Threads for bradfier

    1. 0

      Do we allow paywalled articles now?

      1. 2

        I use a regex redirect extension to rewrite medium URLs to, the alternative viewer-respecting fronted to Medium.

        Here you go:

        That said, if you already know what PGO is, there’s no point in reading the article.

      2. 1

        My apologies, I didn’t realize there was a paywall… loads just fine for me.

        1. 1

          Medium and its A/B tested monetization is fickle and part of the reason nobody should use it for publishing content.

    2. 5

      Company: PassFort

      Company site:


      Software Engineer - Hiring for a range of seniority levels

      Description: At PassFort, we share a powerful vision to enable businesses & individuals to establish trust online.

      Our platform lets clients bring together data from hundreds of sources, and empowers them to make better KYC decisions more quickly through factor-based Risk Scoring, and a graph-like policy engine.

      Tech stack: Rust - Python - React

      On the back-end you’ll be building distributed systems that aggregate this data and process these automated workflows, scaling across thousands of companies and millions of individuals.

      On the front-end, we’re building an intuitive portal that lets our users find the information they need quickly, laying out these complex data sets in ways you can understand at a glance.

      Location: Remote - UK/EU/US - London Office Available

      Compensation: Competitive based on experience, please see the linked roles for more details on benefits.

      Visa: Yes - For UK Relocation

      Contact: Contact us via our Jobs Page or send me a DM here.

    3. 27

      The biggest problem you’ll have with evading sanctions in this manner is US OFAC Sanctions are applicable to any business that transacts in USD, which is basically the entire tech sector.

      I’d suggest dual stacking, with a ‘local’ .ir domain to guard against the case where an ‘unfair’ set of sanctions is levied against Iran again that would cause you to lose another domain, and a domain from a European liberal democracy (like .is suggested in another comment) to guard against the “Revolutionary Guard doesn’t like my posts” case.

      1. 19

        This. You have to identify your threat model before defending against it.

        If your threat models are the US and Iran, in my view you can go with countries that are either too enlightened and self-sufficient to care much about their beef with each other or their own citizens (.is, .se, .ch, etc), or countries that are too small and mercantile for them to care much about (.io, .to, etc.) Of course, nothing is going to really save you from a determined state-level attacker.

        1. 11

          or countries that are too small and mercantile for them to care much about (.io …)

          .io isn’t run by the country it supposedly represents.

          1. 3

            But it is run by a small and mercantile one :)

        2. 3

          Except for .onion I think.

          1. 2

            exploits are cheap.

      2. 4

        It’s worth noting that there are basically three cases where you need to care about the US blocking your blog:

        • You live in a country that the US places under embargo.
        • You have a legal judgement against you in the USA.
        • You become a person designated as a terrorist by the US intelligence agencies.

        In the first case, you have many, many other problems with anything technology related and you’re best off looking at a complete hosting stack in your country or a friendly one. Whether you can reach people in the US is a separate issue.

        The second one is more likely. If someone in the US decides that you’re infringing their trademark with your domain, for example, then you have to defend the case in the US, which is expensive. In this case, you can lose the domain. The same is true for international trademarks elsewhere, so at least registering in a locale that you can easily travel to and where the rules about who pays costs are friendly to you may make sense. If there is a criminal prosecution of you in the US and you don’t attend the court, then remember that this will make it impossible for you to ever travel to / through the US and may make it difficult for most global financial institutions to do business with you.

        In the third situation, control over your blog is going to be absolutely the last thing that you care about.

        TL;DR: If US government action against you is a realistic part of your threat model, then the domain name under which your blog is registered is the least of your problems.

        1. 3

          In the first case, you have many, many other problems with anything technology related and you’re best off looking at a complete hosting stack in your country or a friendly one. Whether you can reach people in the US is a separate issue.

          This is all true I assume. But at the same time, all of this stuff can be done later. If you can’t use Amazon or Linode or DigitalOcean anymore due to an embargo, you can reasonably quickly move everything over to a cloud which does business with Iranians. But the domain can’t just be moved over; if you write a bunch of content on your .com blog, and links to your blog posts end up all over the place, all those links will break if Verisign doesn’t want to do business with you anymore.

          The only part of the stack which can’t be replaced with an Iranian or self-hosted alternative is the domain, so it makes sense to worry more about that than about everything else.

      3. 1

        This is wise. Thank you.

    4. 12

      Points 1 to 4 in this article are almost entirely reasonable, and then the fifth one jumps off the deep end with no regard for its own safety.

      1. 6

        “Almost” is carrying a lot of weight here. The assertion that MSFT has “killed” JavaScript is still remarkably popular1, though if you’re inclined to worry about JavaScript being supplanted then I can see why the rapid popularity of TypeScript might alarm you.

        I don’t know enough about the TypeScript community + governance to say how alarming it is that MSFT controls it. As far as I know it’s all ASL 2.0, so if MSFT turns out to be a big evil baddie here, the larger community could fork it and move on.

        No. 4 is not “almost” reasonable. First, it makes several assertions about what “will” happen and claims “99 out of 100 times” people advise VSCode as the best editor on the planet. The claim is utter garbage and even if it were true, that’s not entirely on MSFT. People have free will - they can decide to use VSCode, Vim, Emacs, or TextEdit or whatever to edit TypeScript or JS or whatever.

        But the worst part here is the phrase “If a for-profit corporation, like Microsoft, gives you something free, be prepared to become raped at some point” (verbatim from the post) At this point, I’m done with the author before we even get to the capper of “Act 5” which is just drivel.

        “open source is about to be monetized” .. about to be? About to be?

        Also, the author ignores the fact that MSFT has actually done a lot of work to develop and popularize TypeScript.

        And that if there really is “a community of hundreds of thousands of active JavaScript developers,” again, they can fork TypeScript and route around a hostile npm if necessary.

        1. 5

          First, it makes several assertions about what “will” happen and claims “99 out of 100 times” people advise VSCode as the best editor on the planet.

          The last Rust community survey I looked at was roughly:

          • 40% VS Code
          • 40% vim
          • 20% everything else

          I wouldn’t be surprised if JavaScript developers are more likely to want a different kind of editor: I doubt that being able to ssh into a remote machine and run the same editor is a particularly important attribute for editor choice for a JavaScript developer.

          There’s a good reason that VS Code is popular with TypeScript developers: it’s mostly written in TypeScript and it’s easy for them to extend. That probably applies to JavaScript developers who know a bit of TypeScript as well. It’s about as surprising as EMACS being popular with Lisp developers.

          1. 2

            I’m sure it’s popular, but the assertion that “99 out of 100 times” is just nonsense. And, you know, the author is trying to ding MSFT for pushing “VSCode as the go-to (and only) Editor for TypeScript.” First, OK - that’s their job.

            MSFT tries to make VSCode the #1 editor/environment for TypeScript. OK, and? If they’re doing it by making a good editor that people want to use that’s … not horrible.

            But then the author cites as back-up for this that “people” advise using VSCode. If 40% of the developer population recommends VScode (or more) they’re doing so willingly, not at gunpoint. If you were forced to use VSCode in some way, that’d be a compelling argument against MSFT but it really seems like yet more FUD.

    5. 22

      Sadly that’s a really difficult bit of software to use. The license states that you cannot use it in any capacity without emailing the author.

      I’d be very hesitant to engage with this at all, unfortunately.

      1. 5

        Yeah that licence is … interesting. I could understand emailing for permission to modify it, but just to use it seems a bit over the top.

        1. 18

          This is an effort to fight individual exploitation in the FOSS community.

          By writing proprietary software. ;)

          The fact that the source code is available doesn’t make it less proprietary.

      2. 1

        Where do you see the license?

        1. 3

          It’s at the bottom of

      3. 1

        Not at all. Compiling and running the code privately or for educational purposes would fall under fair use.

        Exploitation is a huge problem in the community, and it starts with little acts like this to fight it, even if it isn’t what people are used to. And as time goes on I will refine what I do to help the problem. ☺

        1. 5

          Exploitation is a huge problem in the community, and it starts with little acts like this to fight it, even if it isn’t what people are used to.

          I’m not sure this achieves anything, honestly. Other than of course, being proprietary software in an effort to “fight exploitation in the FOSS community”.

        2. 2

          what “exploitation” are you referring to?

          1. 1

            The most recent event, which really opened my eyes, was the the one where Amazon took over ElasticSearch.

            My code can still be used under fair use, and is available for reading.

            1. 16

              Amazon didn’t take over ElaaticSearch…Elastic chose to relicense it under a proprietary license, and then Amazon forked the latest Apache 2.0 licensed version into a competing product.

              1. 1

                Any software licensed under terms that prevent Amazon (or any other party) from doing this is not free. Maintainers of software that claims to be free software should not be able to prevent users from modifying that software in ways they disapprove of.

        3. 2

          That’s nice for users of your software in countries where Fair Use exists as a concept in copyright law.

          In the UK for example, the concept of Fair Use is described as Fair Dealing, and a defence exists to copyright infringement if it is for the purpose of ‘academic study’, ‘criticism or review’, or ‘reporting of current events’.

          Running this bot, for example, for my own use in a channel unrelated to its development, I don’t believe would reasonably fall into any of those three buckets.

          Have you considered a strong licence like AGPL-3.0?

    6. 2

      I fixed a Segfault in GDM because I bought a shiny new (for 2014) DisplayPort monitor that made my desktop environment crash every time I turned it on or off.

      To this date, my only contribution in C. It was an easy experience because it’s a fix for an obvious bug, rather than something like a new feature where the implementation is up for debate!

    7. 3

      There’s a paragraph in this article which frames what Elastic are doing as ‘relicensing under copyleft’:

      If you didn’t want your work “embedded in a proprietary product”, you should have picked a copyleft license that covered the key use cases, or switched to one before releasing new and valuable features or fixes. Exactly what Elastic is doing now.

      I think the above is disingenuous, I seriously doubt anyone would be kicking up a fuss if Elastic had relicensed under AGPL-3.

      What concerns me is the (I assume deliberately) vague wording in the definition of what constitutes Offering the Program as a Service section of the new license, where ‘offering a service’ is defined as:

      offering a service the value of which entirely or primarily derives from the value of the Program or modified version

      The above is the sort of sentence that feels likely to involve expensive lawyers and a long court case should the author of the software in question decide that they feel your business infringes.

      It’s not hard to dream up hypotheticals where your value-add as a SaaS business comes from normalizing some domain specific dataset into an Elastic cluster and providing access to that search functionality.

      If Elastic Inc come calling for you to either give them their pound of flesh, or open source your entire IP, can you afford the legal bill when you have to argue that the value of your offering ‘derives primarily’ from the mangling you do to get it into ElasticSearch, rather than the business value of being able to search for it?

      I won’t pretend to understand the vitriol directed at the OSI in this article, as I clearly missed that particular set of drama when it happened.

    8. 2

      If you want the absolute simplest plug-and-play 10gbe LAN for your homelab, pay the extra for Mellanox.

      Or pay a little more extra (still cheap!) for the Intel 82599 (X520 etc). Possibly the most well documented NIC ever? Famously easy to write drivers for. And it supports SR-IOV!

      1. 1

        On the other hand, never ever buy a Broadcom CNA! You just have to check the integration guide documents for any enterprise SAN manufacturer, and you’ll find the page that describes all the hoops you’ll need to jump through if you have machines using Broadcom adapters.

        Emulex or QLogic if you need true CNA capabilities, or Intel if you don’t. The difference in price isn’t worth the hours spent debugging why this specific card won’t complete FLOGI on one port and changing the driver version makes the other port stop working.

    9. 2

      Ironically, I installed BIOS and Intel ME updates from Lenovo this morning using fwupdmgr update, something I’ve done many times before on my T480s.

      Except this time around, it wiped everything except the preinstalled ‘Windows Boot Manager’ entry from my UEFI Boot Order List, which stopped me rebooting after the firmware update completed until I fished out a USB drive with an Arch ISO so I could re-run grub-install and restore the entry.

      To me, this means they simply didn’t test the update with Linux/UEFI systems, I’ll give them the benefit of the doubt and assume they did check BIOS boot, given it’s still more common.

      I hope they sort out this sort of issue as a part of this ‘certification’ process!

      1. 2

        I did the same thing on my T480s (also running Linux/UEFI) yesterday without issues, so it’s most likely a more complicated problem than “only Windows is supported”.

    10. 6

      This somehow manages to make IPv6 addresses less ergonomic than they already are.

      If you are setting up a prototype to the stage where you need an SSL certificate, surely it’s not much of a stretch to add an AAAA record to a domain name?

      If you’re prepared to go down the road of self signed certificates, you can even issue one to your bare IP if you so wish.

      1. 3

        If you are setting up a prototype to the stage where you need an SSL certificate, surely it’s not much of a stretch to add an AAAA record to a domain name?

        In many (large) organisation, this would not be that easy. Domain name entries are usually filtered, and need some kind of validation/process. When building a prototype or a POC for a project, it might be cumbersome.

    11. 11

      Are they talking about the Tom West, of Soul of a New Machine fame?

      1. 5

        If his Wikipedia article is to be believed, then they are indeed. The author is listed as Jessamyn West, who is mentioned on the wiki article.

      2. 0

        Holy shit, I just started reading that last week

    12. 16

      I think the distinction ought to be made between ‘Using Kubernetes’ and ‘Setting up your own Kubernetes cluster’.

      The former is pretty easy, and depending on your choice of provider can make deploying complex applications more straightforward than it would have been in the past. You get some degree of HA/redundancy for free by going this route.

      As for setting up and maintaining your own cluster, that’s a totally different proposition, Kubernetes itself is a beast, and deploying and maintaining it will take up a heap of your time.

      1. 3

        I completely agree. For developers, using kubernetes makes deployment and configuration a (relative) breeze , but maintaining and upgrading a kubernetes cluster is just as much work as maintaining physical servers, and it’s not always obvious what to do as kubernetes has SO MANY moving parts (for better and for worse).

        1. 2

          On the other hand, many developer forget buildpack based deployment (aka heroku-like) that makes it even more a breeze.

          I think they mostly forgot about it because it’s not hype anymore… It offers less flexibility, but offers great comfort that is very valuable to many projects. In addition, you’re not that tighten to the provider since buildpacks are widely supported.

          1. 1

            I think both has merits. There are start-up costs associated with both (creating the definitions, what goes where, lots of YAML for kubernetes), but once it’s running it Just Works™.

            The upside of kubernetes, in my personal opinion, is that you can define a lot of things together (services, containers/pods, disk provisioning, etc.) in one push and expect it to work given the cluster has enough resources. Buildpacks are focused more on a single application.

          2. 1

            I’m not familiar with deploying to Heroku, but I recently worked on a small app that started life on Google App Engine, which I believe deploys similarly?

            The issue we ran into was when we wanted to run up external dependencies that the provider didn’t offer natively, a Redis instance to support a Celery worker for example. It’s these sort-of-external deps that kubernetes makes really easy to deploy.

            1. 1

              I think it’s similar yes.

              On Heroku you have the add-ons that provide many other softwares that you can use along your instances:

              The main problem with Heroku that people have is that it become very expensive very quickly compared to other solutions.

    13. 0

      This probably doesn’t need the law tag, since that’s aimed more at actual governmental/civil law and not software project customs.

      1. 3

        I can appreciate why the tag was added, the only reason they’re instituting this requirement is to adhere to the DMCA.

        1. 1

          Ah, yep, reading comprehension failure on my part.

    14. 4

      I’d like to know what people are using for the diagrams I always see in these books, and in technical presentations.

      The ones where we have a nice diagram of a data frame and its fields, or of a stack and how the frames are aligned in order.

      Are people just preparing these in GIMP or is there a simpler answer for vector graphics like these?

      1. 2

        I think people typically use LaTex for these sorts of diagrams. You can also use a tool like plantuml to generate a certain class of diagrams.

      2. 2

        In LaTeX there’s TikZ; in groff there’s pic; in markdown/html you can try ditaa or some later implementations of a similar idea (quite a lot of reinvented wheels, most of them interesting). Other than that there’s dia or other standalone apps for drawing diagrams. Then, there’s Inkscape, Adobe Illustrator, and other generic vector drawing programs. And finally, you can fall back to raster drawing.

      3. 1

        I’m not sure what people are using in general, but the author is using Monodraw for some of his diagrams.

      4. 1

        A lot of Mac users use omnigraffle and I bought a license this year. On the surface it doesn’t appear to be extraordinarily feature ridge for a vector drawing tool, but it is incredibly good and fast for drawing illustrations for technical documents.

    15. 2

      Right now I have three ergodox infinity (here’s the one I’m using now: ) one ergodox-EZ, two kinesis contoured (ps/2 and usb) and an IBM Model M.

      At the moment I only use the ergodox infinity keyboards and the online layout configurator, because I can’t for the life of me get the firmware to build. But I do regularly tune/change my layout in small ways.

      1. 1

        Those keycaps are a work of art, care to share where you found them?

        1. 1

          Oblotzky SA Oblivion

          I have both Oblivion and Hagoromo sets with colevrak and ergodox additions.

    16. 3

      Windows Modern Standby (Si03) is the one and only reason I’m glad I was impatient and bought an X1C5 instead of waiting for the 6. (Well, that and I saved about $300).

      A sleep mode that doesn’t actually sleep, and requires proprietary ACPI extensions, where do I sign up?

      Just another example of Windows (and I’m quite sure OS X is guilty of this too) thinking it knows better than me what I want my machine to do.

      1. 3

        Your description is more or less on point.

        That said, and this is what really gets me, is how Lenovo completely ripped out default S3 support. Hardware is completely capable of supporting both, but they took it out as a default.

        Luckily the arch community created a great patch for fixing this issue across all linux machines (and BSD, iirc). Once I got S3, my standby time went from maybe 8 hours to somewhere greater than 2.5 days going by the drain rate between uses.

    17. 4

      At home: Filco Majestouch 2 with MX Blues

      At work: Filco Majestouch Ninja with MX Browns (and O-Ring dampers), because I prefer my colleagues not to hate me.

      I haven’t bought anything shiny in a little while though, so I’m eyeing up something a bit different like a Pok3r or and Ergodox-alike.

      1. 2

        I have a FIlco Majestouch 2 (also with MX Blues) and after a few years of daily use it began suffering extreme keybounce. It’s unusable now due to chatter/key bounce that affects nearly all the common keys. I’ve given up on it but might disassemble it and see if a deep cleaning with distilled water helps.

        1. 1

          Mine is coming up on 4 years old I think, and I’ve ad no issues at all. That said, it sounds like a fault and I’d try contacting the reseller or manufacturer to see if they have any suggestions. Mechanical Keyboards should last pretty much until the switch mechanisms give out, if not longer.

          1. 1

            This was ordered (had to dig out the email archive) in mid-2010 and was used daily until late-2013 or 2014, based on other purchase dates. Meh. I’ll contact the original seller,, but frankly I don’t have expectations because it’s nearly eight years old and they don’t carry that line any more.

      2. 1

        I too have two Filco Majestouch - one at work and one at home, both Ninjas, with different switches! At home, the keyboard’s plugged into a Mac and has a problem with dropping keystrokes / being slow as I type in a browser (and sometimes elsewhere). I can’t find a fix so I’m likely to plug an Apple keyboard in instead :(

        The only remappings I do are:

        • CAPS LOCK -> CTRL
        • ALT -> CMD
        • WIN -> ALT

        The post mentions ‘programming’ - I’m assuming this is referring to remapping. I did look for keyboards where I could record macros, but those that exist are very expensive.

        1. 1

          Keystroke problem fixed - using a rear USB port instead of front panel!

    18. 1

      This goes to an empty page. What is this?

      1. 3

        Looks like it got deleted, I archived it here:

      2. 1

        Uh oh, i thought that dpaste was supposed to keep it for a year… sorry!

        The “cached” link above has a copy

        1. 1

 is not reliable. Best way to share code snippets like this is to use gitlab/github snippets feature. Or even something like (which has been around for a long time and they don’t delete pages AFAIK)

    19. 1

      I’m always looking for a cross-compiling system for building macOS executables from Linux, either as a single static executable, or as a self-contained relocatable bundle of (interpreter + libraries + user code entrypoint), because getting legal Mac build workers is such a pain.

      The best toolkit I’ve found, by far, is golang Where you just GOOS=darwin go build .... There are a variety of more-or-less hacky solutions in the Javascript ecosystem, and a few projects for Python, but for Ruby this area is sorely lacking.

      I mention this because while XAR looks like an awesome way to distribute software bundles, I still need to figure out a way to do nice cross-compiles if I’m going to use it to realistically target both macOS and Linux.

      1. 3

        Tell me about it. I’ve tried cross compiling Rust from Linux to OSX and it was just a saga of hurt from start to finish.

        For Go, did you need to jump through the hoops of downloading an out-of-date Xcode image, extracting the appropriate files and compiling a cross-linker? Or is that mysteriously handled for you by the Go distribution itself?

        1. 2

          You literally just run GOOS=<your target os> GOARCH=<your target architecture> go build. No setup needed. Here’s the vars go build inspects.

          It’s frustrating trying to do similar in compiles languages, and then interpreted languages with native modules are even worse.

        2. 1

          Go basically DIYs the whole toolchain and directly produces binaries. That has pros and cons, but means it can cross-compile without needing any third-party stuff like the Xcode images. For example it does its own linking, so it doesn’t need the Xcode / LLVM linker to be installed for cross-compilation to Mac.

      2. 1

        AFAICT, XAR still doesn’t include the Python interpreter, so it’s not completely independent?

        1. 1

          No reason you can’t put a whole virtualenv, python interpreter and all, into your XAR. XAR can pack anything.

          You still need a tool to prepare that virtualenv so that you can pack it, and that’s the sort of tool I struggle to find - cross-compiling a venv, or equivalent in other languages.

          1. 1

            I think most OSS work uses the Mac builders on Travis CI for building mac binaries.

          2. 1

            Yes, exactly. I am less interested in different formats and more in a tool to create them. The ease of doing that with Go is the target.

            1. 1

              The ease of doing that with Go is the target.

              By this you mean, you’re looking for a solution for Python packaging that makes it as easy as Go to distribute universally?

              I used this once before to take some code I wrote for Linux (simple cli with some libraries - click, fabric, etc.) and release it for Windows:

              The Windows users on my team used the .exe file and it actually worked. It was a while back but I remember that it was straightforward.