• 0 Posts
  • 50 Comments
Joined 2 months ago
cake
Cake day: December 16th, 2024

help-circle
  • Leaking isn’t really the issue, though I suppose Rust helps with that as well. Its memory sales pitch is more about memory safety, which is not reading or writing the wrong parts of memory. Doing that can have all sorts of effects, where the best you can hope for is a crash, but it often results in arbitrary execution vulnerabilities. Memory _un_safety is pretty rare and most prominent in languages like C, C++ and Zig.

    Rust also has more information contained in it, which means resulting programs can actually be faster than C, as the optimizer in the compiler is better informed.



  • One rather obvious reason is that society has a lot of greybeards in general. The baby boomer generation was named that for a reason, and people have been living longer on average. Lots of countries are struggling with the demographic effects. There’s no reason to expect that tech or something even more specific like FOSS would be exempt.

    Another aspect here is that FOSS is still kind of new in society. There’s just more people who have had the chance to age into FOSS greybeards than when those greybeards were young. (And they were thus likely to a lesser degree blocked by entrenched greybeards when they were getting started.)








  • I’ve moved on from vim to neovim, and I think I’ll continue using something in that family in the future. It’s a pretty stable experience overall, but the inclusion of LSPs and tree-sitter have been good improvements too.

    Ultimately editors are tools, similar to keyboards, os-es, screens, chairs, shoes and so on. There are some objective quality differences between a well-constructed tool and some slapdash nonsense, and there are a huge amount of subjective quality differences. What suits me may not suit you, and vice versa.

    It’s generally good to try out some new (to you) stuff and see if you like it. If you do, great; if you don’t, well, now you know. I think my worst experience was with Acme (or Wily? can’t remember), during a phase where I experimented with Plan 9 stuff. Ultimately very not my cup of tea, but apparently Rob Pike (who made it) and some other gophers still enjoy it? Which is good for them, just like it’s good for me that I can choose not to use it. It’s just personal tastes, and I still think it’s good that I gave it a go.

    The debate over holding down modifier keys vs modes is also a part of the Emacs vs vi debate from many decades ago. There might be some statistics for what works best for the most people now, but again, use what suits you. And try some new stuff when you get curious, it’s generally good for you.


  • How do you know a post was written by a systemd hater? Easy, they’ll spell it with a big D for some reason. It reminds me of how Norwegian rabid anti-cyclists are unable to spell “cyclist” for some reason.

    Claiming you don’t want to restart an old debate and then trying to restart it anyway is pretty funny.

    You might also want to keep in mind that you can’t really force an init system on Linux distros. Systemd became the norm through being preferred, as in, the people using and maintaining it think it’s good. At this point you might as well be ranting about how “LinuX is evil somehow” and we should all be using GNU HURD or Minix or something.

    Also: Haven’t thought about suckless in well over a decade, maybe closer to two? I guess way back in the day I was kinda intrigued by their ideas and used some of their products; these days I’d rather see them as something between an art shop and people who are playing a somewhat unusual game with themselves, but not particularly relevant to mainstream software engineering.


  • For context I’m a scientist doing data analysis and modeling, so my view point is potentially significantly different than most of “the industry”.

    Isn’t most of science also rather big on types, only they use the phrase “units”? If you take an attitude of “I never bother checking my units, I just see if it works or not after the fact”, that’s rather different from the science I learned where checking the types of calculations was considered an important step.

    At some levels it’s even just like colour-coding your wires, helping you not accidentally put ground in the wrong part of the circuit.







  • Smartphones – and to a lesser degree, tablets – kind of are not a phenomenal programming platform.

    […]

    But not everyone in 1990 had a personal computer, and I would venture to say that the group that did probably was not a representative sample of the population. I’d give decent odds that a lower proportion of the population as a whole could program in 1990 than today.

    Yeah, and these things influence each other. Today we have a networked computer in our pockets, and depending on where you live, they may or may not be required or the standard way to do tasks like get a bus ticket, login to government websites so you can do your taxes and whatnot, transfer money, and a bunch of other tasks that to a degree are really sensitive.

    So as we have a bunch of barely computer-literate people functionally dependent on these devices, we also need them to be locked down and secure. MS had some grand thoughts about “code everywhere”, which turns out is pretty awful security-wise, especially with gullible networked users. The users in this community have very different capabilities and needs than the users who might not even want a computer, but feel forced to get one because the government stopped using paper and bank and post offices no longer exist. (This is, essentially, what it’s like in modern Norway. We might be ending home delivery of snail mail soon; mail delivery every other weekday seems to be an unnecessary expense.) Beyond the lack of a keyboard, the platform has a bunch of constraints that don’t make for fun computing, but they absolutely need to be there. Unfortunately we also wind up with a split between the common restricted platforms, and the casual, customizable platforms, and not everybody gets to be exposed to the latter.

    There are probably, in absolute numbers, a whole lot more people who know js or Python than people who knew BASIC in the 80s. In addition there are people who are pretty good at spreadsheet programming, and other tasks that are essentially coding, even if they’re not listed as regular programming languages.


  • Quotes are OK, shellcheck is happy, but, according to gtfobins, you can abuse tar, so running the script like this: ./test.sh /dev/null --checkpoint=1 --checkpoint-action=exec=/bin/sh ends up spawning an interactive shell…

    This runs into a part of the unix philosophy about doing one thing and doing it well: Extending programs to have more (absolutely useful) functionality winds up becoming a security risk. The shell is generally geared towards being a collection of shortcuts rather than a normal, predictable but tedious API.

    For a script like that you’d generally want to validate that the input is actually what you expect if it needs to handle hostile users, though. It’ll likely help the sleepy users too.