Feed digilinux.ru [copy] http://digilinux.ru/feed/ has loading error: cURL error 22: The requested URL returned error: 403 Forbidden
Feed freepost [copy] https://freepo.st/rss/new has loading error: cURL error 22: The requested URL returned error: 500
postmarketOS revolutionizes smartphone hacking
I briefly mentioned postmarketOS in my Pinephone review two years ago, but after getting my Dutch SIM card set up in my Pinephone and having another go at using postmarketOS, I reckon they deserve special attention.
Let’s first consider the kind of ecosystem into which postmarketOS emerged: smartphone hacking in the XDA Forums era. This era was dominated by amateur hackers working independently for personal prestige, with little to no regard for the values of free software or collaboration. It was common to see hacked-together binary images shipped behind adfly links in XDA forum threads in blatant disregard of the GPL, with pages and pages of users asking...
My philosophy for productive instant messaging
We use Internet Relay Chat (IRC) extensively at sourcehut for real-time group chats and one-on-one messaging. The IRC protocol is quite familiar to hackers, who have been using it since the late 80’s. As chat rooms have become more and more popular among teams of both hackers and non-hackers in recent years, I would like to offer a few bites of greybeard wisdom to those trying to figure out how to effectively use instant messaging for their own work.
For me, IRC is a vital communication tool, but many users of <insert current instant messaging software fad here>1 find it frustrating, often to the point of resenting the fact...
Python: Please stop screwing over Linux distros
Linux distributions? Oh, those things we use to bootstrap our Docker containers? Yeah, those are annoying. What were you complaining about again?
The Python community is obsessed with reinventing the wheel, over and over and over and over and over and over again. distutils, setuptools, pip, pipenv, tox, flit, conda, poetry, virtualenv, requirements.txt, setup.py, setup.cfg, pyproject.toml… I honestly can’t even list all of the things you have to deal with. It’s a disaster.
This comic is almost 4 years old and it has become much worse since. Python is a mess. I really want to like Python. I have used it for many years and in many projects, including...
I will pay you cash to delete your npm module
npm’s culture presents a major problem for global software security. It’s grossly irresponsible to let dependency trees grow to thousands of dependencies, from vendors you may have never heard of and likely have not critically evaluated, to solve trivial tasks which could have been done from scratch in mere seconds, or, if properly considered, might not even be needed in the first place.
We need to figure out a way to curb this reckless behavior, but how?
I have an idea. Remember left-pad? That needs to happen more often.
I’ll pay you cold hard cash to delete your npm module. The exact amount will be determined on this equation,...
Status update, November 2021
Hello again! Following a spooky month, we find ourselves again considering the progress of our eternal march towards FOSS world domination.
I’ll first address SourceHut briefly: today is the third anniversary of the opening of the public alpha! I have written a longer post for sourcehut.org which I encourage you to read for all of the details.
In other news, we have decided to delay the release of our new programming language, perhaps by as much as a year. We were aiming for February ‘22, but slow progress on some key areas such as cryptography and the self-hosting compiler, plus the looming necessity of the full-scale acceptance testing...
Breaking down Apollo Federation's anti-FOSS corporate gaslighting
Gather around, my friends, for there is another company which thinks we are stupid and we enjoy having our faces spat in. Apollo Federation1 has announced that they will switch to a non-free license. Let’s find out just how much the Elastic license really is going to “protect the community” like they want you to believe.
Let’s start by asking ourselves, objectively, what practical changes can we expect from a switch from the MIT license to the Elastic License? Both licenses are pretty short, so I recommend quickly reading them yourself before we move on.
I’ll summarize the difference between these licenses. First, the Elastic license offers you (the recipient...
GitHub stale bot considered harmful
Disclaimer: I work for a GitHub competitor.
One of GitHub’s “recommended” marketplace features is the “stale” bot. The purpose of this bot is to automatically close GitHub issues after a period of inactivity, 60 days by default. You have probably encountered it yourself in the course of your work.
This is a terrible, horrible, no good, very bad idea.
I’m not sure what motivates maintainers to install this on their repository, other than the fact that GitHub recommends it to them. Perhaps it’s motivated by a feeling of shame for having a lot of unanswered issues? If so, this might stem from a misunderstanding of the responsibilities a maintainer...
How SmarterEveryDay's 4privacy can, and cannot, meet its goals
I don’t particularly find myself to be a fan of the SmarterEveryDay YouTube channel, simply for being outside of Destin’s target audience most of the time. I understand that Destin, the channel’s host, is a friendly person and a great asset to his peers, and that he generally strives to do good. When I saw that he was involved in a Kickstarter to develop a privacy product, it piqued my interest. As a privacy advocate and jaded software engineer, I set out to find out what it’s all about.
You can watch the YouTube video here, and a short follow-up here.
There are several things to praise here....
Software developers have stopped caring about reliability
Of all the principles of software engineering which has fallen by the wayside in the modern “move fast and break things” mentality of assholes modern software developers, reliability is perhaps the most neglected, along with its cousin, robustness. Almost all software that users encounter in $CURRENTYEAR is straight-up broken, and often badly.
Honestly, it’s pretty embarassing. Consider all of the stupid little things you’ve learned how to do in order to work around broken software. Often something as simple as refreshing the page or rebooting the program to knock some sense back into it — most users can handle that. There are much stupider problems, however, and they are...
Status update, October 2021
On this dreary morning here in Amsterdam, I’ve made my cup of coffee and snuggled my cat, and so I’m pleased to share some FOSS news with you. Some cool news today! We’re preparing for a new core product launch at sr.ht, cool updates for our secret programming language, plus news for visurf.
Simon Ser has been hard at work on expanding his soju and gamja projects for the purpose of creating a new core sourcehut product: chat.sr.ht. We’re rolling this out in a private beta at first, to seek a fuller understanding of the system’s performance characteristics, to make sure everything is well-tested and reliable, and to...