rounding up any MREs I can find and a lot of canned peaches, then disappear into an underground bunker for the next 30 years or so.

                                                    1. 3

                                                      There’s still plenty of room in the ivory towers.

                                                    1. 3

                                                      I run a SYS Dedicated Server with Proxmox as a VM Host. I recommend PM if you wanna get into virtualized hosting, it’s rather neat.

                                                      • Shaarli (Bookmarks)
                                                      • Rainloop (IMAP/SMTP Client, though I’m switching it off)
                                                      • Nextcloud
                                                      • Airsonic (Music Streaming)
                                                      • Cachet (Status Page, on shared hosting)
                                                      • Invoice Ninja (forsSide-business stuff)
                                                      • TinyTinyRSS (though looking for replacements, Feedly hasn’t been very pleasant, I have about 600 feeds on there)
                                                      • Postal (Internal Mail Infrastruture)
                                                      • YouRLS (URL Shortener, even got a neat Domain for it)
                                                      • Gitea (for my private projects or before I publish it to github)
                                                      • Skeletor (Selfwritten Analytics tool, currently not used)
                                                      • PFSense (VPN, DNS and Firewall)
                                                      1. 5

                                                        try selfoss for a RSS aggregator/reader. IMO the best user experience among self-hsoted tools in this regard

                                                        1. 2

                                                          Thanks, I’ll try and see if it can handle my workloads <3

                                                        2. 3

                                                          I was using Proxmox before but I found it easier and more efficient to use docker as there isn’t reserved memory for each container like you have with a VM.

                                                          1. 2

                                                            Hm, yeah, but I have lots of Containers in Proxmox too (LXC) which also works better for IPv6 connectivity. I need the VM mostly for PFSense, which is BSD and doesn’t run too well in a container (it doesn’t run at all).

                                                            PM also has a lot more functions that I like than Docker, especially towards failover with data persistence.

                                                          2. 2

                                                            RSS reader written in Python (and not PHP): newspipe. I haven’t test it out yet but it looks solid.

                                                            1. 1

                                                              I’ve experimented a bit. While it looks rather nice, the category functionality is probably not quite sufficient. I rely heavily on a hierarchy of categories to sort out my feeds…

                                                          1. 5

                                                            I’m preparing to start first end-to-end test in federation for my current project and finishing up the ORM switch (Pure Postgres ORM instead of a generic one). Also I’ll have to finish up IndieAuth to get some other features working and tested. Additionally both points above will require me to flesh out the event system I’m working on, which would make a lot of future work on federation easier by having the endpoints simply send (and optionally wait on) events to create comments, responses, posts, etc.

                                                            Otherwise I’m digging into LISP again as part of a course assignment at Uni. It’s been a while since I seriously wrote lisp but I enjoy it.

                                                            1. 6

                                                              I have a hard time in understanding how decentralized systems are better at protecting me from abusive government agencies, groups, and even individuals? With big online companies, it is not perfect but, as a citizen I have more tools to ask for accountability.

                                                              And even for daily stuff, how can I trust “decentralized” systems run by some individual who may or may not be good at following security best practices etc. Again, with big online companies, again it is not perfect but, I have more power as a citizen.

                                                              I think centralized systems scale better when it comes to power / responsibility balance.

                                                              I vote against decentralizing lobster but happy to read more counter arguments.

                                                              1. 3

                                                                It’s more about people outside the US. Big Corps like Reddit or Google basically follow the US law and the US law mostly protects only US citizens.

                                                                Instances in the fediverse follow local law (which is why usually people don’t federate with Japanese instances that allow NSFW material) which is great if the US law is silly in your culture/country.

                                                                The easy answer is simply that you pick a community, not a corp for your server. If you pick a corp for your server you should pick on in the same legislation as you are in.

                                                                1. 6

                                                                  It’s even good for people within the US; for instance, I can pick a fediverse server in Germany and know that the admins will be required by law to ban nazis even though I don’t live in Germany.

                                                                  1. 3

                                                                    I agree that federating big platform like reddit, Twitter, or YouTube makes sense because these platforms host multiple communities with conflicting norms and expectations regarding privacy, speech, etc. In an ideal scenario, individual reddit nodes could choose to omit subreddits they found objectionable or implement their own local censorship regimes (a la USENET).

                                                                    That said, I am inclined to agree with ctulek that lobste.rs is best suited to central hosting. In scale, lobste.rs is more like an individual subreddit than the reddit platform. We pick our community each time we choose lobste.rs over other forums discussing similar topics.

                                                                    1. 1

                                                                      I agree, yeah, Lobsters is more like a single sub but it could be useful if lobste.rs could federate…

                                                                1. 3

                                                                  You don’t need much to have some basic federation with Lobsters. Source: working on federated reddit rn.

                                                                  The absolute basic variant of federation would be a RSS feed + webmention. The RSS Feed is basically the content posted and webmention allows conversation in comments.

                                                                  Of course the disadvantage is that this setup is rather fragile and inflexible for what you actually want but in my current project it allows me to scope out which interfaces are needed at the basic level for everything to work.

                                                                  1. 2

                                                                    Supporting inbound webmention for comments could be great, actually! I would use that.