Slashdot Mirror

There's a work-in-progress Fortran front end, but it's definitely understaffed.

https://github.com/WindowsLies...

Someone is on the case!

I ran it for about 2 weeks on a laptop at home used for general browsing, but watching the logs on my firewall were crazy. I couldn't manage to track down all the different *-edge.net domains or other CDN endpoints they were using to relentlessly connect. You basically have to switch to whitelisting. My hosts block file picked up dozens of entries, but after realizing it'd be a never ending cat & mouse game I reverted back to Win7...Unless they stop this crap in a soon to be released patch we'll go back to being a Windows free home when win7 gets bothersome.

Just use this: https://github.com/10se1ucgo/D... Along with some easily googlable additions to your HOSTS file. I've manged to get it down to just one site client.wns.windows.com (IIRC) it will try randomly the entire time but HOSTS seems to deal with it as well as it can be dealt with.

I'll just leave this here
This is a fantastic font.

What about Monoiod? It sounds like Monoiod may be a better choice for many. Sounds like it does not have the same drawback,s.

http://larsenwork.com/monoid/

https://github.com/larsenwork/...

It looks similar to Adobe Source Code Pro.

Similar design goals . Also open source on github.

To my eyes Source Code Pro looks more refined.

ok, I just spent my morning researching the problem, and why the feature got built, starting from here (linked to in the article). Essentially, the timeline goes like this:

1) On Linux, the su command uses PAM to manage logins (that's probably ok).
2) systemd wrote their own version of PAM (because containers)
3) Unlike normal su, the systemd-pam su doesn't transfer over all environment variables, which led to:
4) A bug filed by a user, that the XDG_RUNTIME_DIR variable wasn't being maintained when su was run.
5) Lennart said that's because su is confusing, and he wouldn't fix it.
6) The user asked for a feature request to be added to machinectl, that would retain that environment variable
7) Lennart said, "sure, no problem." (Which shows why systemd is gaining usage, when people want a feature, he adds it)

It's important to note that there isn't a conspiracy here to destroy su. The process would more accurately be called "design by feature accretion," which doesn't really make you feel better, but it's not malice.

(Seriously though - unlike Duke Nukem, one can actually verify that LOOL is being actively developed. I realize they've been talking about LOOL for like half a decade now without a real release, but I actually think they'll really release it now that they have some collaborators working on it.)

The reasons they give for not supporting actual Markdown are fairly weak, IMO. I have a custom GitLab/Slack connector service that I wrote and I actually do a manual translation from Markdown to Slackformat syntax to at least try to carry over the original message's formatting.

Definitely off-topic, though.

If that's a mobile application you can just use adaway from f-droid and use the DNS cache viewer to block the domains.
https://github.com/Free-Software-for-Android/AdAway/wiki/ProblematicApps

I uninstalled Flash in 2009 and for some reason I'm still alive! :-O

youtube-dl downloads and streams video and audio from about 500 legacy sites in the quality of your choice.

livestreamer streams live video from about 70 legacy sites such as the popular "Twitch".

VLC and mpv also can play video from some sites directly, e.g. YouTube.

I uninstalled Flash in 2009 and for some reason I'm still alive! :-O

youtube-dl downloads and streams video and audio from about 500 legacy sites in the quality of your choice.

livestreamer streams live video from about 70 legacy sites such as the popular "Twitch".

VLC and mpv also can play video from some sites directly, e.g. YouTube.

SnoopSnitch
Karsten Nohl on mobile self-defense

Android IMSI-Catcher Detector
More information here.

I think it's fair to consider Rust a "debacle" so far. Have you actually tried to use it? I've been following it for years. It took them fucking forever to get the 1.0 release out. Until then, they spent most of the time flip flopping back and forth between the different options for language features and library functionality. It wasn't just evolution, improvement, or rapid development. The language convulsed for years and years. You couldn't write code one weekend and reliably have it work the next weekend!

For a language whose web site proclaims it to be "a systems programming language that runs blazingly fast, prevents nearly all segfaults, and guarantees thread safety", the Rust implementation (which is mostly written in Rust!) is goddamn slow, and it's also full of bugs (over 2100 open bugs as of this time). Rust's supporters and developers will blame it on there being lots of "legacy code" and "new ideas" and other excuses like that, but I think the reality is that Rust just doesn't live up to the promises that were made about it and its capabilities. It doesn't help that the Rust project attracted some Rubyists, after it started to become clear that the Ruby and Ruby on Rails hype was rapidly falling apart and being associated with that community would soon be a liability. They ended up bringing their typical hype over to Rust, which has not been good for its community.

Despite all of the hype, Rust 1.x is actually a pretty awful language in a lot of ways. The semantics are mediocre. The syntax is worse than other C-style languages. The implementation, as I mentioned earlier, is slow and buggy. The standard library is lacking. The documentation isn't very good, either. All in all, it's a real disappointment, especially given how long we had to wait for it!

While Rust was sitting there going nowhere fast, we saw C++ come along and go through several major updates, which brought in some very useful language and library functionality. C++14 is a superb language. It's the most capable language out there. You can write low level code that gives you near-complete control. You can write mid-level code with ease. You can write high-level code using concepts borrowed from functional programming languages. You can mix and match all three approaches however you want to or need to. You can write code without garbage collection. You can easily write advanced code that never uses pointers, or uses them safely if they do need to be used, giving you almost all of Rust's safety without the burden of Rust. There are a huge number of libraries you can seamlessly use, too. And never forget that there are multiple, high quality C++ implementations. GCC and Clang/LLVM are two very capable open source systems. Then there are many commercial implementations, too. There's just the one shitty Rust implementation, and nothing suggests that's going to change any time soon.

Rust hasn't delivered at all, while C++ consistently has delivered. There's no sane reason to subject yourself, and especially clients or customers, to Rust. Mozilla, instead of wasting their time and resources on Rust, should have just started gradually using the new C++ functionality in Firefox and their other existing products written in C++. They didn't need to develop a whole new language that falls significantly short of C++! So, yes, Rust can be considered a "debacle".

There's a project to rewrite the major parts of Firefox in Rust.

The current proposal involves a short self-assessment questionnaire and an automated script which checks a few things. The current (very early) draft of possible criteria is here:

https://github.com/linuxfounda...

Major items include a big tracker (with responses to security bugs), source control, and peer review. These are all standard best practices which improve software quality.

    If you have a one-person project and can't get someone else to review your commits, that's okay. You can keep doing what you're doing. However, your software also can't be expected to be as reliable and secure as something like Moodle, in which AT LEAST three people review all changes. Therefore Moodle would be able to use the badge and you wouldn't, until you got another person to look at your changes. Having some criteria for the badge actually makes it more useful for small projects because you can choose to use libraries which are badged and have some indication that they're somewhat reliable and secure.

The one pair of proposed criteria that isn't already done by most projects is use of a static analysis tool and a dynamic analysis tool. There are free , open source tools available and using them does reduce bugs and improve performance . Using them would be a change for many developers, but probably in the long term it'll save you more time than it costs.

And if you're a developer that does anything in a non-windows environment, you should have some sort of git account, because you should be using git.

Even if you're a Windows developer, you should have a git account and you should be using git. Even Microsoft are doing development work in the open using GitHub.

Allow me to oblige everyone else with a link, since you complained but didn't provide one either: https://github.com/hooperfly/p...

WebRTC is maturing quickly with good vendor support for creating direct audio, video and data connections among browsers with many peer-to-peer possibilities including for example a sort of BitTorrent client: https://github.com/feross/webt... . Already WebRTC is the data conveyor for the Facebook Messenger app for example. I have been lucky to attend a couple talks in recent months about this. Be sure to check out Red5 if you are interested in video superpowers: https://github.com/Red5

For flash-like HTML5/Javascript controls I have been impressed with Greensock - see http://greensock.com/get-start... - it even has a lot of 3D capabilities. Greensock started as a Flash toolkit and moved into HTML5 later, as I understand it.

We are getting to the point where even Unreal Engine can roughly compile for the browser so I think most of the unique capabilities of Flash are finally becoming supplanted in better and more open ways.

WebRTC is maturing quickly with good vendor support for creating direct audio, video and data connections among browsers with many peer-to-peer possibilities including for example a sort of BitTorrent client: https://github.com/feross/webt... . Already WebRTC is the data conveyor for the Facebook Messenger app for example. I have been lucky to attend a couple talks in recent months about this. Be sure to check out Red5 if you are interested in video superpowers: https://github.com/Red5

For flash-like HTML5/Javascript controls I have been impressed with Greensock - see http://greensock.com/get-start... - it even has a lot of 3D capabilities. Greensock started as a Flash toolkit and moved into HTML5 later, as I understand it.

We are getting to the point where even Unreal Engine can roughly compile for the browser so I think most of the unique capabilities of Flash are finally becoming supplanted in better and more open ways.

Can you make stuff work with the Opus codec? I know, may not solve cell phone too old issue etc.
Also, I've researched the issue and there's a quite heavy handed way : decode the audio stream with javascript. Sounds insane but it does work.
Found this and this.
https://github.com/audiocogs/o...
http://audiocogs.org/codecs/mp...

Given that Chrome is that browser that needs gigs of ram to even run it seems fair to waste the user's CPU cycles in that case.. Might be too much on old phone, I don't know.

Hello,

Thanks for your comments. I'm the guy quoted in the article, and you're right that in some cases (e.g., Gaza), a political solution would de-necessitate a cheap and readily printable stethoscope. However, The Gaza strip is blockaded. While in theory medical equipment should be allowed in according to this partial (if old) list from Gisha, you can see from various reports (e.g., this one from MSF that in practice medical equipment and supplies are very, very short. My personal experience on the ground validates this. Even those who are in favour of the continued blockade don't argue the shortages, only the reasons why.

So, for Gaza, get this one out of your head. There is no supply truck coming. No shipment docking. No airlift. If the Gazans want stethoscopes and don't want to spend a month's salary on it, they have to make it. In other parts of the world, it's a strictly financial proposition: Want a high quality, validated stethoscope? You gotta pay a month (or more) of salary. Very few can afford to do that, and so the crappy stethoscopes come into play.

It's also obvious to me that you've never needed to use a stethoscope. I have yet to hear a cheap stethoscope that sounds as good as a Littmann cardiology III (the gold standard) - except for ours. Don't believe me? The testing regimen is indeed simple and well-documented in the literature. Go ahead and test it and publish your results.

Re: Pulse oximetry, our design will be clinical grade and will be able to do O2, carboxyhemoglobin and methemoglobin. Trust me when I tell you that doing that for under $100 is impressive. Ours will be about $15 with a display, and less without. The ECG is similarly engineered to a high standard and will be comparable with the $5k models in terms of parts and sensitivities.

Here we've found a way to make this gourmet item for cheaper in a decentralized way and lose nothing in terms of quality. You're asking why don't they just get some pop-tarts and be done with it. No thank you: Not good enough for my patients.

tarek : )

Hello,

Thanks for your comments. I'm the guy quoted in the article, and you're right that in some cases (e.g., Gaza), a political solution would de-necessitate a cheap and readily printable stethoscope. However, The Gaza strip is blockaded. While in theory medical equipment should be allowed in according to this partial (if old) list from Gisha, you can see from various reports (e.g., this one from MSF that in practice medical equipment and supplies are very, very short. My personal experience on the ground validates this. Even those who are in favour of the continued blockade don't argue the shortages, only the reasons why.

So, for Gaza, get this one out of your head. There is no supply truck coming. No shipment docking. No airlift. If the Gazans want stethoscopes and don't want to spend a month's salary on it, they have to make it. In other parts of the world, it's a strictly financial proposition: Want a high quality, validated stethoscope? You gotta pay a month (or more) of salary. Very few can afford to do that, and so the crappy stethoscopes come into play.

It's also obvious to me that you've never needed to use a stethoscope. I have yet to hear a cheap stethoscope that sounds as good as a Littmann cardiology III (the gold standard) - except for ours. Don't believe me? The testing regimen is indeed simple and well-documented in the literature. Go ahead and test it and publish your results.

Re: Pulse oximetry, our design will be clinical grade and will be able to do O2, carboxyhemoglobin and methemoglobin. Trust me when I tell you that doing that for under $100 is impressive. Ours will be about $15 with a display, and less without. The ECG is similarly engineered to a high standard and will be comparable with the $5k models in terms of parts and sensitivities.

Here we've found a way to make this gourmet item for cheaper in a decentralized way and lose nothing in terms of quality. You're asking why don't they just get some pop-tarts and be done with it. No thank you: Not good enough for my patients.

tarek : )

Hello,

I'm the person quoted in this story. The 30c is the stethoscope head. The other parts are also already available (ear tube; ear plugs; Y piece). The tubing is generic silicone tubing that can be sourced from many places.

However, what we've found is that the bulk of the quality is in the head. Get a good head, get good quality. Those super-cheap stethoscopes are indeed available all over the place, but if you've ever used one, they are... terrible. The stethoscope I use day to day in practice in a first world academic emergency now uses our head plus a $5 stethoscope body. It works as well as my Littmann Cardiology 3 does ($208.25 when purchased here). However, the blockade in Gaza means that those $5 bodies might not come in (ali baba or otherwise), so we've made the whole thing printable and available. People in Gaza or other places that don't get regular mail delivery can recycle their waste plastic into stethoscopes.

To me, it doesn't matter what a hospital or ministry wants to use - just the head or the whole thing. That's why we made it modular and testable. Pick what you want. Test it to make sure it's as good as the gold standard. Off you go.

tarek : )

Hello,

I'm the person quoted in this story. The 30c is the stethoscope head. The other parts are also already available (ear tube; ear plugs; Y piece). The tubing is generic silicone tubing that can be sourced from many places.

However, what we've found is that the bulk of the quality is in the head. Get a good head, get good quality. Those super-cheap stethoscopes are indeed available all over the place, but if you've ever used one, they are... terrible. The stethoscope I use day to day in practice in a first world academic emergency now uses our head plus a $5 stethoscope body. It works as well as my Littmann Cardiology 3 does ($208.25 when purchased here). However, the blockade in Gaza means that those $5 bodies might not come in (ali baba or otherwise), so we've made the whole thing printable and available. People in Gaza or other places that don't get regular mail delivery can recycle their waste plastic into stethoscopes.

To me, it doesn't matter what a hospital or ministry wants to use - just the head or the whole thing. That's why we made it modular and testable. Pick what you want. Test it to make sure it's as good as the gold standard. Off you go.

tarek : )

Hello,

I'm the person quoted in this story. The 30c is the stethoscope head. The other parts are also already available (ear tube; ear plugs; Y piece). The tubing is generic silicone tubing that can be sourced from many places.

However, what we've found is that the bulk of the quality is in the head. Get a good head, get good quality. Those super-cheap stethoscopes are indeed available all over the place, but if you've ever used one, they are... terrible. The stethoscope I use day to day in practice in a first world academic emergency now uses our head plus a $5 stethoscope body. It works as well as my Littmann Cardiology 3 does ($208.25 when purchased here). However, the blockade in Gaza means that those $5 bodies might not come in (ali baba or otherwise), so we've made the whole thing printable and available. People in Gaza or other places that don't get regular mail delivery can recycle their waste plastic into stethoscopes.

To me, it doesn't matter what a hospital or ministry wants to use - just the head or the whole thing. That's why we made it modular and testable. Pick what you want. Test it to make sure it's as good as the gold standard. Off you go.

tarek : )

The Chrony comparison page compares ntpd, Chrony and OpenNTPd. Another yet to be finished alternative is ntimed (which seems to currently be around 6000 LoC). On some Linux's if you don't care about accuracy or trying to weed out false time you can always use an client such as systemd-timedated.

Linux Foundation sponsored developer who has extraordinary knowledge of NTP and time issues: http://phk.freebsd.dk/time/ind...
But apparently something went iffy between them, as last commit to https://github.com/bsdphk/Ntim... was over a half year ago.

This is a great example of how not to close a bug report.

Merely stating that the feature "is no longer supported" and closing the bug report without giving any further explanation is the wrong way of handling the situation.

If a user went to the trouble of submitting the ticket, then somebody associated with the project should at least put forth the small amount of effort it takes to explain why the bug is being closed without being properly resolved.

Providing some concrete information is just the sensible, courteous thing to do.

Uselessly vague "$FEATURE is no longer supported"-type replies do no good.

This half-assed reply from johnv-valve reminds me why I don't bother submitting issues for projects hosted on GitHub. I've seen that kind of useless reply, followed by an immediate closure of what's apparently a legitimate bug report, way too often within GitHub. While this can happen with other bug reporting systems, too, I think that there's something with the GitHub culture and mindset that really promotes such disrespectful handling of bugs. Maybe it's the total lack of accountability, coupled with the "social coding" concept. More traditional non-GitHub bug tracking systems were just about that: tracking bugs. But GitHub adds the "social" aspect to it, which ends up just being a way for the project leaders to go on power trips, which often involve treating mere users of the software like total shit.

But even disrespectful bug closures like that don't match up to the pathetic "code of conduct" controversy bullshit we saw recently. I've been involved with open source software development for a couple of decades. We didn't need bullshit "code of conducts" before this GitHub era, because our coding wasn't "social". We were writing open source software to solve real problems, or to make our lives easier. We weren't coding as a way to attract attention, or to see who had a bigger e-penis, or to treat others like shit just so we can feel like we have "power" over others. We just naturally treated one another with respect, so we didn't need some lengthy, goddamn list of rules governing each and every possible aspect of our social interactions! It's only now that the coding becomes secondary to the "social" that all this bullshit about "code of conducts" starts coming up, and it's really quite pathetic!

This half-assed reply from johnv-valve reminds me why I don't bother submitting issues for projects hosted on GitHub. I've seen that kind of useless reply, followed by an immediate closure of what's apparently a legitimate bug report, way too often within GitHub. While this can happen with other bug reporting systems, too, I think that there's something with the GitHub culture and mindset that really promotes such disrespectful handling of bugs. Maybe it's the total lack of accountability, coupled with the "social coding" concept. More traditional non-GitHub bug tracking systems were just about that: tracking bugs. But GitHub adds the "social" aspect to it, which ends up just being a way for the project leaders to go on power trips, which often involve treating mere users of the software like total shit.

But even disrespectful bug closures like that don't match up to the pathetic "code of conduct" controversy bullshit we saw recently. I've been involved with open source software development for a couple of decades. We didn't need bullshit "code of conducts" before this GitHub era, because our coding wasn't "social". We were writing open source software to solve real problems, or to make our lives easier. We weren't coding as a way to attract attention, or to see who had a bigger e-penis, or to treat others like shit just so we can feel like we have "power" over others. We just naturally treated one another with respect, so we didn't need some lengthy, goddamn list of rules governing each and every possible aspect of our social interactions! It's only now that the coding becomes secondary to the "social" that all this bullshit about "code of conducts" starts coming up, and it's really quite pathetic!

More power to them for doing this. As I haven't had time to read the article, are they publishing their design as open source?

Or apparently the summary itself (RTFS? RTFB -- blurb?): "It cost about US$10,000 to develop, and has been released as an open source model for anyone to use."

To be fair, I myself haven't RTFA, but I did do a really good partial skim of the summary.

What are your thoughts about GitHub and the recent code of conduct controversy?

Agreed... projects I work on have been doing this for ages. Here's one of the open source examples:

https://github.com/libMesh/lib...

dynamic_cast with an error statement in DEBUG mode. static_cast otherwise (including if you don't have RTTI).

This is a no brainer...

They suspended the Code of Conduct. Link.

Don't get all excited. A few bad actors did something bad, people complained, the issue was addressed. The Code of Conduct, at least that aspect of it, was never applied. Continuing to agitate about it as though the sky were falling does no one any good.

For security people scanning for these devices. I'm sure an "official" IMSI catcher detector will cost millions as well, however, there are free detection programs for rooted Android phones, like https://github.com/SecUpwN/And... and https://opensource.srlabs.de/p...

I use https://github.com/waywardgeek...

Cheap, reasonable bitrate hardware TRNG, for adding entropy. Entirely open source (code and hardware) with plenty of documentation about how it works.

Does anyone think that a Code of Conduct would help avoid situations like this?

LOL! It's a centuries old "Code of Conduct" that created situations like this.

Does anyone think that a Code of Conduct would help avoid situations like this?

It has been noted that a code of conduct is an important tool for creating healthy and productive communities.

Does anyone think that a Code of Conduct would help avoid situations like this?

It has been noted that a code of conduct is an important tool for creating healthy and productive communities.

I know some oldtimers here don't really like IBM, based on interactions that these people had with IBM back in the 1970s, but those days are long gone. That IBM is long gone. Here we see modern IBM as one of the few companies that's really trying to push the boundaries of our current knowledge and innovate in ways that so few are doing these days.

What they're doing is far more interesting that what, say, the Firefox or GNOME projects are doing. These days, Firefox doesn't improve the web, but rather just copies Chrome's UI without mercy. Yet Firefox never manages to imitate Chrome's excellent performance and minimal memory usage. Then there's GNOME 3, which just ended up ruining a perfectly good desktop environment without bringing any improvements at all.

But to Firefox's and GNOME's credit, at least they're working on actual technology, even if it's shitty, rather than wasting time and effort with nitpicky, hypersensitive, hypocritical "codes of conduct".

We need to see the industry engage in much more positive, innovative research like IBM's doing, with much less of the screwing up that we've seen Firefox and GNOME doing, and with pretty much none of this pansy feel-good "code of conduct" time wasting.

Good god man, you're right! Reddit Technology(tm) represents a massive investment of R&D. I guess the only way anyone could compete would be to install the open source code of Reddit itself!

Not sure about messy; codebase?

Sorry for using the same words in different ways that close to each other; in this case I meant that the forking seems messy. uBlock origin was created and is maintained by the original author, but the fork marketed as simply uBlock on ublock.org is not (at least not anymore).

Not sure about messy; codebase?

Sorry for using the same words in different ways that close to each other; in this case I meant that the forking seems messy. uBlock origin was created and is maintained by the original author, but the fork marketed as simply uBlock on ublock.org is not (at least not anymore).

Not sure about messy; codebase?

Sorry for using the same words in different ways that close to each other; in this case I meant that the forking seems messy. uBlock origin was created and is maintained by the original author, but the fork marketed as simply uBlock on ublock.org is not (at least not anymore).

Disconnect.me uses a blacklist based on known tracker domains. Given that this blacklist based blocking only detects about 10% [1] of global top web sites' resources from third party domains (loosely defined as "not the same domain, nor a subdomain"), using heuristics like Privacy Badger is probably better. Either way, they can work together. Blacklists are convenient but easy to get around for tracker companies (for example by buying a new domain). Shared whitelists are convenient, but will invariably add too many or too broad exceptions too please more users, allowing tracker companies to sneak past (for example by using, by disconnnect.me, whitelisted cloudfront.net and other CDNs for easy forwarding/domain masking). Having a personal whitelist that you maintain yourself to your own needs is a good way to go. I personally use Matrix for resource whitelisting, with a stricter ruleset blocking all third-party domains by default. It's easy to whitelist specific resource types per domain (like css and images, but not javascript), I understand that most people don't care enough to bother though. https://github.com/gorhill/uMa... [1] I have researched third party resource usage and blocking specifically using disconnect.me's blacklist, so go ahead and check it out. [/shameless plug] http://joelpurra.com/projects/...

If Linux can support proprietary drivers for graphics cards, any GPL software can support proprietary add-ins.

No. The Linux kernel is a special case and has a preamble to the GPL in its COPYING file to explicitly allow this:

NOTE! This copyright does *not* cover user programs that use kernel services by normal system calls - this is merely considered normal use of the kernel, and does *not* fall under the heading of "derived work".

As long as these add-ins don't require the recompilation of the host's sourcecode with proprietary code

So the GPL can be circumvented with dynamic linking?

This software vs Xprivacy, ideally with SysScope frozen or removed. I wonder what this tool would show.....

There are also PureScript, Scala.js and of course ClojureScript.

What's actually wrong with Javascript as a compile target?

WebAssembly is conceived to go beyond what JavaScript can currently offer to better support more languages. The future features are of particular interest.