Slashdot Mirror

Time will tell if the strange impetus behind systemd adoption supports the idea that indeed the GPL is difficult to control.

https://news.ycombinator.com/i...

captcha: horrify

Looks like that's the case

It is a shame that this got submitted before we actually published the code. It is Easter and many of our engineers are taking these days off.
The release notes are also incomplete and not ready for publishing
Miguel

Rust claims to be superior for systems programming

Eh... care to cite anything that corroborates your claim? I can't recall any Rust authorities stating things like that.

Chrome guys are quietly getting on with migrating Blink (aka WebKit) to garbage collected C++

Rust provides garbage collection. In fact this is being used to unify Javascript object and DOM object memory management. Your ignorance of this fact indicates that you don't know what you're talking about.

Chrome ... Oilpan ... blah blah

Chrome fared no better than its contemporaries at the most recent pwn2own. That event (and the 2014 pwn2own as well) revealed yet another batch of dangling pointers, use-after-frees and races, most of which Rust could have prevented. Those flaws would have never even compiled.

Chuckleheads such as yourself will impede adoption, naturally, but Mozilla is on the right track here and they will prevail. Rust, or something like it that delivers both memory safety and bare metal performance will eventually put C/C++ to pasture.

It's a shame it has taken so long.

WoT doesn't work anywhere. I know it's a popular idea but it doesn't work, period, end of story.

Problem: the PGP web of trust is tiny and has fewer than 4 million keys published to the SKS key pool, EVER. That's pathetic. But of those keys, many are not really connected to the WoT at all. The strong set is only 50k keys. The WoT is a failure, numerically. For comparison: "Yo", an app created as an April fools joke which only lets you send the word "yo" to other users, managed to get 3 million users. The WoT's entire existence has been matched by an April fools.

Problem: the PGP web of trust converts everyone you trust a CA. Unlike real CAs that protect their keys with hardware security modules, are audited, etc, PGP users routinely do things like carrying their private keys through airports on general purpose laptops onto which they install whatever the latest cool toy is. If any of the users you trust are compromised, the entire WoT can be faked through them and your client will accept it. Sure, if you're some kind of crypto guru you can maybe detect this. But most people aren't.

Problem: the "web of trust" is misleadingly named. The graph edges in it are not indicative of social trust. They are in fact reflecting a trust that is more like, "I trust you to protect your private key and do accurate ID verification" which has nothing to do with the more ordinary, human, every day use of the word trust. In your post you mix up these very different kinds of trust, and this is a very frequent but fundamental error. Protecting private keys and doing accurate ID verification are difficult, skilled tasks, whereas what being trustworthy usually means simply requires loyalty.

Problem: the primary criticism of the CA system is that CA's could be coerced by governments via legal means. However the same is true for people in the web of trust - any of those people can be served with a a court order forcing them to sign the governments key.

Problem: the WoT leaks the entire social graph to the entire public. In this day and age, that's unacceptable.

Problem: the WoT has fake keys uploaded to it and there's nothing anyone can do about it. This isn't theoretical, it has happened and routinely fools large numbers of people.

In short, after many years I've come to the conclusion that the web of trust has no redeeming qualities at all. It was a neat sounding idea, it was tried, it has failed. It should be taken out the back and quietly shot, so it can't mislead any more people into thinking it's a good idea.

I would say it was more of a proof of concept. The developers go into detail on how they were going to get the pi to stream, convert and write new frames to the cart.
https://news.ycombinator.com/i...

It seems like it's quite possible with enough time you could do it, but why would you. They proved a concept and there's not much point in continuing really.
https://news.ycombinator.com/i...

I would say it was more of a proof of concept. The developers go into detail on how they were going to get the pi to stream, convert and write new frames to the cart.
https://news.ycombinator.com/i...

It seems like it's quite possible with enough time you could do it, but why would you. They proved a concept and there's not much point in continuing really.
https://news.ycombinator.com/i...

As linked in an update to the article, the devs discuss it here.

"The video frames were converted to tilesets and stored in the rom image. For playback, the memory mapper (MMC3) is used to swap between the frames without having to rely on too much CPU." They intended to attempt a Raspberry Pi trick, but ran out of time.

I'm off to Hacker News
 
Fuck this place, and fuck Dice.

Original AC, Torchlight had amazing maps, especially the non-random ones that you accessed by killing a Phase Beast. I'd love to run some in a PnP RPG setting.

I actually think there's pretty good commercial software out there for dungeon generation. And there's definitely lots better resources for learning about procedural generation.

http://pcg.wikidot.com/pcg-alg...
http://journal.stuffwithstuff....
http://games.soe.ucsc.edu/site...
https://news.ycombinator.com/i...

Random google results. Because they're still better than TFA.

I hear you on the old-style DM thing, I just think that niche is better filled by Torchlight and WoW. I mean, Gygax is definitely on your side, but the general philosophy of the game has evolved a bit since then: more emphasis on the role-playing aspect, less on its wargame roots, less on strict adherence to the rules, less on the DM being the only one to generate content, and way less on the idea of "players vs DM". The driving idea is that player choices should be meaningful. They should have realistic consequences, and they should also be a determining factor in the world around them. Again, this is not to say that being a bunch of sociopaths wandering around kicking doors down, killing, and looting is not fun, because it is, but that you scratch more itches by, well, focusing on scratching those itches rather than forcing the players to go through your uber-challenging book of challenges. Situations vary, but an encounter that results in a TPK is most often one that only the DM enjoys. Gygax enjoyed the hell out of it, and it was definitely challenging for the players. Balancing toothpicks on your nose is also challenging, and I'm sure WoW is too.

Do your players a favor and start reading through posts on rpg.stackexchange.com. You'll start to see that there are a lot of good ideas on there, but there's a subtle background thread that connects them, which is the focus on player agency. It's a subtle thing; we're both playing the same game with the same rules, but having a better idea of why we're playing this game will make you a lot better at playing it.

Just as I was warming up to your rant...

Gentoo? Oh, please, bitch. Gentoo is for ricers. Period. I have better things to do with my time than to compile every single shitty utility on my system. That's what a distro is for. Oh, and Gentoo can be systemd'ed as well. Read it and weep.

Arch? Uses systemd. Don't believe me? Click here or click here. Arch is the Gentoo of the 2000s.

You have no idea what you are talking about. I would be tempted to add a STFU or two, but I am just too lazy.

This thread shows a quick experiment which confirms it's directly the light which is the cause, not the EM pulse from the capacitor discharge in the flashgun. Chip U16 apparently, which is part of the power regulator.

on /. these days are copy/pasted submissions from Hacker News anywhere from a few hours to a few days later.

It should be noted that those are relays, which transit data inside the tor network, not exit nodes (which provide exit points to the general network and can be a large risk for their operator should any illegal content be accessed). Relays still help with the general obfuscation of the network as well as for hidden services, though.
Apparently, Mozilla is considering eventually deploying exit nodes as well though.

Finally, for those that will scream "child porn", it should be noted that a very, very small minority of tor traffic is actually linked to that type of content, despite what the DoJ says; the best estimates from the tor project is around 1.5%. This move by Mozilla is a good thing - amongst other things helping countless defenders of freedom in oppressed regimes speak up in safety.

One thing of note is that this particular acquisition is not DevDiv, it's Azure ML. But Azure ML is, in some ways, even more F/OSS friendly - at least I don't know anyone else in MS running Linux servers in production for user-facing services, and it's where a lot of ex-MSR guys (like, from those labs that were closed) ended up. It's also where all the Python stuff now is.

Then again, after Satya's takeover, there was a strong push from top down to stop treating open source in general and Linux in particular as pariah, in all divisions. In no uncertain language, like "we've been acting stupid about this for a while now and let competitors eat our lunch; time to catch up while we still can". The recent slew of announcements, from .NET Core officially supported on Linux, to most open MS projects migrating to GitHub, is the outcome.

FWIW, I didn't think I'd ever hear a Microsoft lawyer utter the words "GPL is actually kinda cool" while explaining to developers the company's new open source policy in his official capacity. Yet, here we are.

Long and hard? Yes. But this kind of thing makes it worth it (and also shows that, perhaps, it's not quite all that long if you go fast enough).

Here's a Ycombinator discussion on this very thing...

https://news.ycombinator.com/i...

The author is confused. See this discussion on HN where a lawyer or two explain what is actually going on.

Basically, nothing is changing concerning the substantive requirements for a warrant. All that is changing is which judges can issue a warrant after the police have satisfied all the requirements of the Constitution and of the Federal Rules of Criminal Procedure. Suppose a crime took place in district X, using a computer in district Y. Before, the police would have to go to a judge in district Y. After the change, they will be able to go to a judge in district X if and only if something like TOR or VPN was used that prevents them from determining Y.

As someone who worked (reluctantly, initially) as a (mostly) Perl dev for nearly 4 years, and has now been doing python for nearly 2 years - I miss lexically scoped variables and the Moose OO system. Here's a comment I made on HN which summarizes my lament regarding pythonistas being unable to fathom the very concept of missing anything from the perl world. TL;DR - Perl+Moose gave me a taste for types and a more declarative programming style which is hard and inefficient to reproduce in python (to be fair, it's inefficient in perl too unles you code mostly immutable objects).

Even Woz wrote a rant (now pulled it seems) about ditching OS X in favor of Linux over the frustration of the mounting shit-pile of bugs and anoyances with OS X You can read comments about Woz' post here: https://news.ycombinator.com/i... [ycombinator.com]

Maybe Woz did at some point write a rant somewhere against OSX, I don't know, but this isn't it. The link you provided is to a rant by a Geoff Wozniak, not Woz (Steve Wozniak).

FTC took the Video Post community by storm, quickly gaining broad acceptance throughout the industry, knocking Premier off it's pedestal for desktop-class
Even Woz wrote a rant (now pulled it seems) about ditching OS X in favor of Linux over the frustration of the mounting shit-pile of bugs and anoyances with OS X
You can read comments about Woz' post here: https://news.ycombinator.com/i...

You do know that "Why I Quit OS X – Geoff Wozniak (wozniak.ca)" is Geoff Wozniak (whoever the hell that is) and not Woz, right?

Then they came out with Final Cut Pro X and when their users complained about the rampant bugs, overly simplified iMovie style interface and defeaturization, Apple told their user base to go fuck themselves -- as Apple is want to do and Premier went back to being on top again.

http://fortune.com/2011/06/22/...
https://discussions.apple.com/...

Anyway, far from being a learning moment for Apple -- this has been wholly adopted as their corporate ideology when it comes to their user apps. A lot of it is a focus on iOS and trying to make everything fall in line with iOS -- this was clear as early as 2007 when a trip to the Apple store had their laptop and desktop add-ons shunted to dusty corners while iPhone cases and accessories dominated the store. So this has beed a mentality years in the making based solely on spreadsheets of product sales and not user needs regarding user experience.

Even Woz wrote a rant (now pulled it seems) about ditching OS X in favor of Linux over the frustration of the mounting shit-pile of bugs and anoyances with OS X You can read comments about Woz' post here: https://news.ycombinator.com/i...

In a post on a similar article posted on the Hacker News a twitter employee explains that it was a bug in an unrelated (but, IMO, equally damning) advertisement feature on their platform.

According to him it was supposed to bump the advertised pages in the "following" list of their followers to the top. In order to do so it required removing it from the current position and reinserting at the top, as (again, according to him) the "following list" is not kept whole in whatever data structure it is stored.

I say equally damning because it reinforces the idea (common in here, not so common out there) that the user is not actually the customer but the product to be sold and "monetized" the harder it can be done without scaring him out.

This should be the definite proof of that (both the bugged and the intended feature) but people will happily trade their social influence for an easy to access technological soapbox.

No judgement being passed or merit being discussed on this post, just an observation of the current standing of the whole situation.

Gigaom's Carmel DeAmicis reports that brands pay Twitter to falsely appear in your following list

This isn't true. This was a bug that has already been fixed.

We're considering doing a profit-sharing system, but I'm worried about the effect that will have on the community.

... and ...

Can't do profit-sharing w/o profits.

In this thread you post an answer about profit sharing schemes. Why not be up-front and say that this is a for-profit business that is going to rely on free labor (the pitfalls of which were pointed out here further down the page.

Our mission isn't to add to the cacophany of the news, but to organize it.

Let me fix that for the readers ...

Our mission isn't to add to the cacophany of the news, but to profit from free labor.

In this thread you post an answer about profit sharing schemes. Why not be up-front and say that this is a for-profit business that is going to rely on free labor (the pitfalls of which were pointed out here further down the page.

Our mission isn't to add to the cacophany of the news, but to organize it.

Let me fix that for the readers ...

Our mission isn't to add to the cacophany of the news, but to profit from free labor.

In this thread you post an answer about profit sharing schemes. Why not be up-front and say that this is a for-profit business that is going to rely on free labor (the pitfalls of which were pointed out here further down the page.

Our mission isn't to add to the cacophany of the news, but to organize it.

Let me fix that for the readers ...

Our mission isn't to add to the cacophany of the news, but to profit from free labor.

And he got the same hard questions there - with lame responses that show this isn't even half thought-out.

It is bothering me that I have to even sign up to view anything on Infobitt.com. That already is sending me away since I refuse to blindly sign up for any service.

Ditto.

I have of course wondered what it would be like to do Infobitt with a wiki, and I considered setting a wiki up for that purpose. The bottom line is that wikis lack the potential reasons for using the Infobitt format in the first place--making it easier to compete as well as collaborate, making it possible to vote on small pieces of content (as well as the ordering of the content), etc.

In other words, wiki forces users to collaborate on the same extended piece of content. This has all sorts of great effects, if enough people are participating. But it makes it harder to make short fungible pieces of content, rearrange them by vote, and do contests to discover the best version of each type.

Contests? Welcome to Facebook games meets the news.

lsanger 9 days ago | link

Battling organized partisanship is a problem for down the road. My hope is that, by the time we deal with that, we'll have the funding and the personnel to code up a system that enables us to test out some technical solutions to this problem. There are lots of ideas...

Shouldn't this be figured out before, and not "down the road?"

We're considering doing a profit-sharing system, but I'm worried about the effect that will have on the community.

So why not some more (or at least SOME) info on the financial model???? It's obviously for-profit.

Another complaint about login being required:

But why you need people to log in to see about page? Just 1 static html page so I (not really me, because I spent a lot of time on that conversation anyway, but somebody, whatever) could decide if it's worth my time to sign up using real email account. It's, well, the point of about pages, to explain people what is that stuff they are looking at, and if they really want to go further. Scalability issues? That 1 static html page could be hosted anywhere, and, besides, if your servers aren't dying to host login page it wouldn't make very much difference anyway.

... and now some MOAH FACEBOOK:

We need to code the "like" feature as the first step to implementing this.

After more than a year and basic features missing?

Now the Firefox team can remove all the developer crap from the regular browser.

Removing even the most basic JavaScript console from the standard browser would be a bad idea. It'd encourage some developers of prominent web sites to block users of the developer browser as a "security" measure. Facebook and Netflix, for instance, already block use of the JavaScript console out of "self-XSS" worries; removing even "view source" would make it even worse.

Just to clarify what I'm talking about:
http://www.forbes.com/sites/su...
https://www.cryptocoinsnews.co...
https://www.quora.com/Why-does...
https://news.ycombinator.com/i...
http://www.thefrisky.com/2014-...

Thanks for the reply, especially explaining "locally" (I was starting to wonder afterwards if it indeed was about 3D transformations not variables). Interesting point on commas vs. parens for clarity; I'll have to think about that.

Could not easily find a Google ref for "Buddda". :-)

On JavaScript, it is a frustrating language to work with, with several major design flaws. I'm using it right now for a mid-size project (dozens of pages in a single-page app, collecting 500+ different pieces of data, using Dojo) and it is painful and dragging on (even in just Java, it would have been done much faster). But, inspired in part by Dan Ingall's work on the Lively Kernel, plus what many other peopel say and do who all agree how badly JavaScript sucks, the fact that it runs (in theory) everywhere with one click is the big win. The URL is the biggest innovation there. As I've said before, if it does not have (or run from) a URL it is broken.

Everyone agrees JavaScript sucks:
https://www.google.com/search?...

There are many such things on the web:
"Why JavaScript Sucks And You Should Use It Everywhere"
http://www.youtube.com/watch?v...

It mentions asm.js, BTW.

Check out where the implementer of Smalltalk (Dan Ingalls) is doing now (very dynamic JavaScript): http://www.lively-kernel.org/

Perhaps the fairest thing to say about JavaScript though is:
https://news.ycombinator.com/i...
"[JavaScript] is actually a very strong language with a few very well known warts (like every other language on the planet has). The problem is that people try to use it as if it were Ruby, PHP, Python, Java. One can do that, but just know that it is an exercise in futility. It will cause frustration and one will come to the conclusion that JavaScript sucks when in fact, it is just that most people don't really take the time to _understand_ JavaScript."

A big issue with JavaScript in practice for simulation (typical to go with 3D) though is that, by default, it is essentially single-threaded (yes, other things are possible with webworkers and separate processes and such, but not in practice for most users). Having spent years debugging subtle issues with Java threading in a huge real-time-ish high-visibility high-availability app, I'm not fully sure that's a bad thing though. :-)

BTW, I think there are lots of value to making a big project FOSS, but rapidly getting contributors to do major changes right away (like a move to a web browser via JavaScript and emscripten) is generally not one of them. The big win is often when being free and available brings in small polishing changes and add-ons and also, if the software is written in a modular way to begin with, getting major new modules as part of an ecosystem -- as well as getting broader adoption by being free and open to increase demand for the core developers' other services and related books and training and other addons and so on. In practice, the learning curve for any major project is just too high for a casual use to make a significant core change, and even if they do, the core maintainers may reject the change or make other changes separately that cause bitrot in the change. If emscripten would just run on the core code, maybe someone would try it. But my guess is it require some code changes to the C++, changes to XL as mentioned elsewhere to output JavaScript, other changes to work with OpenGL as you mention on the page, and some JavaScript glue code to have an app, so non-trivial enough that few people will try it as a first thing (unless maybe they already have used emscripten several times). With an expected big effort, then the question is, what is the payoff for taking the risk? That payoff is going to be much bigger for the original authors probably than for some ra

from HN:

scoofy 3 days ago | link

Here the articles points to childhood experiences with hardware, commodore 64s, etc. However, i think this is absolutely nonsense. Now, many people go into college with little idea of what they want to do. Perhaps this is a result of the expansion of college from building a unique skilled career path, to simply being expected.

When talking about demographics and college degrees, i think popular culture is certainly relevant. We are talking about high school and college freshmen discovering themselves. Thus, i'd like to point out that 1984 is the same year the film Revenge of the Nerds came out.

Thus, i'll throw out the hypothesis that, since 80's popular culture was a very regressive era in terms of anti-intellectualism, desire to enter STEM probably took a serious hit at the time in general, much more so with women. That is not to say that previous generations were much better, but gone were the days where the space race inspired tons of kids to pursue STEM education regardless of gender.

>These aren't comparable. The OEM does not have to refund what it costs Microsoft to develop Windows. In order to approach comparability, there would have to be a market price for OS X which could be assessed.

That doesn't make much sense. I am not sure what the relevance is. Assuming Dell pays MS $30 per copy, are you implying that the judge ordered Dell to refund $99.99 to the customer who didn't want Windows? If you don't think the court did that, what is the relevance of the existence of the $99.99 copy again?

>Where can any person or organization buy an OEM (or any other) version of OS X?

If, for arguments sake, MS pulls Windows from the retail market completely and only sells to OEMs, Dell needn't refund anything anymore even if they continue to pay MS $30 per copy? Is that your argument?

If you believe the court ordered Dell to refund the $30, can't Apple calculate how much OS X development for Macbooks costs them? Are you implying it's hard to calculate so they needn't refund?

1. Hotel O hires caterers, and passes that cost on to its customers. Some of its customers object, because the food served by the caterers is not in line with either their preference or their moral convictions, and the catering was not the service they were seeking, they simply couldn't opt out. They were actually interested in a safe and comfortable place to sleep for the night near some attraction or appointment.
2. Bed & Breakfast A is a hot spot for its (few) patrons because it serves a particular dish of eggs benedict that they enjoy, and has a spectacular view.

What if some of the patrons in #2 don't like the eggs benedict or the view but just wanted a place to sleep because they think the beds(hardware) are superior? Should they be denied a refund solely because there are fewer of their kind? Your earlier argument as more like if the caterers in #1 sold the same food also in their restaurant, somehow O's customers are eligible for a refund, but A's are not.

http://www.cnet.com/news/macbo...

http://www.junauza.com/2008/04...

https://news.ycombinator.com/i...

Yes, it's possible for IE6 to use TLS 1.0. But it's not enabled by default. Since it's not on by default, it'll essentially be broken when users visit a site with SSL 3 disabled.

I don't have an old IE6 machine to check myself, but I've found several references that say it's not on.

https://news.ycombinator.com/i...

For the record, Yahoo, running FreeBSD, was compromised via Shellshock.

No, not really:

Earlier today, we reported that we isolated a handful of servers that were detected to have been impacted by a security flaw. After investigating the situation fully, it turns out that the servers were in fact not affected by Shellshock.

Also, are you sure that Yahoo is running FreeBSD on every server? I can't find anything more recent than this piece from 2011, but it would appear that 75% of Yahoo’s Web sites and services run on Linux".

RT.

Alex Stamos, the CISO of Yahoo, posted an in-response bulletin on Hacker News to clear up the rumor that this breach was caused by Shellshock.

Straight to the point, he states that it was not Shellshock that the system was vulnerable to but a separate command-injection vulnerability in their log parsing scripts. Though... Shellshock itself is a command-injection / parsing vulnerability so I'm sure many will skip over the technicalities and consider them one-in-the-same.

At first I was surprised that he came forward and gave explicit details that, well, can now be targeted against. On the other hand, I think it's pretty cool of them to be so open (either that, or they really didn't want to be the "large company" that was effected by Shellshock =P).

Lately, Slashdot seems to be echoing Hacker News, about three hours late. If you're going to be a scraper site, you have to do it faster.

You think that's bad? They follow Ars by about 3 days

Lately, Slashdot seems to be echoing Hacker News, about three hours late. If you're going to be a scraper site, you have to do it faster.

iOS's security model is weakened by a jailbreak

Not true.

https://news.ycombinator.com/i...

strongly-typed languages, where more defects can be caught at compile time, are less prone to runtime failures than interpreted or weakly-typed languages

Isn't that kind of the point?

Is this supposed to be something we didn't know? Or just confirming something we did?

Mostly confirmation. It's good to have empirical evidence: https://news.ycombinator.com/i...

Methinks you're throwing the baby out with the bath water.

"Make everything as simple as possible, but not simpler."
    -- Albert Einstein

Sometimes complexity IS the right solution. Look at ZFS's beautiful design. Instead of having 3 separate API layers, by combining them you can do even more holistically that simply wasn't possible before.

The Unix philosophy is not a religion -- it is a guiding principle. Like all principles there are times to violate the heuristic. Sometimes complexity solves certain problems extremely well.

What we are against is:

* Over-Engineering
* Things are TOO simple which means you need needless complexity to get anything done

This isn't the first time the Unix Philosophy has been discussed:

* Arch Linux to migrate to Systemd
https://news.ycombinator.com/i...

* Linux Future
http://www.pappp.net/?p=969

* "Worse is Better"
http://www.jwz.org/doc/worse-i...
https://www.dreamsongs.com/Wor...

* Follow up -- Back to the Future: Is Worse (Still) Better?
http://www.dreamsongs.com/NewF...

This clearly does not work though... Quoting Google's Adam Langley: "Unfortunately, many CAs decided to ignore it, presumably on the assumption that Microsoft would be forced to back down. We've done this dance with MD5 and 1024-bit certificates and we know how it goes. Here's a quick list of CAs that issued more than 2000 certificates extending into 2017 with SHA-1: GlobalSign nv-sa: 75,312 GoDaddy: 41,606 GeoTrust: 40,429 Comodo: 37,789 Verisign: 34,927 Terena: 9,444 Thawte: 8,735 Internet2: 8,637 Network Solutions: 8,077 Entrust: 5,542 AlphaSSL: 3,458 We would all have liked CAs to have acted either when the Baseline was updated (2011) or when Microsoft laid down dates (Nov 2013) or when Chrome talked about doing this at the CA/B Forum meeting earlier this year. It is unfortunate that that 2016/2017 dates are being ignored. If you run a site and want to be insulated from this sort you might want to consider getting one year certificates. CAs like to sell multiple years of course but doing renewal once every three (or more) years means that you have a significant risk of loosing the institutional knowledge of how to do it. (E.g. the renewal remainder email goes to someone who left last year and you then have a panic when it expires). Additionally, very long lived certificates are not insulated from from these sorts of changes and you may need to replace them during their lifetime anyway." https://news.ycombinator.com/i...

Google still REQUIRES RC4 for Youtube.

https://news.ycombinator.com/i...

Im not totally up on the systemd debate, but most of the objections I've seen are philosophical, and not actually addressing whether it is necessary. For example, this discussion; the 2nd poster acknowledges that the current init doesnt meet his current needs, and everyone seems to agree that systemd is faster, but the objection seems to be that its different and therefore bad.

Its much like arguments I've seen against binary log files, which is absurd because at the end of the day all log files are binary, you're just arguing about the encoding. As long as you have widely supported, stable, widely available tools for reading them-- who cares? If systemd does everything init did and more, faster, and becomes the new stable default, who cares if its not "classic linux"?

While the obvious answer is that Poetternig/RedHat wants a windows alternative they can sell to "big" software developers, a more cynical (and mildly speculative) answer is that systemd is an outstanding way to shoehord into linux all the things that linux users would never normally allow. PID 0 is an important spot to control; if it wants to, it can control what programs are started and under what permissions. There are a few groups that really want this capability, or at least the capability to add something optional that can later be a forced dependency in GNOME or some other popular package.

The first group that comes to mind are the people who want DRM and a protected media path. A monoculture that forces features on users whever it wants to change things is the only way you'd get around the problem of having distributions simply compiling out or otherwise ignoring your DRM. Systemd has effectively raised the costs of not using whatever future "upgrade" is mandated, because the tight integration means you have to replace all the other software you now use as well.

Another group that would really like it if a buggy, alpha-quality, horribly overcomplicated, uncommented, unproven, monolithic black-box of software was a required to use Linux is... the NSA. Simplicity is important when it comes to key services like PID 0. I'm sure it's just a coincidence that the NSA is one of RedHat's larger customers, and that the NSA - while suberting NIST, Cisco, etc - submitted various pateches through redhat. I have no proof, of course, but you don't get security by assuming eveybody is being "nice". I strongly suggest listening to PHK's talk on this subject.

Finally, I'll link a post I just made over at HN. The reason systemd is causing emotions to run high is because it is trying to do to linux what has been done to many other tools: dumb it down and hide how it works. There are a lot of people trying to do that right now, because the idea of open computing that *cannot be limited* (see: "turing complete"). Welcome to the Civil-War On General Purpose Computing.

To support your point: http://www.theatlantic.com/hea...
"In a touching Medium post a few days ago, the writer and programmer Paul Ford shared what he thinks is the secret to his politeness. In conversations with new acquaintances, Ford asks plenty of questions and lets the other person do the talking. He tries not to ask what they do for a living, but if it comes to that, he responds to their job description--whatever it is--with, "Wow. That sounds hard."
"Nearly everyone in the world believes their job to be difficult," he writes. He describes how this process once worked with a woman whose work is not something most people would consider taxing:..."

Also cited here: https://news.ycombinator.com/i...

Leaked Files: German Spy Company Helped Bahrain Hack Arab Spring Protesters

https://firstlook.org/theinter...

[Anarchism]/u/PhineasFisher leaks 40GB of data taken from security firm Gamma International, proving how their software FinFisher was used by Middle Eastern governments to spy on dissidents and journalists.

http://www.reddit.com/r/bestof...

Gamma FinFisher hacked: 40 GB of internal documents and source code of government malware published

http://www.reddit.com/r/techno...

Gamma International Leaked

http://www.reddit.com/r/Anarch...

Also:

https://news.ycombinator.com/i...

Him too? I had heard of Qian Xuesen (known in the USA as Hsue-Shen Tsien) who also was one of the founders of JPL and ended up founding China's space program as well. http://en.wikipedia.org/wiki/Q... https://news.ycombinator.com/i...

I find it really weird that people can get so worked up over A/B testing, but they don't think twice about the blatant censorship that we see daily at reddit or Hacker News. All in all, being exposed to a different version of a website is pretty minor compared to the numerous people who have their freedom of expression absolutely crushed over at reddit and Hacker News. Just look at how many legit comments got unjustly downmodded in some discussion today about Mozilla's new CEO.

I'd expect to see that kind of oppression in a hellhole like Uganda, or perhaps a former Soviet republic. Even if they aren't obliged to encourage free expression, American-based and American-centric websites like reddit and Hacker News should at least not enable and not encourage community-based censorship. Censorship is a form of tyranny, and tyranny has no place in America!

I know, I know, you're going to say, "But what about /.?!" Well, yes, /. does engage in some mild censorship, but at least it's nowhere near as bad as what goes on at reddit or Hacker News. It's totally easy to view -1 downmodded comments here, and they aren't shown in a color that's like totally impossible to read.

I would so much rather be subjected to A/B testing than I would be to censorship. A/B testing is kinda justifiable. Censorship and tyranny is not.

it appears it might be compromised.

From https://news.ycombinator.com/i...

Odd, 6 hours ago someone updated the TruCrypt-key.asc files, then 3 hours later posted all the new binaries.
Also odd is whoever posted the new binaries completely yanked all the previous ones, leaving only the new and questionable binary available for download.

Google probably weights your search reults more by what it knows about you than anything else. For instance, I play the bagpipes and searching for anything with the term "pipe" in it doesn't result in plumbing results. Of course, if you're a bagpipe-playing plumber, you're in trouble...

Matt Cutts says that the personalization-based weighting isn't the strongest part of the weighting. He specifically says it's weaker than location. https://news.ycombinator.com/i...