1. 4

    So those 15,000,000 email messages collectively consumed 195,000,000,000 bytes of bandwidth. Yes, 195 gigabytes of bandwidth bouncing around between the email servers.

    1. 2

      I can sympathise with patch submission process frustrations: our new device driver is now on patch rev 10. Some of the changes were necessary (like dt bindings conversion to YAML), but most are maintainers taking their rounds of stylistic potshots. Things like if the (internal) functions are named aptly enough, or if you should leave the trailing comma in array initializations.

      Uniform coding standards are certainly important but like everything else: in moderation. Pushing the drivers upstream is not necessarily high priority for casual developers. In our case each revision occurs in a lull so each patch round takes a few weeks. All while this driver was running on systems out there since November with no issues…

      1. 15

        Galaksija embodies a destratification of today’s technological hierarchy, a tacit ideological assertion that computing machinery should be for the masses, cheap and available to everyone, and that neither money nor technical know-how need be barriers to entry.

        That’s what we have now. A Raspberry Pi is $50 for the latest version. Linus could develop an OS on 386 because Microsoft Windows made 386-based machines incredibly prevalent and cheap on the used market. A modern mobile phone is an hugely versatile communications device and owning one is an acheivable goal for a large part of humanity.

        Anyone can choose between a plethora of free (monetary and licensing) programming languages, and the explanations on how to program in them is generally also free and widely available.

        It’s never been easier or cheaper to access computing machinery.

        1. 10

          I think you’re missing the point. Most of these technologies require knowledge that is harder and harder to achieve given the increasing scarcity of leisure time. There’ no dark wizard in an ivory tower defending the library where this knowledge is stored. They are inaccessible for structural reasons: time is scarce, work is invading the personal sphere, poverty and misery are more and more common for broader sections of the population everywhere in the West.

          Technological dissemination practices are not trying to solve this problem. Instead, they cater to a small élite of tech-savvy people for whom all these technologies come for free given a specific set of life choices. The fact that they are super-cheap and freely available once you cross a certain barrier (basically being rich and stable enough to invest in having more leisure time and mental energy) doesn’t mean that this generalizes over the whole population.

          The Galaksija was the last piece of the puzzle in a society that was ripe for technological dissemination. Ours is not and the small pieces of the puzzle like a Raspberry Pi will empower just a very narrow part of the population. That’s also the plethora of hackerist alternatives to mainstream technologies are having a hard time to gain traction: they ignore the barrier to entry, the politics of time behind technological adoption. The GAFAM don’t and they offer people a more commoditized experience that offers less friction.

          1. 9

            It is easy to underestimate how hard it was back in the day, from reading the survivorship bias pieces about spectacular achievers. Remember, no Internet (for your average Joe), very few manuals/tutorials, exorbitantly expensive hardware.

            I met a middle aged enthusiast back then who was unsuccessfully trying to learn 8080 machine code programming: his only material was opcode cheatsheet. After a year he gave up and honestly can’t blame him.

            1. 6

              +1

              I grew up in Belgrade and my first machine was a Commodore 128 for which I only had a German manual, which I didn’t speak (I was 12 years old). After a couple of months my dad managed to source a second- (more likely third-) hand Serbian manual in very poor condition, but I cherished that book as it was my only source of knowledge for years… We are indeed lucky to be living in a time like this, where access to knowledge is abundant.

              chobeat’s comment is spot-on though, time is a very expensive commodity and is usually taken for granted.

              1. 1

                I’m not saying what these computers have achieved, I’m just saying what they wanted to achieve. Because it’s easy to project the same values, goals and social structures on very different societies and it would be a mistake. Then yes, my father built computers at home and learned to program as a hobbyist in the 80s, so it’s a story I’ve seen too and it wasn’t accessible at all.

              2. 3

                I think you’re missing the point.

                Maybe I am. I think the original quote is really hard to understand. Frankly I think it’s just glib bargain-basement “deconstructionism” without much thought behind it, but let’s try to expand on it.

                I think the author is trying to say the same as you (which I agree with): access to computing does not mean access to the fruits of computing in the modern world. Just because someone under disadvantaged circumstances might teach themselves to code, doesn’t mean they can get a job coding, or that they can get access to the capital needed to build a company around coding.

                However, the author seems to believe that in this particular counter-factual case it would have been different somehow. Maybe because a DIY computer under (some value of) socialism would have led to a different outcome than a DIY computer under “capitalism” (i.e. the computing scene in the late 70s/early 80s in the US)? It’s hard to say.

                1. 2

                  I think you’re missing a large part of the point, too. I grew up with these grokable computers, and spent a great deal of my childhood trying to grok them. But, I did that in the 80s, in Australia, at the very bottom of the middle class. If I could even identify a particular book that might contain the knowledge I wanted, it would take me a year to get it.

                  Having access to the internet makes everything about programming infinitely easier to get a hold of, even if the machines we use are overcomplicated.

                  1. 1

                    I think you’re missing the point. Most of these technologies require knowledge that is harder and harder to achieve given the increasing scarcity of leisure time. There’ no dark wizard in an ivory tower defending the library where this knowledge is stored. They are inaccessible for structural reasons: time is scarce, work is invading the personal sphere, poverty and misery are more and more common for broader sections of the population everywhere in the West.

                    I don’t think it’s true that aggregate leisure time is lower today than in the 1980s in Yugoslavia, certainly not obviously true. In any case, the rise of the cheaply and ubiquitously accessible internet (accessible even to relatively poor people) has made knowledge about everything in the world, including the use and programming of computers, vastly more accessible than it was to anyone in the world three decades ago.

                    One of the reasons we perceive that time is scarce is because the sheer amount of things that a person can do with their limited time is much more salient now, and that increased salience has a lot to do with first and second-order societal changes brought about by the existence of cheap, ubiquitous computing and networking.

                    1. 1

                      One of the reasons we perceive that time is scarce is because the sheer amount of things that a person can do with their limited time is much more salient now, and that increased salience has a lot to do with first and second-order societal changes brought about by the existence of cheap, ubiquitous computing and networking.

                      But these also brought an increased amount of social work to exist in society and also an enormous amount of distraction: in the 80s if they told you that a company elaborated a complicated psychological mechanism to extract informations from you 24/7 through your phone and that they would conduct experiments to manipulate your behavior always through your phone, they wouldn’t believe you. When people speak about “attention economy”, we are the resources being mined. Those resources in the past could have been spent on something else. I’m not arguing against internet in general, but for sure for how it is now, it’s a net negative for the whole society in terms of contributions to time availability for personal development: for every kid that has access to infinite knowledge, you have 10 workers that have been conditioned into coping with stress, alienation and tiredness by mindlessly consuming content and producing data.

                1. 2

                  As my first ever foray into Javascript, mending D3 force layout graph code into directed hypergraph visualizer.

                  Also, it’s time to fight raspberry growth in the garden again.

                  1. 2

                    Have fun! D3 is both awesome and frustrating. Make sure you understand how it works before it forces you nuts!

                  1. 2

                    It doesn’t even matter if a few layers deep there’s a bug in some part of the system, as long as it never surfaces to the user and doesn’t affect the provided functionality.

                    Am I misunderstanding or does this ignore the fact that bugs “a few layers deep” can be the cause of security holes or exploit vectors?

                    1. 6

                      I think the point is that as long as you can’t trigger the bug with interaction surface of the program (rather than plugging a mock into raw flesh), it doesn’t matter.

                      1. 1

                        There is something to be said to protect that invariant with precondition for these functionalities. When people start to actually use it, they will encounter the precondition, verify the implementation, fix it or simply remove the precondition.

                        Slightly off-topic, but that is also why I am always not entirely comfortable with current generics in the languages (especially the C++ template). It seems the way to express invariant is more limited and prone to errors (also, by being generics, you cannot really extensively “unit test” it).

                    1. 22

                      I don’t write tests to avoid bugs. I write tests to avoid memorizing the complicated functionality I need to implement.

                      1. 0

                        so you write tests to avoid documentation?

                        1. 3

                          I can’t speak for op, but where I work its normal to rely upon our tests as reliable documentation on how our api should be integrated with.

                          1. 1

                            I could see how one ‘documents’ the workings of unexposed subsystems, but using tests in lieu of API documentation doesn’t sound like a great idea.

                            Granted we never can talk in absolutes; there are certainly projects out there which have neither tests nor documentation and are doing OK.

                            1. 1

                              Nothing I work on currently has a public api but also the majority of our api’s are undocumented beyond looking at implementation within unit tests or our webapps. This isn’t because we don’t need api documentation, it would be handy to have, just that when on-boarding new developers walking them through the unit tests has been good enough for them to go onto work on those api’s.

                              If we did anything public facing, API documentation would become a top priority because while most developers can infer from unit tests how things work a lot are too time constrained or too lazy to do so and will skip a tool or library with that kind of friction.

                          2. 3

                            There’s a difference between documentation and unit testing. Is your documentation automatically checked? I am sure it’s not, except you’re writing doc tests.

                            1. 1

                              It helps to read my question in the context of the GP’s comment.

                            2. 1

                              To avoid documenting all of a function’s required output (and god forbid, side-effects) as a result of all possible input, yes. But tests cannot replace documenting the intended use and context and maybe historical perspective of a function. If the function name with the argument names and types cannot capture this sufficiently I additionally provide documentation.

                              1. 1

                                Fair enough, if that works.

                          1. 5

                            It’s 1000 years old in binary!

                            1. 3

                              This is a half-depth cabinet. Great for patch panels, most switches and routers, but your options for mounting servers are going to be limited.

                                1. 1

                                  They don’t prevent, but they do reduce, or perhaps inhibit.

                                  Clearly I need a domain for this knowledge.

                                  1. 4

                                    if you were going to infect 20 people without a mask, but instead you infected 10 people with a mask, the mask prevented 10 infections.

                                    1. 2

                                      But what you really should have done was stay at home when you had symptoms indicating you’ve got a transmissable disease. Even mild symptoms. Then you wouldn’t infect anyone.

                                      1. 0

                                        If you were going to crash into two ships but only crashed into one, did your actions prevent a crash, or just reduce the damage from your crash?

                                        In your scenario, the mask prevented ten infections. It did not prevent the spread. It inhibited infection (the 10 may be asymptomatic or experience fewer symptoms due to lower volumes of virus).

                                        We have a rich and very fuzzy language, let’s agree to use the wide variety of words we have to express ourselves.

                                        1. 6

                                          We have a rich and very fuzzy language, let’s agree to use the wide variety of words we have to express ourselves.

                                          oh stop with this this tone-policing, “everything has to be about how polite we are” nonsense. Both of my parents had Covid. One of their friends died of it.

                                          This isn’t a thought experiment. It’s not a game. It’s not a simulation. Your semantic thought experiments wind up convincing people not to wear a mask because they “don’t prevent the spread”, a conclusion so plainly false on its face that it’s ridiculous. When somebody says “masks prevent the spread” they’re not saying “if you put on a mask the virus is instantly eradicated”. When “ten fewer people get infected” gets countered with “it did not prevent the spread” all you’re showing is that you are more convinced of some abstract argument about semantics than other people’s actual lives. What is the result of you “being right” in this argument, downplaying the efficacy of mask-wearing? An asymptomatic observer concluding you’re in the right might say “you know, maybe I shouldn’t wear a mask, it doesn’t actually prevent the spread”, infecting someone they might not have otherwise infected.

                                          I’m not going to play this toxic game of dandy politeness where we curtsy and bow and say “good day” “I disagree with your argument! but disagreement nourishes the mind!” and giggle about how much disagreement makes us wiser. Your ego is literally deadly. Your ego is literally endangering other people’s lives.

                                          1. 1

                                            Why do you think I don’t wear a mask? I’ve got one next to me at my desk at home right now.

                                            Do you think that lying using language and saying masks mean nobody will get corona (prevent) is better than the truth of inhibit?

                                      2. 1

                                        WHO has your back:

                                        “However, the use of a mask alone is insufficient to provide the adequate level of protection and other equally relevant measures should be adopted” 1

                                        They have also said that asymptomatic carriers rarely transmit:

                                        “Current evidence suggests that most transmission occurs from symptomatic people through close contact with others.”2

                                        http://canyoumakemewhereamask.ynaas.com/

                                        1. 2

                                          Thanks for the WHO reference, a quote from the website expands a bit on your summary.

                                          Accordingly, most recommendations by WHO on personal protective measures (such as use of masks and physical distancing) are based on controlling transmission from symptomatic patients, including patients with mild symptoms who are not easy to identify early on.

                                          1. 2

                                            WHO has dispensed too much of damaging advice this year.

                                        2. 1

                                          Do people hate dashes in domain names or something?

                                          http://do-masks-prevent-the-spread-of-corona-virus.ynaas.com/

                                          ^– is more readable in my opinion.

                                        1. 5

                                          Home:

                                          • Messing around with tooling to write a simple Lisp for the Amstrad CPC. Currently struggling a bit with the SDCC compiler; discovering that a couple of issues that I thought were with my decades-rusty (heh) C skills were actually compiler limitations.

                                          • Getting a non-trivial app running in my Common Lisp dev environment for the PinePhone. Probably going to start with an itch-scratching app, likely a Signal client.

                                          Work:

                                          • Continuing to work as a technical product manager, on long-term contract to a large and growing fintech company. Focusing on helping them grow an internal platform culture - lots of challenges, high pressure, lots of fun :)
                                          1. 3

                                            For classic Z80 systems you very much have to resort to assembly as you can’t really afford inefficient compilation. I had an interpreter (sans tokenizer) done a while back in Z80 assembly, the concept shamelessly stolen from that old Steele&Sussman MIT memo. A naïve implementation so not the most efficient memory layout (uses 6 bytes per cons cell), but small enough to see how it comes together.

                                            1. 2

                                              There’s already an assembler element - writing Amstrad firmware specific stuff, and I’ll have to hand-code the bank-switching stuff in assembler too. So maybe I just need to bow to the inevitable :)

                                            2. 2

                                              Whoa, a Common LISP Signal client for Pinephone? That is incredibly cool!

                                              Will CommonLISP’s UI render properly to that small screen / touch context?

                                              1. 3

                                                Well … a CL Signal client that uses FFI to drive the Signal C library :) That’s the plan at least. At the moment I have a ‘hello world’ working:

                                                https://gitlab.com/duncan-bayne/mobili/-/raw/master/doc/hello-world-resized.jpg

                                                No idea whether the McCLIM UI will be usable on mobile; part of this project is to figure that out :)

                                                I’ll use this experiment to refine my tooling. At the moment, it works by having a running SBCL instance on the phone, driven by SLIME inside Emacs on my dev laptop.

                                                Oh, also, I’m not 100% sure that CL startup time will be feasible for mobile apps. I’ll be investigating that too, and workarounds if necessary. E.g. having a pre-warmed SBCL instance loaded at any time, and then have that load an app when requested, then start up a new pre-warmed instance …

                                                Fleshing that out a bit - my thinking is that apps for this mechanism would be shipped in source code form, and compiled as part of the installation process. This is just vaporware that exists inside my head ATM, but the goal is to avoid architecture dependency, and to empower users to inspect and modify the software running on their devices.

                                              2. 1

                                                Getting a non-trivial app running in my Common Lisp dev environment for the PinePhone. Probably going to start with an itch-scratching app, likely a Signal client.

                                                I thought that Signal didn’t allow third-party clients? Or do they just not want to support them, but won’t ban you like WhatsApp?

                                                1. 1

                                                  It turns out the C library I found was just for the crypto - they do provide an API client, but it’s Java-only. Needs more investigation …

                                              1. 2

                                                Doing a failover with hot standby redundancy solution for a distributed industrial system. Things that need redundancy are the control system (managing hundreds of networked nodes) and PTP grandmaster clock.

                                                So far thinking along these lines:

                                                • Control system C1 is designated primary, C2 secondary, with a heartbeat connection between
                                                • When C2 misses C1, it offers takeover to the networked nodes it can reach
                                                • Each node affirms takeover to C2 if it also finds C1 unreachable
                                                • C2 tallies the replies and over a certain threshold of total amount of nodes commits to takeover
                                                • Upon C1 re-availability, it cedes control

                                                The clocks I hope could just be configured with different priority weights.

                                                1. 3

                                                  Not sure if your setup allows it, but why not make it active/active? It would be far easier to scale up in the future, you’re sure the failover node will always work as it’s doing part of the job all the time and dr tests become more boring as it’s just a matter of shutting down one node.

                                                  Please note I have no experience whatsoever with industrial systems, only (very high-available) appservers and webservers. Just think the problem you’re having is probably more interesting then a webserver.

                                                  1. 3

                                                    It’s a fire detection and evacuation assistance system, where all nodes have to work in sync (hence the clock) and with coordinated actuation. So it’s hard to do with more than one authority at any time.

                                                1. 1

                                                  So I rigged a sio2usb cable last weekend, means going to enjoy some quality 8-bit Atari gaming.

                                                  • Alley Cat
                                                  • Boulder Dash
                                                  • Montezuma’s Revenge
                                                  • Bruce Lee
                                                  • Ninja
                                                  • River Raid
                                                  • International Karate
                                                  1. 2

                                                    Making a SIO2USB cable for my Atari XEGS.

                                                    1. 16

                                                      Maybe he would like to skip math and physics classes as well, and focus on “curiosity” instead? It’s all far cry from top level research after all.

                                                      1. 23

                                                        This reminds me of a talk Simon Peyton Jones gave at TEDxExeter:

                                                        So you might say “all right, so you convinced me reasonably that computer science is kind of interesting and maybe some kids should do it, but should every child do it from primary school?”

                                                        So let me ask you this: why do we ask every child to learn science from primary school? Not because they’re all going to become physicists. So why?

                                                        It’s because science teaches us something about the world around us, and that if we know nothing about the way the world around us works, we’re disempowered citizens. Even when you switch on the lights, you know that the light doesn’t happen by magic, it happens by electricity, that comes along wires, wires can be dangerous, the electricity comes from a power station, the power station burns fuel, it may cause global warming, all of that is underpinned by the science knowledge that you gained at school – whether or not you’re a scientist.

                                                        And so I think it’s very important that every child knows something about the digital world that they inhabit, which as we heard in our previous talk infuses every aspect of our lives.

                                                        1. 3

                                                          I would even argue that programming is more valuable than “science” as it’s taught—at least in public schools in the U.S. as I experienced them—because a major part of understanding programming is understanding logic. The universal concepts of contradictions, implications, and givens can easily be taught with concrete demonstrations in programming. (Electronics would work, too, but in that case a lot of the concepts get lost in the “fiddly bits.” Did your circuit break because your logic was wrong, or did you wire a diode in the wrong way…?)

                                                          1. 6

                                                            (Electronics would work, too, but in that case a lot of the concepts get lost in the “fiddly bits.” Did your circuit break because your logic was wrong, or did you wire a diode in the wrong way…?)

                                                            Programming has fiddly bits too, like syntax errors.

                                                            1. 4

                                                              Absolutely! I guess I just find them more tractable than errors in circuits. At least you get an error message…

                                                              1. 2

                                                                I feel the same way, but I strongly suspect it’s because I’ve spent more hours of my life debugging the errors you encounter when writing software, than the errors you encounter when developing physical hardware.

                                                        2. 2

                                                          This reminds me of a Feynman story…

                                                          https://rangevoting.org/FeynTexts.html

                                                        1. 3

                                                          You often hear how Lisp lets you define your own domain-specific language via macros. Well this one is not the case.

                                                          Instead, it is an elaborate virtual machine with own semantics/instruction set. From these, one can construct complex operations over data that are then composed into single program which can be compiled at run time (Common Lisp has compiler accessible as a call in “standard library”). As most Common Lisp implementations compile to native code, this is indeed a domain-specific JIT compiler as advertised.

                                                          1. 4

                                                            For all the shitstorm, I see no actual bug report invalidating results in the open issues. Can anyone please point it out?

                                                            Otherwise it feels all the testards and drive-by team leaders will teach researches better than to open up their code.

                                                            1. 7

                                                              This pretty much matches my impression as well – it’s hard to wonder if any of the people who wrote those “analyses” ever used – let alone wrote – simulation software.

                                                              There’s enough incorrect material in them that writing a rebuttal would be tedious (plus I really ought to stop wasting time on Lobste.rs and get back to work…). But I just want to point out that the rhetoric matches the analysis.

                                                              For example, in this article you see things like:

                                                              “A few people have claimed I don’t understand models, as if Google has no experience with them.”

                                                              unless the author of the article is Google, that’s pretty much irrelevant. Google has hundreds of thousands of employees, I bet quite a few of them don’t understand models. (The author of this article is definitely one of them, by the way).

                                                              Edit: it’s nothing to be ashamed of, at any given moment there’s an infinite amount of things any of us doesn’t understand. But ranting about things one does understand usually gives better results.

                                                              1. 4

                                                                Are you saying that nondeterminism doesn’t matter because the model is supposed to be nondeterministic? Then why are they nevertheless fixing the nondeterminism bugs?

                                                                Do you understand the value of reproducible research, which logically implies making the source code open in this case? Are you aware that Ferguson’s code wasn’t open source for over a decade, and that is part of the problem?

                                                                1. 8

                                                                  To answer the nondeterminism part, normally you take a large set of runs and analyze them as a group.

                                                                  For example, a monte carlo of a gamma particle tunneling through radiation shielding is inherently non deterministic, however a large number of runs allows you to find the distance necessary for most if not all particles to be stopped safely. Nondeterminism is not an issue if the behaviors involved allow you to derive reproduceable results from the aggregate.

                                                                  That said, software bugs like incorrect branching can also be nondeterministic. The degree to how much they affected the simulation is often done through error propagation analysis or comparing the results before and after. Not all bugs are created equal - many can be obviously wrong but not “infect” the results enough to trash them. Still can muddy it tho.

                                                                  That’s why yes you fix bugs in nondeterministic models because the model is meant to be the only source of nondeterminism. Bugs have to be reduced out enough to avoid tainting the result set

                                                                  1. 3

                                                                    To answer the nondeterminism part, normally you take a large set of runs and analyze them as a group.

                                                                    If your simulation is meant to be nondeterministic, then good reproduceable science uses a strong PRNG and takes a seed from a configuration. You run it with a fixed set of seeds but can then reproduce the same results by providing the same set of seeds. If it’s not meant to be nondeterministic then it’s a bug and it’s impossible to know its severity without knowing more (but in C++, it can be any kind of undefined behaviour and so the end result can be complete nonsense).

                                                                    1. 2

                                                                      For example, a monte carlo of a gamma particle tunneling through radiation shielding is inherently non deterministic, however a large number of runs allows you to find the distance necessary for most if not all particles to be stopped safely.

                                                                      Sorry if I misunderstand, but surely being careful with when and who is calling your PRNG helps limit this, especially in a single-threaded case?

                                                                      Over in game development the issues around non-determinism are a pretty well-known if not always well-solved problem and have been for near two decades, at least.

                                                                      1. 8

                                                                        (Note: not parent).

                                                                        There are processes – I’m not sure if gamma particle tunneling is one of them because solid-state physics isn’t exactly my field, but if I recall things correctly, it is – which are inherently probabilistic. It’s supposed to give different results each time you run it, otherwise it’s not a very useful simulator, and I’m pretty sure I read at least one paper discussing various approaches to getting a useful source of randomness for this sort of software.

                                                                        (Edit: there are various ways to cope with this and reconcile the inherent determinism of a machine with the inherent probabilistic character of a physical process, assuming you really do have one that’s probabilistic. It’s not as simple as yeah, we just write simulators that give different results each time you write them.)

                                                                        In this particular (i.e. Ferguson’s code) case, the non-determinism (fancy name for a bug. It’s a bug) manifests itself as a constant-ish extra error term – you get curves that have the same shape but don’t coincide exactly, at least not over the duration where the model is likely to give useful results..

                                                                        Unfortunately, that’s exactly what you expect to get when doing stochastic process simulation, which is probably is a plausible reason why it wasn’t caught for a long time. This kind of error gets “folded” under the expected variation. That can have two outcomes:

                                                                        • If the errors are random, then averaging several runs will indeed cancel them out
                                                                        • If the errors are systematic, then averaging several runs will yield an extra (likely time-dependent) error factor, but it’s hard to say if that actually changes the simulation outcome significantly without doing an actual analysis.

                                                                        Thing is, the latter case is usually swept under the rug because these models are meant to investigate trends, not exact values. If you look at the two graphs ( https://github.com/mrc-ide/covid-sim/issues/116#issuecomment-617304550 – that’s actually the only substantial example of “non-determinancy” that the article cites), both of them say pretty much the same thing: there’s a period modest, then accelerated growth, that settles for a linear growth after 50-60 days.

                                                                        It’s not really relevant if you reach 200,000 deaths in 62 or in 68 days – not because “reproducible outcomes don’t matter” but because there is an inherent expectation that a model that’s supposed to tell you how a flu will spread over 90-150 days in a non-homogenous population of 40,000,000 people is not going to be accurate down to a few days.

                                                                        Edit: to clarify – I’m not saying that’s not a bug, it is. But it’s definitely not clear that its impact over the simulation results is enough to invalidate them – in fact, if I were to speculate (which is exactly what the authors of these critical articles do, since they don’t actually run any numbers, either) I’d say they probably don’t. The one bug report shows only two curves, and that’s not even enough to refute the authors’ argument that averaging enough runs will cancel out these errors.

                                                                        Edit: also to clarify – what parent comment is saying is, IMHO, completely correct. The only source of non-determinism in the result should be the non-determinism in the model, and bugs that introduce extra error factors should absolutely be fixed. However – and this is the erroneous message that these articles are sending – tainted result sets can still provide valid conclusions. In fact, many result sets from actual, physical measurements – let alone simulations – are tainted, and we still use them to make decisions every day.

                                                                    2. 3

                                                                      Do you understand the value of reproducible research, which logically implies making the source code open in this case? Are you aware that Ferguson’s code wasn’t open source for over a decade, and that is part of the problem?

                                                                      There is a culture problem in academia around this, but it is getting better and more journals are requiring source code with paper submissions.

                                                                      In this case, the model has been reproduced by researchers using different Probabilistic Programming Languages (Turing.jl and STAN), which is the bar it needed to reach. Discussion of the implementation quality isn’t really useful or scientifically interesting. It’s the inputs and modelling assumptions that are interesting.

                                                                      (Draft?) replication post here: https://turing.ml/dev/posts/2020-05-04-Imperial-Report13-analysis Code for that post is here: https://github.com/cambridge-mlg/Covid19

                                                                  2. 4

                                                                    There’s coverage from the first link in the submission.

                                                                    1. 0

                                                                      “Lockdown sceptics”, seriously? “Stay sceptical, but presuppose the conclusion you want to reach and find facts in support of it”?

                                                                      1. 6

                                                                        That’s neither here nor there, let’s stay on discussion about the issues they’ve found.

                                                                        1. -2

                                                                          Yeah, they may have a perfectly good breakdown of issues in the simulation which affects results, I’m not discussing that. I didn’t take the time to read it (and probably won’t; the topic doesn’t interest me that much), and I should’ve been more clear that I’m not saying their findings are invalid. I just thought it was worth pointing out, and probably should be something people keep in mind while reading their review.

                                                                  1. 1

                                                                    It’s one of those weeks when nothing on agenda (incl. the coding parts) look very fun to do. Tons of administriva, knocking off rough edges in code before production, fixing VPN to customer demo site…

                                                                    1. 2

                                                                      Don’t worry, will be better some next week :) maybe even in this one you’ll still find some surprising wormhole that will pull you in and the day will pass with you not even noticing :)

                                                                    1. -10

                                                                      The author lives in a country where he doesn’t understand the language, and has a problem with not understanding websites? I think he needs to get out more, meet some people.

                                                                      1. 17

                                                                        The point is, it has nothing to do with the user’s current location. It’s about the user’s preference. The browser has a way to indicate the visitor’s preferred language (e.g., Accept-Language header or navigator.language constant) and the choice should be respected if possible. Relying on the geolocation does not respect that choice.

                                                                        I live in France and I am a French native speaker, but my browser is configured to get the “en” version if available. I have my reasons for that, and I don’t want the French version just because my IP address is French.

                                                                        1. 14

                                                                          I prefer most web services that are not based in Sweden to be presented in English, simply because they usually have machine-translated Swedish that is awful.

                                                                          1. 3

                                                                            One of my first gigs was with the team who worked on the site for Familjens Jurist. At the time, the client insisted on using Google Translate instead of conventional internationalisation.

                                                                            One of the pages was entitled “Få barn”, which Google decided to translate as “Few children.”

                                                                            :’)

                                                                            1. 2

                                                                              Man, that’s really cheap… it’s not as if people seeking legal advice won’t notice crappy language…

                                                                          2. 11

                                                                            What a curious sentiment; in almost all locations there’s an expat community where the general language is English, and in many non-English speaking countries many locals speak English fluently enough to hold meaningful conversations. Learning a language fluently enough to actually speak it well takes over a year if you study hard at it, which is why most expats that are in a place for 1-2 years just stick to English.

                                                                            1. 2

                                                                              And then, consider the places that don’t use Latin script.

                                                                              Even without trying most people will learn some of the local language through immersion, and if the characters are generally pronounced the same as your native tongue/English, it’s just a matter of sounding out the word.

                                                                              I speak some Thai. I have zero expectation of ever (successfully) reading or writing a single word or even character in Thai script.

                                                                            2. 8

                                                                              They may have recently arrived, or knew from the start their relocation is short-term/temporary so investing in learning the language makes no point.

                                                                              What’s wrong with pointing out the actual clear, technical issue anyway?

                                                                              1. 3

                                                                                What is the actual, clear, technical issue? At a guess, site operators optimise to reduce customer service costs, x Germans don’t have their browsers set to German and don’t read much English, and complain when they get English prose, and x is greater than the number of countryhoppers who actually want English.

                                                                                1. 9

                                                                                  The actual issue is the Web server using geotarding instead of browser language settings, which costs are you even talking about?

                                                                                  EDIT: OK I would understand how you have a point if you open DW for the first time in your life. Maybe. But not the global internet corps that don’t have any support either way? Bloody Google would happily serve you the landing page in traditional Chinese when you are in .tw, even if they have two decades worth of your personal data and fresh browser cookies on the same machine you used at home.

                                                                                  1. 6

                                                                                    I’ve heard this explanation before and I don’t understand it.

                                                                                    If your OS/browser is set to English, how the fuck are you using it without being able to read English?

                                                                                    1. 4

                                                                                      By using a colleague’s PC. By just having factory reset the phone, and leaving it at default. A lot of people here know enough English to use a browser, even if not enough to know what [insert Fachbegriff here] is called in English.

                                                                                      That blog posting reminds me of a comment by James Hague years ago. From memory, “now that I’ve thought about this for a minute, let me explain what’s wrong with your code and design.” The author doesn’t even try to think about what the reasons might be that this “error” has become so common.

                                                                                      1. 5
                                                                                        • Doesn’t a browser use the OS’s configured language?

                                                                                        • Doesn’t resetting a phone ask you for the language to use (it does for iOS!)?

                                                                                        • Don’t most users setup or buy their equipment in their native language?

                                                                                        Geocoding is done for “whiz bang!” in my experience. It has no backing data other than a few scattered anecdotes. If it turns out the the overwhelming majority of browsers are configured correctly for language support, then the geodetection language is a misfeature by definition.

                                                                                        1. 1

                                                                                          At the job where I counted this, the number of probably misconfigured browsers outnumbered the number of probably wilfully strange language settings. Both were in the low single percentages.

                                                                                          (And at both jobs where I’ve done geocoding, we did it in order to offer the right things. To offer users what we would be able to sell them. (EDIT: Actually I’m not sure about that. I know that that reason was a contributing reason, but I wasn’t at the meetings where it was decided, and there may have been other reasons.))

                                                                                    2. 1

                                                                                      If you have a VPN or you are in one of the non anglophone countries, try this out: set your language to [en-gb] or [en-au] and go to google.com in a private window. What do you see?

                                                                                      The problem is that they cared enough for a shitty solution using an ad-hoc means but not enough for a good solution which does not seem to be any harder (I would say easier because one does not require possibly outdated geo-location databases for this).

                                                                                1. 7

                                                                                  Because of the brackets? I never quite understood how this can be found aesthetic or intuitive to be honest:

                                                                                   (defun factorial (n)
                                                                                     (if (= n 0) 1
                                                                                         (* n (factorial (- n 1)))))
                                                                                  

                                                                                  Python is not my favorite language either, but this looks just so much better:

                                                                                  def factorial(n):
                                                                                      if n == 0:
                                                                                          return 1
                                                                                      else:
                                                                                          return n * factorial(n-1)
                                                                                  
                                                                                  1. 14

                                                                                    My suspicion is that you haven’t spent enough time with it.

                                                                                    Over the years I’ve used languages with wildly different syntax (Lisp, Haskell, Ada, Python, Erlang) , and after a few months with any of them, my eyes and brain filter out the syntax and all I really think about is the semantic structure and what the code’s doing.

                                                                                    I think it’s part of the reason people are so persnickety about code formatting - consistent formatting makes common idioms and syntax elements easier to read at a glance.

                                                                                    1. 4

                                                                                      I actually agree that it looks better, but I think that’s besides the point. For me the benefits of the S-expression syntax outweigh what I feel a is minor cost in aesthetics. Those benefits include: simplicity through uniformity, no ambiguity, and interchangeability of code and data (meta-programming).

                                                                                      1. 3

                                                                                        This is a matter of subjectivity for anyone who’s experienced with programming. For instance, I find the Lisp version much more beautiful. The indentation “flows” in a way that is much more curvy and less blocky than the majority of other languages - less so in the example that you gave, but in the general case.

                                                                                        Why do I think that it’s more beautiful? Because, even though I wrote Python and C for 4 years, I discovered and wrote Common Lisp for 5 years after that, and my tastes have changed. I think that it’s more interesting to ask beginners which syntax they prefer.

                                                                                        (not relevant to my point, but you might be interested to know that after you’ve written Lisp for a few months, the parentheses fade from your perceptual awareness. Lisp programmers read code mostly using indentation - we don’t count parentheses)

                                                                                        1. 1

                                                                                          Your Python snippet is longer than Lisp one while not conveying extra complexity. Another way to say, less elegant.

                                                                                          1. 1

                                                                                            Oh? Lisp: 29 tokens, Python: 24 tokens. If I count python indentation as a token, then python goes up to 28 or 30 tokens (more if 2 indentations on a row equals 2 tokens), which seems like a off-by-one error rather than clear win for either :)

                                                                                            1. 1

                                                                                              I don’t think that calling Lisp parens “tokens” is very accurate, because (1) they’re pervasive (more so than newlines by far) which leads to (2) tooling+experience causes them to perceptually vanish.

                                                                                              In other languages, you notice every parenthesis. In Lisp, you notice few (but you do notice some). I perceive that code fragment as:

                                                                                              defun factorial (n)
                                                                                                if (= n 0) 1
                                                                                                  * n (factorial (- n 1
                                                                                              

                                                                                              I agree that there is no clear winner, though, even if you fix the Lisp formatting:

                                                                                              defun factorial (n)
                                                                                                if = n 0
                                                                                                  1
                                                                                                  * n (factorial (- n 1
                                                                                              

                                                                                              (note the unmatched open parens) I think that much more interesting examples involve larger and more complex code, which allows you to (reasonably) compare Lisp macros against the abstraction features of other languages.

                                                                                          2. 1

                                                                                            Clojure:

                                                                                            (defn factorial [n]
                                                                                              (if (zero? n)
                                                                                                  1
                                                                                                  (* n (factorial (dec n)))
                                                                                                  ))
                                                                                            
                                                                                            1. 1

                                                                                              Tbh, when you use it enough all you see is this anyway:

                                                                                              defun factorial (n):
                                                                                                 if (= n 0):
                                                                                                    1;
                                                                                                     * n (factorial (- n 1));
                                                                                              

                                                                                              Which amounts to about the same as python.

                                                                                            1. 6

                                                                                              As much as I dislike snap, this post is overly dramatic. You can easily download the non-ubuntu chromium binary and install it without need of snap.

                                                                                              The main problems of snap, which are “irreconcilable differences” that will alienate a part of the population, are:

                                                                                              1. hardcoded home directory pollution
                                                                                              2. user home must be inside /home/
                                                                                              3. cannot disable the automatic update feature
                                                                                              1. 9

                                                                                                You can easily download the non-ubuntu chromium binary and install it without need of snap.

                                                                                                I suppose they want to use official packages from a reputable repository. Installing binaries manually really is bad practice for security and maintainability reasons.

                                                                                                1. 2

                                                                                                  I installed the official chromium .deb for Debian and it works flawlessly. (I prefer firefox, but jitsi does not work well in firefox).

                                                                                                  1. 4

                                                                                                    Is that a repository, or a single .deb file? If the latter, that doesn’t get updates along with regular system maintenance. If it’s an external repository, that could be a decent solution depending on how much you trust it.

                                                                                                    1. 2

                                                                                                      if chromium is anything like regular chrome or firefox they are updated out of cycle with the rest of the system anyway, unless you happen to turn auto-updates off

                                                                                                      1. 4

                                                                                                        At work I’m using Chromium and Firefox from the Debian repositories. Auto updates are turned off and will use the standard system update mechanism.

                                                                                                        Having random binaries update themselves in a system sounds like a recipe for madness to a sysadmin. Also, how does that even work in a multi-user system where they’re installed system wide? Does that mean these binaries are setuid root or something?

                                                                                                    2. 2

                                                                                                      jitsi does not work well in firefox

                                                                                                      I keep hearing this, but I use jitsi from firefox every day and don’t have any issues. There was a feature missing in firefox about a year ago that was preventing jitsi from working, That was reported and fixed eventually although it took a while to get through the system. Maybe there are still some minor issues but nothing I have seen that makes me want to switch to chrome.

                                                                                                      1. 5

                                                                                                        Firefox’s implementation of WebRTC has some issues that make Jitsi scale poorly when anyone in a call is on Firefox. This is fine for small groups; it only becomes an issue if there’s more than 10 or so participants.

                                                                                                        1. 2

                                                                                                          Ok, thanks for clarifying that. I can confirm I am only using it in small groups.

                                                                                                  2. 5

                                                                                                    I really don’t understand why Ubuntu pushes Snaps when there is Flatpaks (desktop) and Docker (server), unless what they really want is to generate lock in. I wished they were more collaborative and smarter about what maked them stand out (like being a polished desktop Linux). Point 1. was one of the reasons for me to switch to Fedora.

                                                                                                    1. 9

                                                                                                      I find the existence of both Flatpak and Snap confusing. They seem to solve a problem that only exists for a limited set of software within an already very limited niche of users. Web browsers on desktop Linux distros seem to be well-served by them, but how many engineer-years have gone into building these things?

                                                                                                      I suspect there’s some big benefit/use-case that I’m completely missing.

                                                                                                      1. 12

                                                                                                        I find the existence of both Flatpak and Snap confusing.

                                                                                                        This!

                                                                                                        Snap and flatpack try to solve two completely unrelated problems: application sandboxing and package distribution, and do a notoriously bad job at each one.

                                                                                                        Application sandboxing should be an OS-feature, not requiring any action by the potentially hostile application distributors. Thus, it should be able to act upon arbitrary programs. If I want to run “ls” in a controlled container, so be it. Any application, no matter how is it distributed, must be sandboxable.

                                                                                                        Package distribution is a different thing. At this point, it seems that nearly all of the problems can be solved by distributing a static executable as a single file.

                                                                                                        1. 2

                                                                                                          If I want to run “ls” in a controlled container, so be it.

                                                                                                          That may be rather difficult. It already needs access to the whole filesystem…

                                                                                                          1. 3

                                                                                                            But it doesn’t need to access to the network, or file contents and it definitely should not be allowed to change anything. Plenty of permissions to restrict.

                                                                                                            1. 2

                                                                                                              or file contents

                                                                                                              Can you restrict that on Linux? Is there a separate permission for reading files and reading directories?

                                                                                                              You’d also need a whitelist for reading some files, such as shared libraries and locale.

                                                                                                              and it definitely should not be allowed to change anything

                                                                                                              Well it has to be able to write to stdout… which could be any file descriptor.

                                                                                                              1. 1

                                                                                                                Can you restrict that on Linux? Is there a separate permission for reading files and reading directories?

                                                                                                                So long as the directory has r-x (octal 5) permission, and the file does not have read r permissions you can browse the directory but not read the files contents.

                                                                                                                1. 3

                                                                                                                  No I mean is there a way to allow readdir but not read? AFAIK Linux does not have that level of granularity.

                                                                                                        2. 1

                                                                                                          This is entirely new to me too.

                                                                                                          From the wikipedia entry https://en.wikipedia.org/wiki/Snappy_(package_manager):

                                                                                                          The system is designed to work for internet of things, cloud and desktop computing.

                                                                                                          So it’s a more light-weight Docker I guess.

                                                                                                          1. 6

                                                                                                            I’m not sure how much more light-weight they can be, given that Flatpak and Snap are both using the same in-kernel container mechanisms (cgroups, namespaces, seccomp etc.) as Docker.

                                                                                                            1. 4

                                                                                                              Somewhat tangential (maybe you happen to know, or somebody else who does is reading) – is the sandboxing any good these days, and do Flathub applications/other packagers user them? About two years ago, when Flatpak was just getting hot, the flurry of “this is the future of Linux desktop” posts convinced me to spend a few weekends with it and it was pretty disappointing.

                                                                                                              It turned out that virtually all applications on flathub had unrestricted access to the home directory (and many of them had unrestricted access to the whole filesystem), even though it showed the pretty “sandbox” icon – arguably not Flatpak’s fault I guess, but not very useful, and also not very assuring (features that go almost completely unused tend to be broken in all sorts of ways – since no one gets to use them and hit the bugs). Lurking through the bug tracker also painted a pretty terrible picture – obvious bugs, some of which had had serious enough CVEs assigned for months, lingered for months. So basically it was (almost) zero sandboxing done by a system that looked somewhat unlikely to be able to deal with really malicious applications in the first place.

                                                                                                              (Edit: I don’t mean that Flatpak, or Snap, are bad as a concept – and I also want to re-emphasize, for anyone reading this in 2020, that all of this was back in 2018 or so. But back then, this looked like years away from being anything near something you’d want to use to protect your data – it wasn’t even beta quality, it was, at best, a reasonable proof of concept.)

                                                                                                              Also, even though this was all supposed to “streamline” the distribution process so that users get access to the latest updates and security fixes more quickly, even the most popular packages were hopelessly out of date (as in weeks, or even months) in terms of security fixes. I expect at least this may have changed a bit, given the increase in popularity?

                                                                                                              Has any of this stuff changed in the last two years? Should I give it another go this weekend :-) ?

                                                                                                              (Edit: I can’t find my notes from back then but trying to google around for some of the bugs led me here: http://flatkill.org/ . There’s a lot of unwarranted snark in there, so take it with a grain of salt, but it matches my recollections pretty well…)

                                                                                                              1. 4

                                                                                                                It turned out that virtually all applications on flathub had unrestricted access to the home directory (and many of them had unrestricted access to the whole filesystem),

                                                                                                                A cursory GitHub search of the Flathub organization shows ~150-200 applications have --filesystem=host or --filesystem=home each. And close to 100 have --device=all. So it seems that a large portion is still effectively unsandboxed.

                                                                                                                Lurking through the bug tracker also painted a pretty terrible picture – obvious bugs, some of which had had serious enough CVEs assigned for months, lingered for months.

                                                                                                                This is a disaster in the making. Outside the standard SDKs that are provided through FlatHub, applications compile their own picked versions of… pretty much everything. Just going over a bunch of Flatpaks shows that the dependencies are out of date.

                                                                                                                That said, I see what they are aiming for. The broad permissions are caused by several issues that will probably be resolved in time: broad device permissions are often for webcam access, which should be solved by Pipewire and the corresponding portal. The home/host filesystem permissions can partially be attributes to applications which use toolkits for which the portal mechanism isn’t implemented.

                                                                                                                The problem that every Flatpak packages their own stuff is more concerning though… I know that the aim is to be distribution-independent, but it seems like a lot could be gained by allowing re-use of regular packages within Flatpaks.

                                                                                                              2. 2

                                                                                                                I’m thinking more lightweight conceptually. Docker is seen as a sysadmin/devops thing, Snappy is more like a mobile app.

                                                                                                                1. 3

                                                                                                                  In practice however it is still a sysadmin thing.

                                                                                                        3. 4

                                                                                                          You can easily download the non-ubuntu chromium binary and install it without need of snap.

                                                                                                          Then you’re either stuck using PPAs (which is a no-go for certain environments) or manually updating the DEB. Both of which are not good options when it should be as easy getting updates from the official repositories.

                                                                                                          1. 0

                                                                                                            I’ve found Chris’ recent posts to be increasingly histrionic. He’s otherwise been a reliable read for ages.

                                                                                                            1. 1

                                                                                                              You say that but I’d agree it’s a serious bug or even just WTF moment.

                                                                                                              Yes, there’s the FHS - but nowhere it says (afaik) that software should break if you change something like this, which isn’t even an edge case but has been done for decades.

                                                                                                              1. 1

                                                                                                                I don’t disagree with that. It seems like a poor limitation that deserved more attention from the devs once reported. And it would have likely caused problems at the last place I was a Sysadmin.

                                                                                                                What I’m complaining about is the tone with which he’s presented the issue. And it’s not limited to this post; I’ve been reading his blog for about ten years and it’s been a high quality read for most of that time, until relatively recently when the tone has been more entitled and (for want of a better word) whingy which detracts from the substance of what he’s writing about.