Slashdot Mirror

https://github.com/fuchsia-mir...

Unless I'm way off base, there's the kernel.

Swift itself is also open source.

It also can be used as a full replacement for C in a way Rust cannot; see my response to someone saying Swift can't be used for device programming for examples. Rust is a nice language but it's just not as architected as Swift is for use across the space of devices like C is already.

This is a discussion about platforms that would buckle under the bulk of a micro-OS and a JS interpreter/VM stack. And that's not even handling the issue that most of these devices use embedded hardware platforms that you need to access with specific assembler calls - how would you do that in JS or Python!?

There are a few JavaScript interpreters that use very minimal resources and have access to all the necessary hardware (wifi, BLE, SPI, UART, i2c, etc), these are Duktape http://duktape.org/, Espruino https://github.com/espruino/Es..., JerryScript https://github.com/jerryscript..., and more. These are all designed for IoT devices. For performance this is an interesting read: https://www.espruino.com/Perfo...

This is a discussion about platforms that would buckle under the bulk of a micro-OS and a JS interpreter/VM stack. And that's not even handling the issue that most of these devices use embedded hardware platforms that you need to access with specific assembler calls - how would you do that in JS or Python!?

There are a few JavaScript interpreters that use very minimal resources and have access to all the necessary hardware (wifi, BLE, SPI, UART, i2c, etc), these are Duktape http://duktape.org/, Espruino https://github.com/espruino/Es..., JerryScript https://github.com/jerryscript..., and more. These are all designed for IoT devices. For performance this is an interesting read: https://www.espruino.com/Perfo...

True, every Intel and AMD chip has hardware backdoor in them call the Intel Management Engine, it's not even x86, it's a ARC/RISC chip and runs Java, operate completely transparent to the OS.

The Intel ME firmware is inside the chipset so you can't even flush it with a BIOS upgrade, you have to buy a raspery pi and us GPIO to manually remove the backdoor firmware by using a clip to grab the chipset, downloading the rom, remove Intel ME from the rom with me_cleaner, then flush it back to the chip.

https://libreboot.org/faq/#intelme

Intel Management Engine (ME) #intelme

In Q3 2009, the first generation of Intel Core i3/i5/i7 (Nehalem) CPUs and the 5 Series Chipset family of Platform Controller Hubs, or PCHs, brought a more tightly integrated ME (now at version 6.0) inside the PCH chip, which itself replaced the ICH. Thus, the ME is present on all Intel desktop, mobile (laptop), and server systems since mid 2006.

The ME consists of an ARC processor core (replaced with other processor cores in later generations of the ME), code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating system's memory as well as to reserve a region of protected external memory to supplement the ME's limited internal RAM. The ME also has network access with its own MAC address through an Intel Gigabit Ethernet Controller. Its boot program, stored on the internal ROM, loads a firmware "manifest" from the PC's SPI flash chip. This manifest is signed with a strong cryptographic key, which differs between versions of the ME firmware. If the manifest isn't signed by a specific Intel key, the boot ROM won't load and execute the firmware and the ME processor core will be halted.

Worse, powershell has api to connect to the firmware, all a hacker needs to do is tap into powershell and he'll instantly have KVM access and complete memory and disk control, as demonstrated by the video below:

Itâ(TM)s a sign of the times: the first day of the 33rd Chaos Communications Congress (33C3) included two talks related to assuring that your own computer wasnâ(TM)t being turned against you. The two talks are respectively practical and idealistic, realizable today and a work thatâ(TM)s still in the idea stage.

Untrusting the CPU
A proposal for secure computing in an age where we cannot trust our CPUs anymore

You can't trust your CPU anymore, it's rigged with NSA backdoor.

Yes, Conversations/XMPP seems like a great solution, at least a worthy alternative to Whatsapp/Signal.
Unfortunately, there isn't a comparable desktop Linux client, so I would still have to depend on a phone (or Windows/OSX?).
Gajim comes very close, but this is a bummer.
If that ever gets implemented I intend to switch over my relatives.
But yes there is some great progress made!

The concept of using PGP is privacy in your private messages. That concept goes out of the window once google is managing your keys.

Google's end-to-end encryption approach relies on a key store in your browser, so Google isn't managing them. The keys could optionally be backed up to Google, but encrypted with a key derived from a passphrase you choose. However, that development effort seems to be stalled (I don't know if it is; I'm just looking at the last-update dates in the Github repo).

I think what might work is for Gmail to offer fully-automatic encryption with Google-handled key management, plus a way for users who want to transition smoothly to browser-managed keys via the end-to-end extension. Of course, that would only address Gmail, but perhaps it could be standardized with some automatic key exchange mechanism for integration with other email providers, and grow organically from there.

I agree with the GP that the only way for email encryption to become practical for the masses is for it to be completely transparent and effortless.

Wait, what? I didn't know this. I'm astonished and excited.

But it looks like the sideloading is via pretending to be the developer of said application. How do I distribute a side-loaded application? Can I still use the app-store for IAPs? Any more details on how to actually deliver sideloaded apps as a developer?

Well, some people just publish the Source on Github.

Here's a tutorial from the User's point-of-view on using XCode to install f.lux for iOS.

Other people publish the Cydia Impactor (.ipa) Packages on their websites. Here's a tutorial for using Impactor to install f.lux from their .ipa file.

I don't think this affects your ability as an iOS Developer to submit offerings for the iOS App Store. But I would check with some other iOS Devs. to be certain.

Java is the #1 language for weekday work.

I remember when Java was my weekend language. Back when people were inspired by it and it didn't have a planet full of haters. In the 1.0 and 1.1 days it wasn't really suitable for production work; too many missing pieces. But that changed quickly as mind share grew. I was the first to bring it in house with my employer build things with it.

Now my weekend language is Rust. It's not really suitable yet for a lot of tasks due to missing pieces; you end up spending too much time on GitHub sorting through multiple half baked 0.3.0 versions of various tools to get much done. But that's changing. The Rust team is very aware of this and their 2017 roadmap directly addresses it. So that will improve. A lot of people really want to use this language and they'll bring it with them when it becomes feasible to do so.

https://github.com/poettering

https://github.com/gorhill/uMa...

Like they were going to opensource their video chat software. Oh, some small puny company sued and now we can't even though we could buy out the company 1000 times over.

False equivalence. Because Apple has not open-sourced all their software, that doesn't mean they don't open source some of their software.

As for CUPS, can you tell me what they added?

If only CUPS was open source software where you could look at the changes from when Apple bought cups to what the latest version. I'll give you a hint, click on the text files that are named "CHANGES".

The only thing that I see they added on a cursory search is their own services for "zero configuration"... and even then, I'm not even sure those are open source.

Then you would be wrong. ZeroConf is the open source implementation of what Apple started as Bonjour/Rendevous.

It requires paid lilcensing to use in a commercial setting. HMM... I wonder why they contributed?

I don't know what you are talking about. I've paid $0 for more than a decade to use CUPS and ZeroConf. Now some companies will sell you software on top of either so that you can use it but that's your choice to pay for software and not use open source versions.

Can you imagine forcing every *nix user to pay for open source? =O

Again I have no idea what you're talking about CUPS is used by Linux and BSD as the defacto printing system. I have yet to seen a bill presented to users of either to do use it.

Like they were going to opensource their video chat software. Oh, some small puny company sued and now we can't even though we could buy out the company 1000 times over.

False equivalence. Because Apple has not open-sourced all their software, that doesn't mean they don't open source some of their software.

As for CUPS, can you tell me what they added?

If only CUPS was open source software where you could look at the changes from when Apple bought cups to what the latest version. I'll give you a hint, click on the text files that are named "CHANGES".

The only thing that I see they added on a cursory search is their own services for "zero configuration"... and even then, I'm not even sure those are open source.

Then you would be wrong. ZeroConf is the open source implementation of what Apple started as Bonjour/Rendevous.

It requires paid lilcensing to use in a commercial setting. HMM... I wonder why they contributed?

I don't know what you are talking about. I've paid $0 for more than a decade to use CUPS and ZeroConf. Now some companies will sell you software on top of either so that you can use it but that's your choice to pay for software and not use open source versions.

Can you imagine forcing every *nix user to pay for open source? =O

Again I have no idea what you're talking about CUPS is used by Linux and BSD as the defacto printing system. I have yet to seen a bill presented to users of either to do use it.

One thing I didn't see on the list but I consider a must-read book for any programmer, is The Design and Evolution of C++. It helps if you've worked with C++ but is not a requirement; the book is really good more because you learn how a programming language comes to be, and the thought that goes into how it works.

If you dislike some parts of C++ you will find fun supporting material here also... but really it's a great way to help you see all programming languages form the other side.

On a side note if you do like this you may want to look sometime into some of the Swift commonly rejected changes document, that gives you insight into a modern programming language as it forms. An amusing aspect is that it used to be called the "Commonly Proposed" document, as you can tell from the URL and file name...

Git Large File Storage (LFS)

Images not included

Images are not included and are not part of the dataset. Companion artworks listed in the dataset covered by the policy are identified in the Collection section of the Museum’s website with the Creative Commons Zero (CC0) icon.

Wish, the write-up was more accurate... Thanks!

Are you sure about that? You can definitely pin certificates in iOS. The trustkit library provides an implementation, for example.

Yes, but then the story is going to be "76 apps vulnerable to SSL interception if running jailbreakable versions of iOS", because the attacker can trick the user into jailbreaking their device, installing SSLKillSwitch https://github.com/iSECPartner... before tricking them into installing and trusting a new cert. I find this scenario about as likely as the "install a fake cert and trust it, then please re-direct all your traffic to my nice little mitm proxy" scenario.

Using a public printer to "print" is the least evil thing you can do. Read this weeks research on printer security: http://hacking-printers.net/ https://github.com/RUB-NDS/PRE... Whenever you can print a document on a printer (for example, using port 9100 or cross-site-printing from a malicious website) you can do much worse stuff like: - Capture print jobs (all PostScript printers since 32 years are vulnerable!) - Access the file system (most PostScript printers allow this, some PJL devices do) - Dump the printer's NVRAM or memory ("feature" of all Brother laser printers and some Xerox devices) - Obtain credentials for Scan-to-Mail, Active Directory etc. stored on the device (Brother, OKI, some HPs, ...) - Install new firmware on the device (modification however is difficult as many vendors use code-signing) - Destroy the printer's NVRAM using legitimate PJL commands (various HP, Brother, Lexmark, Dell, Konica Minolta, ...)

• - You may not use the software in a live operating environment unless Microsoft permits you to do so under another agreement.
• - use the software for commercial, non-profit, or revenue-generating activities
• - share, publish, distribute, or lend the software, provide the software as a stand-alone hosted solution for others to use, or transfer the software or this agreement to any third party

I don't understand how the that EULA goes along with the MIT license. How are they compatible? Am I missing something?

But the tools are still too unstable. Language and library features change from one compiler version to the next.

The changes are backwards compatible. Freezing of certain APIs, addition of new features.

And compilation is slow as shit.

Compilation speeds have improved substantially. And the retort is to say that finding and fixing bugs in the field is way more time / money costly than stopping them from happening in the first place.

Try compiling a simple hello world with Rust or GCC. The difference is staggering. (at least it was about 6 months ago)

The difference in what? Speed? I was able to create, compile and run a hello world program in under 4 seconds.

cargo init --bin
Created binary (application) project
cargo run
Compiling hw v0.1.0 (file:///C:/Temp/hw)
Finished debug [unoptimized + debuginfo] target(s) in 1.40 secs
Running `target\debug\x.exe`
Hello, world!

Or are they going to use rust to compile only 1% of the code, in which case they are complicating their build for no reason.

Every time Mozilla crashes because of dangling pointer, data race or some other avoidable problem caused by using C++, that's a reason. Every time someone finds a way to exploit the browser by causing a buffer overrun, stack overflow or whatever, that's a reason. Every time the browser runs stuff sequentially instead of in parallel due to the complexity and risk of data races is a reason.

There are plenty of reasons to use Rust. And Mozilla's ambition is more than 1% of the code base. Look at the Servo project which aims to replace all of the browser engine with Rust.

[Submitting a separate pull request from each branch of your fork to the upstream project] can be done entirely from the Web UI as long as you're only making small changes that touch one file at a time

I was asked to make three pull requests to HTTPS Everywhere, each to make one small change to a different section of the same FAQ. Because one of the changes would reorder and then combine two sections, I fear an error message that my pull request "has conflicts that must be resolved". GitHub's page about merge conflicts states that for many "merge conflicts, you must resolve the merge conflict locally on the command line."

Since your fork is a whole git repository in its own right, you can make multiple branches within it and submit a separate pull request from each branch. This can be done entirely from the Web UI as long as you're only making small changes that touch one file at a time:

- Fork the repo as you normally would.
- Create a new branch separate from master
- Make sure your branch is selected for browsing using that button that was used to create the branch.
- Navigate to the file you want to change and edit it from the web UI as you normally would.
- When you open your pull request, be sure to select the right branch as the source branch.

You can create as many branches in your fork as you like, and make a separate PR from each.

That's fine if you want to make one change, not so fine if you want to make several changes for which the maintainers have suggested that you make separate pull requests. The only way I'm aware of to merge upstream changes into your fork is to clone the whole project, pull from upstream, commit your merge to your fork, and then push to your fork. Or did you mean deleting and recreating the fork for each pull request?

You should check out Git LFS (large file storage). It's an extension which only stores references in the Git repo, and then fetches the actual large file off a web server on checkout. It was built for games with large amounts of assets. https://git-lfs.github.com/

Since I am not the author, I think it's okay to post that here - I am using Classic Theme Restorer that does all those wonders alongside ABP+ABP Popup Blocker or UBlock on different versions of Firefox on Win10, Win7, Kubuntu and Fedora on my main computers and they're all very stable

IMO, the only browser that might replace Firefox on my computers one day is Vivaldi

Who wants DVDs? [...] Or Blu-Ray disks?

I do. Discs are the only means I'm aware of by which I can legally obtain content to watch on any device, at the highest quality, online or offline, at home or away, without previews, without affecting my data cap, and without having to worry about it going away after a licensing deal expires. Nothing else available today can provide all of that with certainty.

Going into specifics:
1) There's media worth owning. I sometimes want to support companies with my wallet. Other times, I want to ensure that I'll have perpetual access to a show or film. Netflix et al. can't guarantee that, so for media I want to be able to re-watch in perpetuity, it's oftentimes worth it to me to purchase a copy.

2) Media that's worth owning is typically worth owning in high quality. While Netflix is great, I can still get a higher quality image and sound from a blu-ray (e.g. lossless surround audio) than I can via streaming. For media worth owning, it's nice to know that it's in the highest quality, that way it'll still look and sound good in the future.

3) I can bring discs with me anywhere. Unlike streaming services, which are a mixed bag when it comes to the content that's available for offline viewing, physical copies can be watched offline in cars, on airplanes, or away from civilization.

4) It isn't an either/or between discs and streaming. I rip all of my discs, encode them using Don Melton's transcoding scripts, and load them onto my Plex server. Plex lets me do everything I could with a disc, plus provide the benefits of streaming.

5) I don't run afoul of the legal and moral concerns. While companies need to be doing a much better job of making their content more accessible (e.g. less locked down, no forced ads, etc.), it's nonsensical, immature (il)logic to suggest that we're magically entitled to free copies of their content if they don't give it to us on our terms. Especially so since it's possible to watch it on our terms legally already.

Piracy's only additional benefits are that it's free and that it's oftentimes available before an official release is available, but neither of those are benefits I'm entitled to, so, as per #5, they don't factor into my thinking. Moreover, DVDs are apparently still relevant today, despite hitting peak sales about a decade back. Given that blu-ray sales only hit their peak about 2-3 years back, I expect they'll remain relevant for at least a decade or more.

Which is to say, the reports of disc-based media's death have been greatly exaggerated.

you can never train for every scenario.

You can train it for more scenarios than you can train a human for. And the knowledge is cumulative. If one car in one place records "unseen data" you can roll that out to all cars next software update.

And they absolutely do work outside of their training set. I just did it with DIGITS/caffe: https://github.com/humphd/have...

Trained on 6 pictures of dolphins and sea horses it does a pretty good job of determining an unseen set of data. If you start with pre-trained data weights and tailor it to the 2 animals it's exactly perfect on unseen data.

And those are trivial and dumb neural nets.

It's coming anyway - just like bridge builders and other REAL engineers.

So what's that got to do with Open Source? They will either continue releasing with licenses that explicitly avoid any claims for warranty or liability just like in the case we are talking about right here or it will just kill Open Source because nobody wants to open themselves up to that sort of legal backlash just to release OSS.

"Then it won't have bloatware on it"? Are you kidding?!

The stock Nexus comes with the following extension to AOSP:

In this package (weighing in at 660.56 MiB) you will find the core Google system base, Google Android Shared Services, off-line speech files, Face Detection for Media, Face Unlock, Google Play Store, Google Exchange Services (replaces stock/AOSP Exchange Services), Dialer Framework and the following Play Store applications:

Chrome Browser (replaces stock/AOSP Browser)
Cloud Print
Gmail (replaces stock/AOSP Email)
Google+
Google Calculator (replaces stock/AOSP Calculator)
Google Calendar (replaces stock/AOSP Calendar)
Google Camera (replaces stock/AOSP Camera)
Google Contacts (replaces stock/AOSP Contacts)
Google Desk Clock (replaces stock/AOSP Desk Clock)
Google Dialer (replaces stock/AOSP Dialer)
Google Docs
Google Drive
Google Fitness
Google Keep
Google Keyboard (replaces stock/AOSP Keyboard)
Google News & Weather
Google NFC Tags (replaces stock/AOSP NFC Tags)
Google Now Launcher (replaces stock/AOSP Launcher)
Google Package Installer (replaces stock/AOSP Package Installer)
Google Play Books
Google Play Games
Google Play Movies & TV
Google Play Music
Google Play Newsstand
Google Play services
Google Print Service Recommendation Service (replaces stock/AOSP Print Service Recommendation Service)
Google Search
Google Sheets
Google Slides
Google Storage Manager (replaces stock/AOSP Storage Manager)
Google Text-to-Speech (replaces stock/AOSP Pico TTS)
Google VR Services
Google WebView (replaces stock/AOSP WebView)
Hangouts (replaces stock/AOSP SMS App)
Hotword
Maps
Messenger (not installed on tablet devices) (replaces stock/AOSP SMS App)
Pixel Icons
Pixel Launcher (replaces stock/AOSP Launcher)
Photos (replaces stock/AOSP Gallery)
TalkBack
Wallpapers
YouTube

I guess it's outside the 'top seven', but the simplest, lowest-level, error-free code is the unsung hero to me.

For example, the AGC Apollo Guidance Computer springs to mind as a world-changing piece of code.

(Link is to the original Apollo 11 guidance computer (AGC) source code for Command Module (Comanche055) and Lunar Module (Luminary099).)

Keep your eye on the open efforts for TTS and STT.

Speaking of which: I happen to have done a bit of online search about this subject (non-cloud STT).

Two things :

- Old style statistical based approach (N-grams and Hidden Markov Models) :
CMU Sphinx is an open-source implementation.
These older approaches are rather lighter on the processing power.
If you limit requirement (e.g.: only recognize a 1000-word vocabulary) it is possible to run it on embed CPUs.
There are people getting CMU Sphinx on Raspberry Pi3.
There is Open Ears which is a STT framework using Sphinx that is 100% running on iPhone and iPad.

- 2010s style AI (using Deep Neural Net, Recurrent Neural Nets like Long Short-Term Nets) - similar to what Google and co use on their networks :
Kaldi and EESEN based on it.
Of course these kind of approaches require way much more processing power than what available on most embed platforms.
But as they are opensource, you could install it on your server rack in your basement, and have the Raspberry Pis stream OPUS-compressed audio over Wifi of what they need processed.

Will it beat Google ?
Nope, due to less processing power and specially much smaller amount of training material.

Could it be used to add speach capabilities without needing to stream every single noise to Google and Bigbrother ?
Certainly.

There's BehindTheOverlay, you just have to click the button and it removes the overlay.

Some of our Linux servers that are not exposed to any hostile networks and inconvenient to reboot (e.g. monitoring display server that is displayed, along with other stuff, on a 30mx6m video wall) have uptimes of 5 years or more.... I also can't think why systemd would have any impact on uptime ...

5 years? Seriously? You're running on an 5 year old kernel with multiple known issues (TLS, OpenSSL, etc)?

I didn't say they don't get any updates at all. They just don't have kernel updates applied. There are multiple firewalls protecting these specific servers from hostile users/networks, and 90% of the people who have any access at all (e.g. HTTPS access) have sudo rights to run various things as root on them anyway. The only systems that have any firewall access to them are the other monitoring servers, and all the monitoring software is kept up-to-date.

As for systemd, you must not be very well versed in it. SSH Fails,

Yes, some versions of systemd introducing new features may have bugs. Only immature distros would push such versions out to users of stable releases.

NTP

Using timesyncd isn't mandatory. The distro I use on my laptop doesn't use it, RHEL7.3 doesn't ship it.

magically fixed a service startup issue, no one knows why,

Doesn't seem like anyone could reproduce that on other versions (shipped in stable distros, or current).

and just a general list of why systemd sucks.

Of the 5 major complaints, 3 are about the journal. There are some advantages to it, and some disadvantages, and I think systemd should support not using journald at all, but you can avoid relying on the journal itself by forwarding to syslog and disabling storage.

Regarding giving block devices for filesystems listed as required in /etc/fstab, this is a conscious design decision that is required in environments with complex storage (many storage arrays in a complex storage area network). The alternative (with e.g. sysvinit) is to have your production database servers fail to come up at boot time because the init system didn't give enough time for all 100 LUNs to appear so that it could mount the filesystems required to let the database start. It is really fun to have to be woken up to get such systems back up after a rack has tripped because then engineer on standby can't figure out what to do, I'd rather have systemd do the right thing. As far as I know, the default timeouts have been reduced (systemd wasn't hanging though ... it was waiting for devices it was told were required to appear) and provide more information on why it is waiting.

The 4th issue is cosmetic, and applies to most kernel drivers ... only dracut namespaces its parameters (rd.xxx).

And that took all of 2 min to search, read, and compile, because I wanted to give you some solid backing for stating it sucks.

Yes, it is trivial to find old bugs that are fixed, and FUD complaints from systemd haters about behaviour that has been improved.

You're in RH land with supported versions, so it's likely that these problems, when they crop up, are offloaded as RH issues and you just monitor a trouble ticket. Lucky you. I guess I wouldn't care in that scenario either, as it's SEP.

Our production servers run Red Hat. We haven't needed to log a ticket for anything systemd-related.

My workstation, my laptop, and the desktop my wife uses at home run a different distro not associated with Red Hat at all that switched to systemd long ago, and I have seen no issues there either.

Some of our Linux servers that are not exposed to any hostile networks and inconvenient to reboot (e.g. monitoring display server that is displayed, along with other stuff, on a 30mx6m video wall) have uptimes of 5 years or more.... I also can't think why systemd would have any impact on uptime ...

5 years? Seriously? You're running on an 5 year old kernel with multiple known issues (TLS, OpenSSL, etc)?

I didn't say they don't get any updates at all. They just don't have kernel updates applied. There are multiple firewalls protecting these specific servers from hostile users/networks, and 90% of the people who have any access at all (e.g. HTTPS access) have sudo rights to run various things as root on them anyway. The only systems that have any firewall access to them are the other monitoring servers, and all the monitoring software is kept up-to-date.

As for systemd, you must not be very well versed in it. SSH Fails,

Yes, some versions of systemd introducing new features may have bugs. Only immature distros would push such versions out to users of stable releases.

NTP

Using timesyncd isn't mandatory. The distro I use on my laptop doesn't use it, RHEL7.3 doesn't ship it.

magically fixed a service startup issue, no one knows why,

Doesn't seem like anyone could reproduce that on other versions (shipped in stable distros, or current).

and just a general list of why systemd sucks.

Of the 5 major complaints, 3 are about the journal. There are some advantages to it, and some disadvantages, and I think systemd should support not using journald at all, but you can avoid relying on the journal itself by forwarding to syslog and disabling storage.

Regarding giving block devices for filesystems listed as required in /etc/fstab, this is a conscious design decision that is required in environments with complex storage (many storage arrays in a complex storage area network). The alternative (with e.g. sysvinit) is to have your production database servers fail to come up at boot time because the init system didn't give enough time for all 100 LUNs to appear so that it could mount the filesystems required to let the database start. It is really fun to have to be woken up to get such systems back up after a rack has tripped because then engineer on standby can't figure out what to do, I'd rather have systemd do the right thing. As far as I know, the default timeouts have been reduced (systemd wasn't hanging though ... it was waiting for devices it was told were required to appear) and provide more information on why it is waiting.

The 4th issue is cosmetic, and applies to most kernel drivers ... only dracut namespaces its parameters (rd.xxx).

And that took all of 2 min to search, read, and compile, because I wanted to give you some solid backing for stating it sucks.

Yes, it is trivial to find old bugs that are fixed, and FUD complaints from systemd haters about behaviour that has been improved.

You're in RH land with supported versions, so it's likely that these problems, when they crop up, are offloaded as RH issues and you just monitor a trouble ticket. Lucky you. I guess I wouldn't care in that scenario either, as it's SEP.

Our production servers run Red Hat. We haven't needed to log a ticket for anything systemd-related.

My workstation, my laptop, and the desktop my wife uses at home run a different distro not associated with Red Hat at all that switched to systemd long ago, and I have seen no issues there either.

Some of our Linux servers that are not exposed to any hostile networks and inconvenient to reboot (e.g. monitoring display server that is displayed, along with other stuff, on a 30mx6m video wall) have uptimes of 5 years or more.... I also can't think why systemd would have any impact on uptime ...

5 years? Seriously? You're running on an 5 year old kernel with multiple known issues (TLS, OpenSSL, etc)? I hope they're firewalled well. As for systemd, you must not be very well versed in it. SSH Fails, NTP magically fixed a service startup issue, no one knows why, and just a general list of why systemd sucks. And that took all of 2 min to search, read, and compile, because I wanted to give you some solid backing for stating it sucks. You're in RH land with supported versions, so it's likely that these problems, when they crop up, are offloaded as RH issues and you just monitor a trouble ticket. Lucky you. I guess I wouldn't care in that scenario either, as it's SEP.

Some of our Linux servers that are not exposed to any hostile networks and inconvenient to reboot (e.g. monitoring display server that is displayed, along with other stuff, on a 30mx6m video wall) have uptimes of 5 years or more.... I also can't think why systemd would have any impact on uptime ...

5 years? Seriously? You're running on an 5 year old kernel with multiple known issues (TLS, OpenSSL, etc)? I hope they're firewalled well. As for systemd, you must not be very well versed in it. SSH Fails, NTP magically fixed a service startup issue, no one knows why, and just a general list of why systemd sucks. And that took all of 2 min to search, read, and compile, because I wanted to give you some solid backing for stating it sucks. You're in RH land with supported versions, so it's likely that these problems, when they crop up, are offloaded as RH issues and you just monitor a trouble ticket. Lucky you. I guess I wouldn't care in that scenario either, as it's SEP.

What about things like sshuttle? that deconstruct and reconstruct TCP packets when sending them over SSH, or are SSH connections detectable in their own right?

Re-using parameters as variables is very useful for writing concise code. I see no reason to limit things in this way.

The origin of the modifying-parameters-is-bad meme may be in javascript, where the parameters are available both via their names and as the 'arguments' array-like object, and taking advantage of that aliasing will ruin whatever poor-piss optimization the JIT engine is trying to do.

See here

And, btw, I don't think that 'writing concise code' is a priority in a python-like language (that enforces mandatory white-spaces and indentation)

The lavabit code was (as of posting) last updated in July. I would be surprised if there have been no code changes in the past 6 months, so I'd argue that everyone claiming to be open source needs to do a better job of it.

It's dangerous to think that somehow Linux and other open source projects are somehow better in this regard.

It wasn't long ago that there was the Ubuntu/Amazon search results debacle.

Then there's Firefox's telemetry, too.

There's also the Homebrew open source project, which supports data collection, and stores it in Google Analytics.

Some people will say, "But that tracking can be easily disabled!" or "But that tracking is off by default!". Well, it doesn't matter: the tracking could still potentially be done, and the tracking code is likely still present even if toggled off.

The only way Linux and open source software would be better than their competitors is if they didn't include any support for any sort of telemetry or tracking at all. Completely eliminating all such tracking code and its remote infrastructure is the only way to handle this sort of a situation properly.

Shameless plug: Firefox telemetry and spy removal

https://gist.github.com/MrYar/...

I believe Clojure, itself, in the form of ClojureScript, is an example of a language that made the leap from the JVM to other platforms. There is even a quite strong push to make libraries portable across both platforms since there are some subtle differences. For more check out https://github.com/clojure/clo...

All managed by a python script to download, install & switch whenever you want. https://github.com/RoliSoft/WSL-Distribution-Switcher

One of the strongest features of Java was the fact you didn't have to "port" it to different environments. "Write once" was a feature.

That's misleading. The language is write once. But unless someone ports the JVM, you can't run the language on a different system.

So after five years at a community college, you finally graduated.

Because I was working 60 hours as a video game tester and teaching Sunday school. Some people would find it impossible to take two or three classes on top of a schedule like that and still get straight A's for five years in a row.

But you don't actually work as a programmer.

These days I write PowerShell scripts to automate InfoSec tasks. I would prefer to use Python but the three-letter government agency I work for is a Windows shop.

I guess this explains why you don't understand basic concepts of programming.

As a lead video game tester for three years, I worked closely with developers around the world. Because I was taking classes in computer programming, I was able to narrow the scope of the bug reports to the actual problem. On one occasion I was allowed to look at the code and found a bug that way.

IT support for Fortune 500 companies was no different. I get tickets, look at problems, talk to users and developers, and find solutions that no one else can. I even walked a CS graduate on how to turn on his workstation over the phone since cubicle farms don't have people standing around to turn on workstations like university computer labs do.

Wow. So much wrong in that understanding.

I'll provide the link for the Swift-Windows releases below. Please read through the instructions carefully. Note that you will need to download swift-cygwin-20160913-bin.tar.gz for Cygwin or swift-mingw-20160815-bin.7z for Windows. You won't be able to run Swift the programming language without those binaries.

https://github.com/tinysun212/swift-windows/releases

Once you have the binaries installed, you can use swift for immediate mode and swiftc for compiling. If this look familiar, it's similar to java and javac for Java programs.

It's not just the modules themselves; npm is also horrible.

For starters, npm is non-deterministic. Yep, you've read it right: you can install the same packages on two different machines, but if you do it in different order, you can end up with different dependency trees. And yes, despite what the npm maintainers say, it can result in different versions of packages being installed for the same set of version constraints.

Then there are major bugs that have been open for over a year, and can be blocking (as in, no way to install a package) if you happen to be the unlucky one who is affected... but there's no fix. The bug still says "needs repro", despite 80+ comments and 24 upvotes on it, and one of npm developers saying that he "ran into this a few times".

It's not just the modules themselves; npm is also horrible.

For starters, npm is non-deterministic. Yep, you've read it right: you can install the same packages on two different machines, but if you do it in different order, you can end up with different dependency trees. And yes, despite what the npm maintainers say, it can result in different versions of packages being installed for the same set of version constraints.

Then there are major bugs that have been open for over a year, and can be blocking (as in, no way to install a package) if you happen to be the unlucky one who is affected... but there's no fix. The bug still says "needs repro", despite 80+ comments and 24 upvotes on it, and one of npm developers saying that he "ran into this a few times".

If you need that program and it's so special or difficult that nobody has tried to write it yet, you'll have to pay for people's time. There are a number of code bounty sites. From a quick web search: coderbounty, sourceforge:helpwanted, bountysource, freedomsponsors and other alternatives. I haven't used any of them, so no idea how much publicity they get you.

Maybe you get more exposure if you offer a bounty on Stackexchange. Even if nobody accepts the coding challenge, you may get valuable advice in the answers.

Of course monetary incentives for creative work will fail if there's no intrinsic motivation (see Dan Pink, "Drive"). But funding can give a coder the time needed to attack a problem they find interesting.

on Windows on could use Avisynth (with https://github.com/mysteryx93/...) to apply HLSL Shaders,..
(not sure if something similar is available for Vapoursynth)

cx88 PCI cards

http://corona.homeunix.net/cx8...

https://gist.github.com/dreamc...

xc5000 USB device)

https://wiki.freebsd.org/Webca...

Requires dvb-fe-xc5000-1.6.114.fw firmware

https://www.linuxtv.org/downlo...

MythTV

http://www.freshports.org/mult...

I want to emphasize the existence of alternatives to JavaScript, as you mention, which means that JavaScript is not your only option.

There's a very long list of languages that you can use instead. You can even use Smalltalk:

https://github.com/jashkenas/c...