x86-64 with SSE2 is just about coming out of patent. That's quite an interesting baseline, because that's still the target for a lot of binaries, but anything that depends on SSE4, AVX, or any of the other CPU features that Intel has introduced in the last 20 years likely have patents attached. If you're interested, Intel has a public graph that you can probably find of the number of patents on each CPU feature.
Most plastic is not truly recycled (i.e. turned into the same material that it was), it is downcycled (i.e. turned into lower-grade plastic). Downcycled plastic extends the life of the plastic and is a lot better than just sticking it in landfill / oceans, but it still eventually ends up there. Truly recycling plastic requires a lot of energy (more than creating new plastic from oil, even from plant oil) and so is difficult to make an economic case for.
I wonder what life would be without RMS and GNU, especially GCC
PCC and TenDRA were both around at the same time as GCC. If GCC hadn't been in the right place at the right time, one of them would likely have taken over (hopefully TenDRA, it was a much nicer design). Actually, if TenDRA and ANDF had taken off, the Free Software ecosystem would probably be in a better place than it is now.
BSD systems are now pretty easy to keep GNU-free. I still use bash, but out of inertia rather than a conscious evaluation of alternatives (I'd probably pick zsh if I could be bothered to put the effort into switching). GNU binutils was lacking competitors for a while, but now the LLVM alternatives are a lot better. If GNU binutils hadn't been around then something like the ELF Toolchain Project would probably have matured (it died because it had no advantages relative to LLVM).
Yes, RMS is a pill... but without him, we likely would be paying by the hour for a cable set-top box to send "E-mails" with a "stamp fee" from our CompuServe accounts.
I have no idea what the connection is here. ISPs were happily providing Internet email on *BSD systems since the early '90s. Nothing Stallman has done made a difference there.
At the moment, the most widely deployed and widely used OS in the world is Android, which is Linux. It's not GNU/Linux (the no bash, no glibc, no GNU tools at all in the default install). AOSP is even Free Software, though almost all devices include some non-Free firmware and Google crap. In the server space, even Azure is now mostly running Linux VMs, AWS is almost entirely Linux.
Embedded devices that are large enough to run a real OS often use Linux (though a lot use RTEMS, FreeRTOS, FreeBSD or NetBSD).
A typical house these days probably contains at least half a dozen Linux devices, more than any other OS. You have a very odd definition of niche.
Why would you do that? I have a credit card that's automatically paid off each month. There are a few differences between that and a debit card:
I get 0.5% cash back on every transaction, so I'm paying less by using a credit card than I would be on a debit card.
I get an interest-free loan in between the payment date and the time that the balance becomes due (0.5-1.5 months). That money is sitting in my account where it can earn me interest (or, in my case, reduce the interest that I'm paying on my mortgage).
If there are any fraudulent transactions, I can query them before the money leaves my account, when they're still very much the bank's problem.
Oh, and the bank doesn't get detailed purchase records (you can tell by the way that they hilariously miscategorise things on statements), only the shops that you use.
I am in a similar position. Anything I spend on my credit card gets 0.5% cash back (it used to be 1%, but the EU capped card fees so now they're lower), so everything is cheaper if I pay by card. My bill is paid automatically 14 days after the statement date so the money stays in my account for 0.5-1.5 months after I make the purchase. I have an offset mortgage, so any money in my current account is reducing my payments by an amount equal to having paid that much of the mortgage off, so it's the equivalent of my credit card balance paying me my mortgage interest rate, without paying any tax on the income. The amount of money that I save by using a credit card is not huge, but it's far from negligible.
I don't worry too much about tracking, because any company that actually wants to track me can do so almost as easily without the card. Anything that's delivered, they know my name and address anyway. I spoke to the person who runs the data mining for the supermarket chain I use and they apparently only aggregate at the store granularity because that's the information that they actually care about (they don't care what I buy, they care what things people that shop at the store near me buy).
In terms of costs, there was a report on Slashdot a few years ago about the cost of transaction processing. A lot of cash advocates think that cash is free, but it isn't. Most merchant banks charge fees for handling large amounts of cash, you need extra security if you're keeping cash on the premises, you need to spend time balancing tills and making sure you have enough change, you need to securely transport the money to the bank, and so on. For a big chain, credit cards are a lot cheaper, for a small shop the break-even point for card payments is very low. I forget the exact number, but pretty much anywhere that can afford 2 or more employees saves money by taking cards.
Solar and wind power facilities often have a lot of excess output because they aren't able to tune supply to accommodate demand. Using some of that spare power to produce coal seems like a good idea. You can also use it for energy storage. It will be more or less pure carbon without the other toxic things in coal, so burning it again is clean and CO2 neutral. If you set up a solar plant with this process and a coal-fired power plant, you can use carbon for energy storage to even out peaks and troughs in load and sequester any leftover carbon.
The problem is, he's talking about cloud deployments. AWS is deploying a load of ARM servers, other providers probably will as well. If your workflow involves developing on VMs from the same cloud provider that you use for deployment, then Linus' argument doesn't make sense: if you can get ARM servers for deployment, you can get them for development.
The problem with ARM to date has been that there aren't any compelling server chips.
Right now, that's also true in the server space. It's hard to imagine that an ARM partner will manage to produce a decent server chip with production at the sort of scale that you'd need for a cloud datacentre, but not manage to produce a decent laptop or workstation.
My new mobile phone is a generation old, so was pretty cheap, and it's a lot more powerful than the laptop I used for development two upgrades ago. It has 8GB of RAM, a quad-core 2.45GHz Qualcomm Kryo CPU, and 128GB of flash. If I want to do ARM development on it, I can connect a bluetooth keyboard and mouse and use Miracast to connect a large wireless display. It's not as fast as the 10-core Xeon under my desk, and I wouldn't want to develop large C++ codebases on it, but that's not what most developers do anyway. For Node.js, Java, or.NET development, it's more than adequate and a fraction of the cost of a new laptop.
I'm also a bit surprised by his assertion that developers all work on their machine at home. A lot of developers now just use a test VM from the same cloud provider for all of their debugging and most modern IDEs have support for doing remote builds and remote debugging. It doesn't matter what OS or architecture your laptop uses, because that's not the computer that's running your compiler or test suite.
Weapons are not inherently evil. That is entirely a matter of how they are used. If you want a say in that, get involved in politics.
I think this is the key point. The military (in countries that are not military dictatorships) does not define policy. They follow orders that originate with the government. If you don't want to supply a country's military, then that means that you don't trust how the government of that country will employ its military. That's an entirely reasonable stance to take, but if you want to be consistent then you should also avoid supplying any branch of that country's government and any corporations that have a sufficiently significant presence in that country that they are part of the supporting infrastructure for the government.
Somehow, I don't see these people claiming that Microsoft should pull out of the USA entirely though...
It depends a bit on who those people are. The Hololens team is pretty small in comparison to the total size of Microsoft. If those people are all part of the Hololens project then having them all leave could be a problem. If they're distributed across the entire company then having them all leave would be statistical noise in the normal staff turnover for a company the size of Microsoft.
ARM laptops should really have been offered with linux from the get-go, the only benefit of windows is compatibility with the existing masses of x86 software and drivers for arbitrary peripherals - a benefit which is lost when running windows/arm
ARM Windows laptops can run legacy x86 software (though, I believe, not yet x86-64 software). They ship with an emulator that emulates the main executable and bundled DLLs but can call into native code for things that comes with Windows (e.g. all of the GUI drawing code, video / audio CODECs).
Why would Microsoft buy them? Microsoft Teams already has more market share than Slack and the Slack costs businesses almost as much per user as the entire Office 365 suite (which includes all of the Windows / Mac / Android / iOS apps, as well as the web versions).
Java does not allow you to read and write anywhere on the disk. Java does not let you perform *any* I/O unless the currently installed security manager permits it. Seriously, read something about the Java security model before you comment on it.
All. It's a big hammer. You can turn off reflection entirely, but it's very hard to enable the bits that modern Java frameworks die without but disable the bits that can break the security model.
Java was never meant as security against people who can execute code on your system
Yes it was. Read Li Gong's retrospective some time (Li was the architect of Java's security model). This was explicitly the objective of the Java security model. It was intended, for example, to allow a server process to load untrusted modules to do client-specific processing, without having to trust the client.
Not quite. As Tim Minchin put it, alternative medicine is medicine that has either not been shown to work or been shown not to work. There are some things that work, but have not been studied sufficiently to show that they work. The process of moving things from the not-shown-to-work to shown-to-work category is called medical research.
Like most good conspiracy theories, most of the component parts are either true or at least entirely plausible:
Companies that make vaccines want to make money (true).
Phama companies overplay the benefits and downplay the side effects of their products (true in a number of examples).
Vaccines have potentially lethal side effects (true for some vaccines, though in the vast majority of cases you're still better off getting the vaccine).
Doctors are recommending vaccines because they're paid to do so (in the US, doctors often get kickbacks from drug companies for prescribing their products, so quite plausible).
People in authority don't have your best interests at heart (no surprise there).
A big part of the problem is that we're still very bad at teaching science. We teach it as a set of results, not as a process. I'd be much happier if people left school not knowing the laws of motion or thermodynamics, but knowing how to interpret statistics and build experiments to test an hypothesis.
Everyone on this site is expected to know, that Android is a Java userspace on a Linux kernel.
Most of the Android userspace is C++. The GUI frameworks expose Java APIs (though all of the drawing code, for example, is Skia, which is C++) but most popular applications include a lot of native code as well (I don't have up-to-date stats, but a few years back all of the top 50 most popular things in the Play store did).
Java is alive and well on the mac, has been for decades. I don't know where you get your information from, but it's obviously not current or correct.
Apple stopped shipping it two or three major OS releases ago. If you try to run any Java things, you're prompted to go to the Oracle site and download it. If you do, it doesn't get updates through the OS update mechanism.
Java has gone from being installed on all Macs to being installed on the ones where people actively chose to. Last stats I saw had it at about 20% and dropping.
Secure systems use defence in depth. Java uses defence in breadth. They have a complex security model where every single part of it is in the TCB: a failure in any part violates all of the security guarantees that Java is supposed to provide. Added to that, almost all of the things that it depends on are complex to implement.
This isn't so bad for Android, because they just turn off the entire Java security model and rely on OS-level sandboxing, treating the entire application as a single security domain. If you try to install a security manager on Android, you get an exception. In a compliant Java VM, the security manager is a core part of the security model.
For example, Java security depends on data hiding, but reflection can sometimes bypass that. System frameworks that are more privileged must call into the security manager to check before they perform privileged operations, but that doesn't help if reflection lets you call the wrong methods. It depends on string immutability to identify the permissions (usually this is implemented correctly, but it's one of the things where bugs in native code can accidentally break quite easily). It relies on precise exception delivery to ensure that security manager exceptions are thrown before the behaviour that they're guarding, but there have been numerous bugs in that.
I disagree, it's the COBOL of the web era. It's hugely popular, very verbose, not particularly fast (it can be, but easiest ways to write code in Java don't tend to perform well) and the go-to choice for business logic. And, no matter how much you may dislike Java, be thankful for every organisation it got to move off COBOL...
Slashdot Mirror
x86-64 with SSE2 is just about coming out of patent. That's quite an interesting baseline, because that's still the target for a lot of binaries, but anything that depends on SSE4, AVX, or any of the other CPU features that Intel has introduced in the last 20 years likely have patents attached. If you're interested, Intel has a public graph that you can probably find of the number of patents on each CPU feature.
Most plastic is not truly recycled (i.e. turned into the same material that it was), it is downcycled (i.e. turned into lower-grade plastic). Downcycled plastic extends the life of the plastic and is a lot better than just sticking it in landfill / oceans, but it still eventually ends up there. Truly recycling plastic requires a lot of energy (more than creating new plastic from oil, even from plant oil) and so is difficult to make an economic case for.
I wonder what life would be without RMS and GNU, especially GCC
PCC and TenDRA were both around at the same time as GCC. If GCC hadn't been in the right place at the right time, one of them would likely have taken over (hopefully TenDRA, it was a much nicer design). Actually, if TenDRA and ANDF had taken off, the Free Software ecosystem would probably be in a better place than it is now.
BSD systems are now pretty easy to keep GNU-free. I still use bash, but out of inertia rather than a conscious evaluation of alternatives (I'd probably pick zsh if I could be bothered to put the effort into switching). GNU binutils was lacking competitors for a while, but now the LLVM alternatives are a lot better. If GNU binutils hadn't been around then something like the ELF Toolchain Project would probably have matured (it died because it had no advantages relative to LLVM).
Yes, RMS is a pill... but without him, we likely would be paying by the hour for a cable set-top box to send "E-mails" with a "stamp fee" from our CompuServe accounts.
I have no idea what the connection is here. ISPs were happily providing Internet email on *BSD systems since the early '90s. Nothing Stallman has done made a difference there.
If Linux is so superior, why is it a niche OS?
At the moment, the most widely deployed and widely used OS in the world is Android, which is Linux. It's not GNU/Linux (the no bash, no glibc, no GNU tools at all in the default install). AOSP is even Free Software, though almost all devices include some non-Free firmware and Google crap. In the server space, even Azure is now mostly running Linux VMs, AWS is almost entirely Linux.
Embedded devices that are large enough to run a real OS often use Linux (though a lot use RTEMS, FreeRTOS, FreeBSD or NetBSD).
A typical house these days probably contains at least half a dozen Linux devices, more than any other OS. You have a very odd definition of niche.
It isn't even good at that. For example, it only just gained the ability to handle UNIX line endings and it still doesn't have multi-level undo.
Oh, and the bank doesn't get detailed purchase records (you can tell by the way that they hilariously miscategorise things on statements), only the shops that you use.
I am in a similar position. Anything I spend on my credit card gets 0.5% cash back (it used to be 1%, but the EU capped card fees so now they're lower), so everything is cheaper if I pay by card. My bill is paid automatically 14 days after the statement date so the money stays in my account for 0.5-1.5 months after I make the purchase. I have an offset mortgage, so any money in my current account is reducing my payments by an amount equal to having paid that much of the mortgage off, so it's the equivalent of my credit card balance paying me my mortgage interest rate, without paying any tax on the income. The amount of money that I save by using a credit card is not huge, but it's far from negligible.
I don't worry too much about tracking, because any company that actually wants to track me can do so almost as easily without the card. Anything that's delivered, they know my name and address anyway. I spoke to the person who runs the data mining for the supermarket chain I use and they apparently only aggregate at the store granularity because that's the information that they actually care about (they don't care what I buy, they care what things people that shop at the store near me buy).
In terms of costs, there was a report on Slashdot a few years ago about the cost of transaction processing. A lot of cash advocates think that cash is free, but it isn't. Most merchant banks charge fees for handling large amounts of cash, you need extra security if you're keeping cash on the premises, you need to spend time balancing tills and making sure you have enough change, you need to securely transport the money to the bank, and so on. For a big chain, credit cards are a lot cheaper, for a small shop the break-even point for card payments is very low. I forget the exact number, but pretty much anywhere that can afford 2 or more employees saves money by taking cards.
Solar and wind power facilities often have a lot of excess output because they aren't able to tune supply to accommodate demand. Using some of that spare power to produce coal seems like a good idea. You can also use it for energy storage. It will be more or less pure carbon without the other toxic things in coal, so burning it again is clean and CO2 neutral. If you set up a solar plant with this process and a coal-fired power plant, you can use carbon for energy storage to even out peaks and troughs in load and sequester any leftover carbon.
The problem is, he's talking about cloud deployments. AWS is deploying a load of ARM servers, other providers probably will as well. If your workflow involves developing on VMs from the same cloud provider that you use for deployment, then Linus' argument doesn't make sense: if you can get ARM servers for deployment, you can get them for development.
The problem with ARM to date has been that there aren't any compelling server chips.
Right now, that's also true in the server space. It's hard to imagine that an ARM partner will manage to produce a decent server chip with production at the sort of scale that you'd need for a cloud datacentre, but not manage to produce a decent laptop or workstation.
My new mobile phone is a generation old, so was pretty cheap, and it's a lot more powerful than the laptop I used for development two upgrades ago. It has 8GB of RAM, a quad-core 2.45GHz Qualcomm Kryo CPU, and 128GB of flash. If I want to do ARM development on it, I can connect a bluetooth keyboard and mouse and use Miracast to connect a large wireless display. It's not as fast as the 10-core Xeon under my desk, and I wouldn't want to develop large C++ codebases on it, but that's not what most developers do anyway. For Node.js, Java, or .NET development, it's more than adequate and a fraction of the cost of a new laptop.
I'm also a bit surprised by his assertion that developers all work on their machine at home. A lot of developers now just use a test VM from the same cloud provider for all of their debugging and most modern IDEs have support for doing remote builds and remote debugging. It doesn't matter what OS or architecture your laptop uses, because that's not the computer that's running your compiler or test suite.
Weapons are not inherently evil. That is entirely a matter of how they are used. If you want a say in that, get involved in politics.
I think this is the key point. The military (in countries that are not military dictatorships) does not define policy. They follow orders that originate with the government. If you don't want to supply a country's military, then that means that you don't trust how the government of that country will employ its military. That's an entirely reasonable stance to take, but if you want to be consistent then you should also avoid supplying any branch of that country's government and any corporations that have a sufficiently significant presence in that country that they are part of the supporting infrastructure for the government.
Somehow, I don't see these people claiming that Microsoft should pull out of the USA entirely though...
It depends a bit on who those people are. The Hololens team is pretty small in comparison to the total size of Microsoft. If those people are all part of the Hololens project then having them all leave could be a problem. If they're distributed across the entire company then having them all leave would be statistical noise in the normal staff turnover for a company the size of Microsoft.
that was designed by competent enough people
Ah, I see what the problem is, thank you.
ARM laptops should really have been offered with linux from the get-go, the only benefit of windows is compatibility with the existing masses of x86 software and drivers for arbitrary peripherals - a benefit which is lost when running windows/arm
ARM Windows laptops can run legacy x86 software (though, I believe, not yet x86-64 software). They ship with an emulator that emulates the main executable and bundled DLLs but can call into native code for things that comes with Windows (e.g. all of the GUI drawing code, video / audio CODECs).
Why would Microsoft buy them? Microsoft Teams already has more market share than Slack and the Slack costs businesses almost as much per user as the entire Office 365 suite (which includes all of the Windows / Mac / Android / iOS apps, as well as the web versions).
Java does not allow you to read and write anywhere on the disk. Java does not let you perform *any* I/O unless the currently installed security manager permits it. Seriously, read something about the Java security model before you comment on it.
All. It's a big hammer. You can turn off reflection entirely, but it's very hard to enable the bits that modern Java frameworks die without but disable the bits that can break the security model.
Java was never meant as security against people who can execute code on your system
Yes it was. Read Li Gong's retrospective some time (Li was the architect of Java's security model). This was explicitly the objective of the Java security model. It was intended, for example, to allow a server process to load untrusted modules to do client-specific processing, without having to trust the client.
Not quite. As Tim Minchin put it, alternative medicine is medicine that has either not been shown to work or been shown not to work. There are some things that work, but have not been studied sufficiently to show that they work. The process of moving things from the not-shown-to-work to shown-to-work category is called medical research.
A big part of the problem is that we're still very bad at teaching science. We teach it as a set of results, not as a process. I'd be much happier if people left school not knowing the laws of motion or thermodynamics, but knowing how to interpret statistics and build experiments to test an hypothesis.
Everyone on this site is expected to know, that Android is a Java userspace on a Linux kernel.
Most of the Android userspace is C++. The GUI frameworks expose Java APIs (though all of the drawing code, for example, is Skia, which is C++) but most popular applications include a lot of native code as well (I don't have up-to-date stats, but a few years back all of the top 50 most popular things in the Play store did).
Java is alive and well on the mac, has been for decades. I don't know where you get your information from, but it's obviously not current or correct.
Apple stopped shipping it two or three major OS releases ago. If you try to run any Java things, you're prompted to go to the Oracle site and download it. If you do, it doesn't get updates through the OS update mechanism.
Java has gone from being installed on all Macs to being installed on the ones where people actively chose to. Last stats I saw had it at about 20% and dropping.
What security problems come with Java?
Secure systems use defence in depth. Java uses defence in breadth. They have a complex security model where every single part of it is in the TCB: a failure in any part violates all of the security guarantees that Java is supposed to provide. Added to that, almost all of the things that it depends on are complex to implement.
This isn't so bad for Android, because they just turn off the entire Java security model and rely on OS-level sandboxing, treating the entire application as a single security domain. If you try to install a security manager on Android, you get an exception. In a compliant Java VM, the security manager is a core part of the security model. For example, Java security depends on data hiding, but reflection can sometimes bypass that. System frameworks that are more privileged must call into the security manager to check before they perform privileged operations, but that doesn't help if reflection lets you call the wrong methods. It depends on string immutability to identify the permissions (usually this is implemented correctly, but it's one of the things where bugs in native code can accidentally break quite easily). It relies on precise exception delivery to ensure that security manager exceptions are thrown before the behaviour that they're guarding, but there have been numerous bugs in that.
It is the PL/1 of the web era.
I disagree, it's the COBOL of the web era. It's hugely popular, very verbose, not particularly fast (it can be, but easiest ways to write code in Java don't tend to perform well) and the go-to choice for business logic. And, no matter how much you may dislike Java, be thankful for every organisation it got to move off COBOL...