As OMEMO protocol developer here: There is no actionable feedback from this post for developing the OMEMO standard, although I do like that someone made the effort to look into it.
The claim that versions 0.4.0-0.6.0 had 256 bit authentication tags is wrong, it was always truncated to 128 bits. Here’s the version 0.4.0 from the attic: https://xmpp.org/extensions/attic/xep-0384-0.4.0.html#protocol-double_ratchet “Authentication tags are truncated to 16 bytes/128 bits.” What changed in 0.7.0 is only some wording, to make explicit how truncating works. As is already said in the blog post, truncating to 128 bits is considered acceptable.
As a client developer however, I agree that we’re slow to migrate to the current version of OMEMO. Implementations of 0.3.0 are incompatible to 0.4.0 and later, so this would be a migration breaking the ecosystem, making it not an easy undertaking with a dozen of independent client implementations that are mostly developed by free software developers in their spare time.
Thank you for replying constructively here even as there seem to be multiple assumptions making the rounds which suggest there is no constructive response. I think this part of your comment:
As OMEMO protocol developer here: There is no actionable feedback from this post for developing the OMEMO standard, although I do like that someone made the effort to look into it.
deserves more than you gave it. IMO some of the best feedback from @soatok ’s post is:
[OMEMO/XMPP] still doesn’t meet the bar for the kind of private messaging app that Signal is, and is not a viable competitor to Signal.
To understand why this is true, you only need check whether OMEMO is on by default (it isn’t), or whether OMEMO can be turned off even if your client supports it (it can).
Both of these conditions fail the requirements I outlined under the End-to-End Encryption header in that other blog post.
Of course this is not actionable from the perspective of an OMEMO protocol developer. And by saying that, I don’t mean to suggest that their concerns are unfair. They’re just leveled at a different part of the stack than what you’re working on.
The valid point I believe they’re making is that in order to be an app that’s considered in the same bucket as Signal/a competitor to signal, that app needs to have OMEMO turned on by default and needs to be designed so that it can’t be disabled for implementations which support it. Which is to say that these are more “product” points than implementation details for the encryption protocol.
Conversations has red bubbles if you disable omemo in a previously encrypted conversation.
XMPP is not signal: It has most if not all features laypeople want, but most clients are not designed for average joe (unlike signal). Many clients as such trust that you know what to encrypt and what not (why should my personal xmpp bot be forced into using encryption, making the codebase much more complex? etc)
I generally like soatok’s writing, and as a person that likes xmpp and omemo I went into the article with a lot of added open mindedness, but starting the article with this point made it a lot harder to retain that mindset for the rest.
Conversations has red bubbles if you disable omemo in a previously encrypted conversation.
Personally, I don’t think that’s good enough. But more pertinently in the context of the articles being discussed, it 100% doesn’t meet the author’s standards that they articulated here:
when they laid out specifically what it’d take (from their perspective) for something else to constitute a reasonable competitor to signal where it pertains to their friends and family.
XMPP is absolutely not signal. But this post, coupled with the one I linked, is dedicated to explaining what the gap is between XMPP+OMEMO when it comes to soatok’s requirements for their and their friends’ communications. I might not share every one of those requirements, but I don’t think that’s an unfair position to explore when it comes to writing an article like this, at all.
This is mostly a statement on my end that the fact that encryption can be disabled does not mean that the apps make no attempt to draw your attention to this, which is an added nuance not represented in soatok’s post.
Furthermore I think some amount of manualness is needed in omemo actually. Should the default be to trust all keys of a user (or the first new keys)? Let’s say yes, now, what if the user adds a new one? Do we revoke old keys at all? Signal owns the servers so they don’t have to deal with the potential of evil server admins either, but an evil xmpp server can definitely hijack an omemo session by getting its keys trusted (mitm or just additional key).
Matrix has to deal with this to some extent too, and has abysmal encryption UX (“this message cannot be decrypted”, “waiting for this message, this might take a while” etc).
I want signal grade encryption on xmpp, but I’m not sure we can get better than the current state of omemo. If you have ideas I’d love to hear them.
When I said I don’t think it’s good enough personally, I was saying that I believe the right thing for a previously encrypted protocol to do in the face of a conversation that can no longer be encrypted is to reject communications and send you to some other channel, IMO. I think the attempt to draw your attention to it is necessary but not sufficient.
I don’t disagree that some degree of manual management will be needed for a protocol like OMEMO. I think at a product level, how much of it falls to a user vs to a trusted manager is debatable.
For key management, my default position would be that addition of a new key that can be attested by an old one should be visible (and alerted!) to both ends of the e2e communication. Decommissioning old keys should lead to revocation. That may also involve some manual effort.
TBH I’m not sure what the right answer is for the UX overall; for my own use, I liked OTR a lot. It worked like SSH and matched the model I needed. And in that spirit, I land close to the things you’re saying. But if I want my dad to send me encrypted messages, and want to be confident that it’s e2e -> me, it’s harder to find a landing spot that makes me confident it’s safe. Especially if I want to answer the question: what can I instruct him to do that will be safer than iMessage, if we both had phones that do that?
This won’t work anymore as no one will accept that their conversation is now locked to a specific device/client. When I used Facebook Messenger regularly which also had OTR, I never chose encryption for this reason since I was using it thru the browser on 3 devices with 4 OSs, Pidgin/Adium, & the Lite Android client… I would assume most user would demand multi-client support in 2024.
I agree that XMPP+OMEMO clients are probably not on par with Signal in terms of UX and security.
However, I don’t see this as easily said about the protocols. The distinction might be a bit technical, but I have never heard anyone saying “I don’t suggest using HTTPS because Internet Explorer only supports outdated versions and most clients have encryption disabled by default”.
If we focus on the client software criticism, I largely agree with what is said in the blog post and it also is actionable. However, than the story is really more about Conversations and not XMPP+OMEMO, as the title suggests.
So that you can say you have heard it: I think that one should not rely on HTTPS for securing chat, but instead use something as least at secure as SimpleX or Signal.
(Clients making it usable to disable it is only a small part, but is a part. This is my generic advice, in practice applications with comparable security do not cover all common use cases, so sadly it is not yet always possible and my advice for more specific use cases diverges. Also this is advice for a specific set of values, other people have different values, e.g. some want to forbid e2ee.)
A common failure of encryption protocols is to omit from the specification some part that is necessary for users to use them securely. This includes usability requirements on implementations.
One of the principles for secure design is “Psychological acceptability (aka easy to use). The human interface must be designed for ease of use so users will routinely and automatically use the protection mechanisms correctly.” (adapted from The Protection of Information in Computer Systems, Saltzer and Schroeder, 1975)
It seems to me that OMEMO lacks language that disallow compliant clients to send unencrypted messages. Maybe it would need to be another XEP that upgrades it from a SHOULD to a MUST to allow iterative deployment, which OMEMO links to.
As you say that version upgrade would be a “migration breaking the ecosystem”, it also lacks language for how implementations should deal with ecosystem wide protocol upgrades, without breaking it. And if that causes any security considerations. Maybe they would implement both versions for some time.
(I think there is more missing related to the OMEMO spec… and IMHO Signal is not secure enough for the current real world, which requires even more spec work beside of OMEMO, if one wants XMPP to rise to that task.)
Are there any implementations with both the interest and people time that is sufficient to implement it? I don’t know.
So yes the spec needs work (not only the implementations).
Does this make sense to you as a OMEMO protocol developer?
Presumably the tendency of Matthew Hodgson (the Element CEO) and other Matrix supporters to aggressively defend their technology in the comments whenever anyone attempts to criticize it. (I’ve seen this happening for years now, and it even happened to me once!)
The issue here, as Soatok points out, is that the evangelists aren’t willing to engage with the fact that Matrix has real issues, and thus fix them or put their efforts towards something different: instead, they dismiss users’ concerns and insist the issues will surely be fixed soon (while not doing the work or allocating budget to do so), or that the issues simply don’t exist in the first place. (This seems to lead to open source projects that adopt Matrix moving to Discord after the discontent builds, which is depressing.)
Presumably the tendency of Matthew Hodgson (the Element CEO) and other Matrix supporters to aggressively defend their technology in the comments whenever anyone attempts to criticize it. (I’ve seen this happening for years now, and it even happened to me once!)
Personally, from what I’ve observed here on Lobste.rs, HN or Github, Hodgson has always either replied politely or tried to address the criticisms. I never saw him use aggressive language or answer in bad faith. Don’t know about the others though.
The issue here, as Soatok points out, is that the evangelists aren’t willing to engage with the fact that Matrix has real issues, and thus fix them or put their efforts towards something different: instead, they dismiss users’ concerns and insist the issues will surely be fixed soon (while not doing the work or allocating budget to do so), or that the issues simply don’t exist in the first place.
I’ve been usually persuaded by Matthew’s replies, or just saw signs of insufficient manpower behind the project, as a careless observer. I can see how it could be interpreted the way you frame it though.
It is undeniable that, despite the amount of features it has over Signal, the UX is subpar to say the least. Let’s hope that the goals of Matrix 2.0 are achieved!
Presumably the tendency of Matthew Hodgson (the Element CEO) and other Matrix supporters to aggressively defend their technology in the comments whenever anyone attempts to criticize it.
There might have been cases like this but I have seen Matthew Hodgson, multiple times, address FUD. Which I appreciate.
I really don’t read this attitude that others seem to be getting from this post. It seems adversarial, but not overly adversarial. Its about as adversarial as I’d expect a cryptography criticism+critique to be.
I’m a fan of this person and I think their contributions usually make a positive impact but this post was resentful and came across as having bad intent. It made it hard to read.
Do you think these responses to courts were dishonest? Signal can simultaneously disappoint our expectations about Free Software and also be trusted to not store anything beyond phone numbers and a pair of timestamps.
Among those is a mapping from the phone number to all the devices the user owns. For each of those devices, the server stores the information if it’s Google, Apple or something else (“user agent”). For Google and Apple it stores a unique push token that can be linked by Google and Apple to their respective accounts (and thus is PII under GDPR and similar legal definitions). As Signal was always able to send push notifications and still is today, we can be certain that even if they don’t use the open source version of the server in their live system (which they are known to have done in the past), we know they are storing those push tokens. They also state it in their privacy policy that they do this (but who reads those when there is a nice “we don’t store, see our published responses to gov” page that claims they don’t store anything).
As an example, in the request https://signal.org/bigbrother/cd-california-grand-jury/ the subpoena specifically included “device data” and “connected applications”. Signal had this data (as seen above), but in their reply they didn’t include it and they even explicitly claim (without any need), that they only have “the time of account creation and the date of the account’s last connection to Signal server”, which as can be seen when looking at the code, is completely wrong.
Can signal be coerced into releasing an update that weakens the privacy of a huge portion of its users?
In theory, no, because all the relevant code is open source/free software and can be built reproducibly.
In practice, probably. Who knows if people are actually auditing the code and verifying the published builds. But that’s the case for federated software, too. Or, Google Play could be compromised too and forced to distribute doctored builds (you’d still need to compromise Signal to get their signing key). But you’d have the same problem with F-Droid. F-Droid at least can’t target individuals who are using Tor to download APKs because it doesn’t require signin, but individual targeting is not what you asked about.
Looking at his blog archive, he’s been a pretty active Signal shill for a while, and with good reason if you consider the technical parts of Signal, which seems pretty good, compared to what’s out there.
(I’m not an expert in this field, but the reviews of the open-source crypto-engineering of Signal seem positive… but there are also many small weird things around the Signal Foundation.)
Yours seemed potentially interesting, but the options locally (Hamburg) seem pretty limited. I wish you luck regardless!
I think your current location filter is searching for where a job is located (which is good), but it doesn’t seem to account very well for states or for companies hiring elsewhere in the country/continent/globe.
If I could wish for more filters in general (not necessarily for you, but for any job board):
Being able to filter where a job is located and where they are hiring would be nice. (justification: for visa reasons I can work in Germany for any German company, being hired by other countries is a more complex process)
Language requirement filter would help in cases like mine also.
Fulltime/parttime/contract/etc filters, maybe even a permanent or timed contract filter are also generally much appreciated.
I agree the local options are limited for now - I hope to improve this as I add more data. Adding “Remote” to the location box can be used in combination with locations - i.e Remote in Germany, but I should make that more clear. As you said, showing jobs near the selected location geographically could be useful too, right now it only uses what you select.
The filters you mentioned are a great idea too. I actually have plans to add some of these, but I’m still prototyping ways to detect these with either an LLM or classifier, although some can be detected with text-search.
Wikipedia has the tentative release date as July 31st - I’m excited to try it out. I made sure to mark it on my calendar to check up on when the time comes in case i miss the news :)
I would never make use of another internet service based in Germany.
I had a VPS with Nexus Bytes in Germany. The drive that it was on was seized by the German authorities – and all of the innocent parties lost their servers along with whoever had committed an offence. They never even contacted the server admin. According to him, when clients filed service requests he had the server checked, only to learn that the hard drives had been taken.
I’m self-hosting at home now. It’s probably the best idea anyways.
People in replies seem to be panicking and changing locations or providers, but I feel like your case is more of an exception than anything. I’ve been hosting a lot in several servers located in Germany for the past several years, all of them hosted at half a dozen (small and large) providers, and I’ve had absolutely zero issues involving anything like that.
Besides, if someone can dive in and take out drives without your server admin noticing or being informed by datacenter staff… you have bigger issues.
Super-cheap service. Back it up yourself. I had a bash-scripted backup of my files and configs, but I hadn’t done one for a bit. That part’s my fault. I can’t say how others were impacted, but judging from the admin’s response, he was dealing with a number of tickets.
It might depend on how the provider had backup strategy set up – if backups or redundant servers/drives also included the offending material[1] that was the cause of seizure then those also had to be taken by the authorities.
[1] because for example they backup the whole machine “all in one go” and store it together for all clients using VMs on this host - which is probably the easiest to set up.
I live in this fantasy world where people use HA clusters, so that you could remove a server or two without any issues for the VMs running on them. But I guess you get what you pay for…
That doesn’t look so clean in reality I think - when the police knocks, they don’t have procedures that says - ask nicely and give time for a graceful transition/shutdown - their job is to secure the illegal material and that’s what they do and at least in some instances it is not that they take just the hard disks out - they can even take servers, the more the merrier, so it may even include the whole ha-cluster if present (in most instances I guess policeman is not a trained IT engineer to know where those illegal activities are or are not performed).
Bit late to the thread, but I just want to let this out.
I want a graphical code editor, one that is not electron, has extensive plugin support (so that it can even be called a “light IDE” with the right plugins installed), is cross platform, and most importantly, is cross CPU architecture.
Sublime Text does all of those except for “cross CPU architecture”, and honestly ever since I got into ARM computers I didn’t even genuinely feel the need for something that can replace it, but as it stands now, ST runs a bit slow with qemu-user-static on my PBP, and nothing much can hold its place. I use vim for the most part, but I need something graphical for better productivity.
I wish it was easier to self host, I really do. I tried 3 times over the last 2 months to host jitsi. It’s a ridiculously complicated web of software, and impossible for anyone new to this to figure out how it’s all supposed to work when it doesn’t.
First attempt was using the magical ‘curl |bash’ method on debian, which installed but I could never get 3-way video chat to work reliably.
Second attempt was with their docker-compose project. After much effort trying different branches and config changes (both officially documented, and suggested in various issue comments in their repo), I ended up with something where 2-way video chat didn’t work reliably, and 3-way didn’t work at all.
Third attempt was installing packages from AUR and hoping that I could figure out how it’s all supposed to work together so that I could get it to actually function. I got less far than the previous two attempts.
Also the option search did not show the jitsi options.
That said, the reviewers are being diligent but the PR is shaping up being super nice! The current blocker is to have some meaningful tests for the PR, which is difficult because you need to fake video input, do some screenshots, compare them or something like that.
I did rip the relevant parts from the PR and make them available separately here in my nur-packages repo.
I got it working using on my second attempt using docker-compose and traefik as a reverse proxy. I could write a blog post about my setup if you think that could be of any help.
That is a good thing to test since the two way calls don’t involve the brige. Which you probably know.
For me, I could reproduce problems by even just open the same conference in chrome/chromium three times or more. Only with the correct setup, I’d see the video feeds for all tiles in gallery view.
Jitsi Meet is easy to install on e.g. Debian by adding the correct repo (deb https://download.jitsi.org stable/) and installing the jitsi-meetpackage. This will pull in the required packages (jicofo, jitsi-meet-web, jitsi-meet-web-config, jitsi-meet-prosody) and suggests installing a turn server (jitsi-meet-turnserver). On installation you’ll be asked about what domain you want to use (give it a FQDN, i.e. somewhere.example.com instead of somewhere). Open up the firewall to UDP:10000 for Jitsi and whatever you use for XMPP,/BOSH/TURN/TURNS (I submitted a PR to get them to use the IANA-assigned ports for TURN/TURNS as that currently is a bit of a mess) but after that my experience is that it just works.
The basic features of jitsi works ok. Try debugging jibri (Xorg server with a custom linux kernel module for audio loopback, starting chromium, starting the javascript web client, recorded with ffmpeg and using PJSUA for providing an SIP stack) video encoding errors or enabling Web Tokens and that is another story.
As long as it work out of the box and you do not have to seek in the internals, it is easy.
Jibri (the optional recording/streaming component) however is a lot more painful. It requires java 8 (or else video recording doesn’t terminate properly. Use of Java 8 causes cert issues on jicofo if you use let’s encrypt as the adoptopenjdk8 certstore doesn’t have LE), lots of cert tweakery (the one I mentioned about adoptopenjdk8 earlier, if you use self signed certs, chrome itself doesn’t like self signed certs so you’ll either have to trust the cert or run chrome in an insecure way), a kernel with alsa loopback capture support (can’t remember the name of the kernel module, but basically -cloud kernels don’t work, and I had no success with getting it to work in a container) etc.
That is the whole thing: it is not a Web (HTTP) software: it is an XMPP software: a different protocol for which jitsi-meet is a web-to-xmpp gateway. :)
I managed to get Jitsi Meet working first time with the quick install instructions, however, I ended up spending days trying to get the JWT auth working which was incredibly frustrating.
In the end I scrapped my first attempt and found a post on the Jitsi forums which had step-by-step instructions for token auth with Ubuntu 18.04 and it worked like a charm. Here’s the link for anyone in a similar situation.
I am running a debian setup and it works fine with up to 6 parties. I have not tried more yet, but I see no reason why it should not work.
The thing is that you need more RAM. I started with a small vpc at hetzner cloud and it works for 1on1 Chat, but only because jitsi uses peer-to-peer for those. The moment a third party joins, you need at least 8GB ram. I upgraded my instance and it works fine now.
but I could never get 3-way video chat to work reliably.
Did you check the videobridge logs? The main difference between between 2 and 3 way calls is that the latter are using the videobridge and I had to fiddle around a bit with the way Jitsis Debian packaging handled hostnames and certificates. I have an ansible playbook for Jitsi Meet on Debian buster which I could clean up if that would be of any interest.
I think that it mentioned that the most intensive thing is the blog (which can be fairly static, even more so as raspberry pi’s blog doesn’t have a reply feature) I don’t see a mention of forum on the post, even.
We used the main blog, which hosts the www.raspberrypi.org blog, and has historically been the most CPU-intensive site to provide.
edit: nvm, I see that they do have comments on the blog. It makes more sense now. Still makes me wonder how much the software could be optimized though.
This post is bullshit and I’m sad to see it here with 82 upvotes.
I hate the smug pedant writing style throughout, the massive effort spent explaining that WIP features are indeed a work in progress, the pages of copy pasted console output to demonstrate that there are trivially fixable bugs, and so many errors. (using trivially replaceable libc functions fits the standard definition of “zero dependencies” for C code, try making a release build, nobody cares if a compiler leaks memory, you would fix it by deleting the malloc, nobody cares that compiling a 1.2m line function fails, your benchmark is invalid because it doesn’t actually work, macbooks are 10x slower than any modern desktop, …)
I especially hate the condescending suggestions at the end and loosely sprinkled flowery statements that allow you to pretend you’re being constructive and not just making fun of someone in public for upvotes.
Five days ago you submitted a post about how you hope you can help new programmers get into the industry, now you’re writing multiple posts and comments dumping on someone because version 0.0.12 of the one man project they’re giving away for free isn’t as good as you hoped. Don’t you find that hypocritical?
BTW yes I am aware his patreon raises $800/month, remarkably average programmers fresh out of school make that much in one day at Google/FB/etc, all of whom will happily take his work and give nothing back should it benefit them.
the massive effort spent explaining that WIP features are indeed a work in progress
That this was not how anything was portrayed or described for months on end. The post doesn’t really give full context.
nobody cares if a compiler leaks memory, you would fix it by deleting the malloc
No, V manages memory for you apparently.
macbooks are 10x slower than any modern desktop,
I know you are exaggerating, but no, they aren’t 10X slower, especially not for a single threaded workload like the current v compiler. I agree the benchmark is synthetic and doesn’t mean much, but If anything a real program is split into many files which will slow things down further. The fact of the matter is the author likes to say V compiles 1.2 million lines of code a second, and it doesn’t. Why say things like that when they aren’t true? Just say V is fast, or V will be fast.
Five days ago you submitted a post about how you hope you can help new programmers get into the industry, now you’re writing multiple posts and comments dumping on someone because version 0.0.12 of the one man project they’re giving away for free isn’t as good as you hoped. Don’t you find that hypocritical?
I don’t think he/she said they should get into the industry by telling people they are more capable or accomplished than they actually are. Say I have some free things to give your elderly parents that don’t work as advertised and then cause harm, fine by you I guess? It was free after all.
BTW yes I am aware his patreon raises $800/month, remarkably average programmers fresh out of school make that much in one day at Google/FB/etc, all of whom will happily take his work and give nothing back should it benefit them.
Can’t argue with that.
Anyway, the V site is much better now - all people want is honesty. It isn’t that hard.
BTW yes I am aware his patreon raises $800/month, remarkably average programmers fresh out of school make that much in one day at Google/FB/etc, all of whom will happily take his work and give nothing back should it benefit them.
What @ac said is true. Here are the original claims he presented mostly like it was done. A few articles like that. On HN, we got him to back off admitting some claims were actually in just getting started stage. Eventually, he put WIP icons on some of that on the new site.
Before that, he was saying he had a language safe with no GC like Rust (but easier) that compiled fast like Go running as fast as C with no to sub-1MB dependencies with cost-free interop with C/C++. And he can transpile your C++ code to it, too.
Then, we got this repository as the deliverable. And it didn’t even deliver on some of the easier claims. Yeah, you bet folks are going to call him out for that.
Edit: Tagging ac and @cadey in case you want the archive link as evidence.
I’m glad you said something because this entire thing is embarrassing and in my opinion, all these folks dog-piling should be ashamed of themselves. If this person CAN make stuff happen, then why not cheer him on? If he can’t then why not say, ‘good try mate’? This hyper critical negative focus is so distasteful.
But but he’s taking MONEY! So? He’s got a patreon and he’s trying to fund something he thinks he can do. All these hyper technical nitpicking folks thinking somehow this is a zero-sum game. Just shameful.
I think he did a great job marketing, If he can make things happen then great. He just should stick to truth when getting attention. It isn’t that hard. It isn’t “hyper critical” to expect honesty. The site is much better now than it was before.
thinking somehow this is a zero-sum game
I didn’t see anyone make that claim.
If he can pull off all the WIP’s in december 2019 like the site says, it would be fantastic.
If he’s doing this in good faith (which I figure he probably is), then so long as he doesn’t give up, by December he’ll have learned a whole lot & be substantially more qualified to attempt everything he’s planned (even if he hasn’t managed to do so by that point). Jumping in the deep end is a great way to learn to swim.
Already, he’s learned an important lesson: that misrepresenting planned features as already-implemented will be generally interpreted as dishonesty, & so it makes more sense to build trust by working in public.
If he stays on this path, the donations will be justified simply because they will have supported the development of a skilled & well-rounded developer – something we desperately need more of in the world! And, cadey’s post is a vital part of making that happen.
Why on earth do you care if people are giving him money or not? He’s working on something, he’s solicited for money and people have given it to him. How does this in any way affect you? This is what I meant by zero-sum. Folks giving him money doesn’t automagically reduce the available money for other people, so why begrudge him?
Perhaps this stems from my personal belief that we should be trying to always encourage each other in our endeavors rather than tearing them down constantly, but I see nothing but a bunch of folks jumping like blood-thirsty savages on a cat with some good hype-game and some ideas about PL that he’s making an attempt to make real.
It allows to build small performant GUI apps like Volt: https://volt-app.com/ (Volt 1.0 RC 1 for macOS has been used by thousands of happy users for several months.)
It seems like people are kind of dogpiling on your project here, and perhaps the criticism is warranted. I haven’t looked that much into V, but I’m hoping this is a case of just over-hyping and trying to deliver something too early (although you’ve made it clear this is an alpha), and that you continue to work on this and make it something great.
I think we all want the language to succeed. The difference between “I can cure cancer” vs “I am working on a cure for cancer” is huge. Now the site has changed I am more ok with it.
I actually want V to succeed. Having a cross platform GUI development tool is part of what we need badly to end the web app insanity. Just not like this exact implementation.
There’s plenty of cross platform GUI things though? Qt/QML is probably the most complete one, with fast OpenGL rendering, accessibility, internationalization, and countless other things a UI toolkit has to have. Google is reinventing that with Flutter thanks to NIH syndrome (or licensing issues, or whatever).
Developing a full, solid UI toolkit is not an easy problem and it’s been done a hundred times already. So I don’t think there’s a technical solution to the “I want people to use non-web cross-platform GUI tools” problem. What needs to be done is more promotion, more resources, documentation, tutorials, support for the existing tools.
(and I don’t like the Web Hate Bandwagon either. the web platform is awesome :P)
Absolutely. There are dozens (if not hundreds) of cross-platform GUI libraries, and five or six are at the intersection of well-maintained, frequently used, and featureful.
All of them, as far as I can tell, are ugly & awkward to use, but none of them are as ugly or awkward to use as web tech.
That said, almost all these libraries have their own universe & their own idioms that typically don’t match any of the idioms of languages they bind to (and in some cases, such as with GTK and QT, they have totally distinct type systems and build systems). Writing code in Tkinter is too much like writing code in Wish and not enough like writing code in Python. There’s a certain amount of intellectual work to be done to learn a new system like this (and these systems are typically grown organically, so even if you’re using a properly-designed host language, you’re locked into memorizing and dealing with ugly corners of fossilized design by your GUI toolkit), and I think this is what keeps so many people locked into webtech: they have, at great cost to their sanity and the length of their lives, memorized the most obvious ugly corners of CSS, HTML, JavaScript, browser behavior, and perhaps 3 creaking leviathans of web frameworks, and learning to navigate the treacherous twists of QT and the names and habits of the strange beasts in its depths seems rightly daunting.
Problem is that V promised cross platform GUI with tiny amounts of space requirements, which sounds great to me.
pyside2 is smth like 80MiB, pyqt is smth like 60MiB, which are absolutely massive compared to ~400KiB of V.
But sadly it turned out to be vaporwave. Oh well. It would be nice to have that (a graphics library that’s easy, cross platform, well documented and not massive) one day.
True. It’s as close to built-in as you can get with python, though. (Like, curses also ships with python, but if you’re building from scratch & you don’t have curses installed, the python bindings will not provide it.) Some binary distros will let you not install X, & will split off TK & tkinter to support Xless systems.
That said, last I looked, Tk ships with the binary windows and Mac OS classic versions of python.
(IIRC, TK also runs on less-common systems like riscos, though I’ve never seen it do so. I’ve also heard tell of a curses frontend to TK, for folks who don’t have a bitmapped display at all, but I don’t know how much it supports or how well it’s been maintained. Basically, it’s way more cross-platform than most of the stuff that gets called cross-platform.)
Rebol was the first thing that popped into my head when I was reading about V. It is also quite shit for doing anything (I’ve tried for something like a year) and it taught me that one-person projects done by brilliant coders are not good enough, even if they claim superior features. Community counts.
An honest crackpot is ok . If you do terrible cancer research, but you actually are doing something, all good. Open source helps people see what is going on regardless, then they can make a properly informed decision to throw money away. Before it was more like “I definitely cured cancer, coming soon, donate now.”
So do some cancer laboratory tours with investors and go ahead :) I hope you succeed lol.
Regarding my own work, I was kidding about actually doing cancer research (though I have a minor in molecular and cell biology in my Masters from UC Berkeley). I am, however, quite serious about solving the high performance cross-platform GUI problem.
lots of solid points. I’m gonna be curious if the XMPP people are as grumpy as the Matrix ones LMAO
As OMEMO protocol developer here: There is no actionable feedback from this post for developing the OMEMO standard, although I do like that someone made the effort to look into it.
The claim that versions 0.4.0-0.6.0 had 256 bit authentication tags is wrong, it was always truncated to 128 bits. Here’s the version 0.4.0 from the attic: https://xmpp.org/extensions/attic/xep-0384-0.4.0.html#protocol-double_ratchet “Authentication tags are truncated to 16 bytes/128 bits.” What changed in 0.7.0 is only some wording, to make explicit how truncating works. As is already said in the blog post, truncating to 128 bits is considered acceptable.
As a client developer however, I agree that we’re slow to migrate to the current version of OMEMO. Implementations of 0.3.0 are incompatible to 0.4.0 and later, so this would be a migration breaking the ecosystem, making it not an easy undertaking with a dozen of independent client implementations that are mostly developed by free software developers in their spare time.
Thank you for replying constructively here even as there seem to be multiple assumptions making the rounds which suggest there is no constructive response. I think this part of your comment:
deserves more than you gave it. IMO some of the best feedback from @soatok ’s post is:
Of course this is not actionable from the perspective of an OMEMO protocol developer. And by saying that, I don’t mean to suggest that their concerns are unfair. They’re just leveled at a different part of the stack than what you’re working on.
The valid point I believe they’re making is that in order to be an app that’s considered in the same bucket as Signal/a competitor to signal, that app needs to have OMEMO turned on by default and needs to be designed so that it can’t be disabled for implementations which support it. Which is to say that these are more “product” points than implementation details for the encryption protocol.
Conversations has red bubbles if you disable omemo in a previously encrypted conversation.
XMPP is not signal: It has most if not all features laypeople want, but most clients are not designed for average joe (unlike signal). Many clients as such trust that you know what to encrypt and what not (why should my personal xmpp bot be forced into using encryption, making the codebase much more complex? etc)
I generally like soatok’s writing, and as a person that likes xmpp and omemo I went into the article with a lot of added open mindedness, but starting the article with this point made it a lot harder to retain that mindset for the rest.
Personally, I don’t think that’s good enough. But more pertinently in the context of the articles being discussed, it 100% doesn’t meet the author’s standards that they articulated here:
https://soatok.blog/2024/07/31/what-does-it-mean-to-be-a-signal-competitor/
when they laid out specifically what it’d take (from their perspective) for something else to constitute a reasonable competitor to signal where it pertains to their friends and family.
XMPP is absolutely not signal. But this post, coupled with the one I linked, is dedicated to explaining what the gap is between XMPP+OMEMO when it comes to soatok’s requirements for their and their friends’ communications. I might not share every one of those requirements, but I don’t think that’s an unfair position to explore when it comes to writing an article like this, at all.
This is mostly a statement on my end that the fact that encryption can be disabled does not mean that the apps make no attempt to draw your attention to this, which is an added nuance not represented in soatok’s post.
Furthermore I think some amount of manualness is needed in omemo actually. Should the default be to trust all keys of a user (or the first new keys)? Let’s say yes, now, what if the user adds a new one? Do we revoke old keys at all? Signal owns the servers so they don’t have to deal with the potential of evil server admins either, but an evil xmpp server can definitely hijack an omemo session by getting its keys trusted (mitm or just additional key). Matrix has to deal with this to some extent too, and has abysmal encryption UX (“this message cannot be decrypted”, “waiting for this message, this might take a while” etc). I want signal grade encryption on xmpp, but I’m not sure we can get better than the current state of omemo. If you have ideas I’d love to hear them.
When I said I don’t think it’s good enough personally, I was saying that I believe the right thing for a previously encrypted protocol to do in the face of a conversation that can no longer be encrypted is to reject communications and send you to some other channel, IMO. I think the attempt to draw your attention to it is necessary but not sufficient.
I don’t disagree that some degree of manual management will be needed for a protocol like OMEMO. I think at a product level, how much of it falls to a user vs to a trusted manager is debatable.
For key management, my default position would be that addition of a new key that can be attested by an old one should be visible (and alerted!) to both ends of the e2e communication. Decommissioning old keys should lead to revocation. That may also involve some manual effort.
TBH I’m not sure what the right answer is for the UX overall; for my own use, I liked OTR a lot. It worked like SSH and matched the model I needed. And in that spirit, I land close to the things you’re saying. But if I want my dad to send me encrypted messages, and want to be confident that it’s e2e -> me, it’s harder to find a landing spot that makes me confident it’s safe. Especially if I want to answer the question: what can I instruct him to do that will be safer than iMessage, if we both had phones that do that?
This won’t work anymore as no one will accept that their conversation is now locked to a specific device/client. When I used Facebook Messenger regularly which also had OTR, I never chose encryption for this reason since I was using it thru the browser on 3 devices with 4 OSs, Pidgin/Adium, & the Lite Android client… I would assume most user would demand multi-client support in 2024.
To be clear, even I, who liked OTR, want multi-client support in 2024.
I agree that XMPP+OMEMO clients are probably not on par with Signal in terms of UX and security.
However, I don’t see this as easily said about the protocols. The distinction might be a bit technical, but I have never heard anyone saying “I don’t suggest using HTTPS because Internet Explorer only supports outdated versions and most clients have encryption disabled by default”.
If we focus on the client software criticism, I largely agree with what is said in the blog post and it also is actionable. However, than the story is really more about Conversations and not XMPP+OMEMO, as the title suggests.
I strongly agree with this.
So that you can say you have heard it: I think that one should not rely on HTTPS for securing chat, but instead use something as least at secure as SimpleX or Signal.
(Clients making it usable to disable it is only a small part, but is a part. This is my generic advice, in practice applications with comparable security do not cover all common use cases, so sadly it is not yet always possible and my advice for more specific use cases diverges. Also this is advice for a specific set of values, other people have different values, e.g. some want to forbid e2ee.)
A common failure of encryption protocols is to omit from the specification some part that is necessary for users to use them securely. This includes usability requirements on implementations.
One of the principles for secure design is “Psychological acceptability (aka easy to use). The human interface must be designed for ease of use so users will routinely and automatically use the protection mechanisms correctly.” (adapted from The Protection of Information in Computer Systems, Saltzer and Schroeder, 1975)
It seems to me that OMEMO lacks language that disallow compliant clients to send unencrypted messages. Maybe it would need to be another XEP that upgrades it from a SHOULD to a MUST to allow iterative deployment, which OMEMO links to.
As you say that version upgrade would be a “migration breaking the ecosystem”, it also lacks language for how implementations should deal with ecosystem wide protocol upgrades, without breaking it. And if that causes any security considerations. Maybe they would implement both versions for some time.
XMPP Compliance Suites 2023 Future Development has language that mentions OMEMO as not yet required, which is too weak.
(I think there is more missing related to the OMEMO spec… and IMHO Signal is not secure enough for the current real world, which requires even more spec work beside of OMEMO, if one wants XMPP to rise to that task.)
Are there any implementations with both the interest and people time that is sufficient to implement it? I don’t know.
So yes the spec needs work (not only the implementations).
Does this make sense to you as a OMEMO protocol developer?
What are you referring to when you say that “Matrix people are grumpy”?
Presumably the tendency of Matthew Hodgson (the Element CEO) and other Matrix supporters to aggressively defend their technology in the comments whenever anyone attempts to criticize it. (I’ve seen this happening for years now, and it even happened to me once!)
The issue here, as Soatok points out, is that the evangelists aren’t willing to engage with the fact that Matrix has real issues, and thus fix them or put their efforts towards something different: instead, they dismiss users’ concerns and insist the issues will surely be fixed soon (while not doing the work or allocating budget to do so), or that the issues simply don’t exist in the first place. (This seems to lead to open source projects that adopt Matrix moving to Discord after the discontent builds, which is depressing.)
Personally, from what I’ve observed here on Lobste.rs, HN or Github, Hodgson has always either replied politely or tried to address the criticisms. I never saw him use aggressive language or answer in bad faith. Don’t know about the others though.
I’ve been usually persuaded by Matthew’s replies, or just saw signs of insufficient manpower behind the project, as a careless observer. I can see how it could be interpreted the way you frame it though. It is undeniable that, despite the amount of features it has over Signal, the UX is subpar to say the least. Let’s hope that the goals of Matrix 2.0 are achieved!
There might have been cases like this but I have seen Matthew Hodgson, multiple times, address FUD. Which I appreciate.
I find some of his points valid, but the very adversarial tone really decreases from the overall technical merit of the article.
That’s what being shouted at by fans of something tends to provoke.
so it’s a good strategy because it makes critique articles less effective?
It seems to work to get attention looking at the number of comments here.
I really don’t read this attitude that others seem to be getting from this post. It seems adversarial, but not overly adversarial. Its about as adversarial as I’d expect a cryptography criticism+critique to be.
I’m a fan of this person and I think their contributions usually make a positive impact but this post was resentful and came across as having bad intent. It made it hard to read.
Yeah, and not the first time from this blogger.
They have a post providing context to this over on Fediverse, which explains the tone: https://furry.engineer/@soatok/112904652315317405
So his answer is to use signal!?
I don’t inherently trust Signal either
Do you think these responses to courts were dishonest? Signal can simultaneously disappoint our expectations about Free Software and also be trusted to not store anything beyond phone numbers and a pair of timestamps.
Yes, they were dishonest. And you can even verify it. Here’s the what the server stores about an account: https://github.com/signalapp/Signal-Server/blob/main/service/src/main/java/org/whispersystems/textsecuregcm/storage/Account.java
Among those is a mapping from the phone number to all the devices the user owns. For each of those devices, the server stores the information if it’s Google, Apple or something else (“user agent”). For Google and Apple it stores a unique push token that can be linked by Google and Apple to their respective accounts (and thus is PII under GDPR and similar legal definitions). As Signal was always able to send push notifications and still is today, we can be certain that even if they don’t use the open source version of the server in their live system (which they are known to have done in the past), we know they are storing those push tokens. They also state it in their privacy policy that they do this (but who reads those when there is a nice “we don’t store, see our published responses to gov” page that claims they don’t store anything).
As an example, in the request https://signal.org/bigbrother/cd-california-grand-jury/ the subpoena specifically included “device data” and “connected applications”. Signal had this data (as seen above), but in their reply they didn’t include it and they even explicitly claim (without any need), that they only have “the time of account creation and the date of the account’s last connection to Signal server”, which as can be seen when looking at the code, is completely wrong.
the claim is about the subset of data as requested by the subpoena, not in general.
Can signal be coerced into releasing an update that weakens the privacy of a huge portion of its users?
Can those individuals defend against it?
Can signal be found out if that happens?
NSL’s force all involved to keep very quiet about their issuance.
In theory, no, because all the relevant code is open source/free software and can be built reproducibly.
In practice, probably. Who knows if people are actually auditing the code and verifying the published builds. But that’s the case for federated software, too. Or, Google Play could be compromised too and forced to distribute doctored builds (you’d still need to compromise Signal to get their signing key). But you’d have the same problem with F-Droid. F-Droid at least can’t target individuals who are using Tor to download APKs because it doesn’t require signin, but individual targeting is not what you asked about.
Looking at his blog archive, he’s been a pretty active Signal shill for a while, and with good reason if you consider the technical parts of Signal, which seems pretty good, compared to what’s out there.
(I’m not an expert in this field, but the reviews of the open-source crypto-engineering of Signal seem positive… but there are also many small weird things around the Signal Foundation.)
(https://furry.engineer/@soatok/112904671642055801)
To me, this is too adversarial. It explains the tone to me, but not exactly justifies it.
Not to discourage you, but there’s too many job boards these days.
Yours seemed potentially interesting, but the options locally (Hamburg) seem pretty limited. I wish you luck regardless!
I think your current location filter is searching for where a job is located (which is good), but it doesn’t seem to account very well for states or for companies hiring elsewhere in the country/continent/globe.
If I could wish for more filters in general (not necessarily for you, but for any job board):
Thanks for the feedback!
I agree the local options are limited for now - I hope to improve this as I add more data. Adding “Remote” to the location box can be used in combination with locations - i.e Remote in Germany, but I should make that more clear. As you said, showing jobs near the selected location geographically could be useful too, right now it only uses what you select.
The filters you mentioned are a great idea too. I actually have plans to add some of these, but I’m still prototyping ways to detect these with either an LLM or classifier, although some can be detected with text-search.
All of these are good, A filter to remove positions with unlisted compensation ranges would be good, too.
Wikipedia has the tentative release date as July 31st - I’m excited to try it out. I made sure to mark it on my calendar to check up on when the time comes in case i miss the news :)
Because I’m a sucker for these things, I’ve already upgraded my servers, after checking the known bugs. No problems so far!
Last 3 major versions had 4-5 months between freeze and release, so I wouldn’t hold your breath.
Thanks for letting me know, helps me temper expectations!
I would never make use of another internet service based in Germany.
I had a VPS with Nexus Bytes in Germany. The drive that it was on was seized by the German authorities – and all of the innocent parties lost their servers along with whoever had committed an offence. They never even contacted the server admin. According to him, when clients filed service requests he had the server checked, only to learn that the hard drives had been taken.
I’m self-hosting at home now. It’s probably the best idea anyways.
People in replies seem to be panicking and changing locations or providers, but I feel like your case is more of an exception than anything. I’ve been hosting a lot in several servers located in Germany for the past several years, all of them hosted at half a dozen (small and large) providers, and I’ve had absolutely zero issues involving anything like that.
Besides, if someone can dive in and take out drives without your server admin noticing or being informed by datacenter staff… you have bigger issues.
You’re quite right.
My initial reaction in this thread was, I admit, quite an overreaction.
Not only that, but I am too busy (lazy) to change my box’s location at the moment, but I no longer feel like it’s an urgent issue.
The Linode box my site runs on is located in Germany. Will be changing locations ASAP.
wait what. No redundancy?
Super-cheap service. Back it up yourself. I had a bash-scripted backup of my files and configs, but I hadn’t done one for a bit. That part’s my fault. I can’t say how others were impacted, but judging from the admin’s response, he was dealing with a number of tickets.
It might depend on how the provider had backup strategy set up – if backups or redundant servers/drives also included the offending material[1] that was the cause of seizure then those also had to be taken by the authorities.
[1] because for example they backup the whole machine “all in one go” and store it together for all clients using VMs on this host - which is probably the easiest to set up.
I live in this fantasy world where people use HA clusters, so that you could remove a server or two without any issues for the VMs running on them. But I guess you get what you pay for…
That doesn’t look so clean in reality I think - when the police knocks, they don’t have procedures that says - ask nicely and give time for a graceful transition/shutdown - their job is to secure the illegal material and that’s what they do and at least in some instances it is not that they take just the hard disks out - they can even take servers, the more the merrier, so it may even include the whole ha-cluster if present (in most instances I guess policeman is not a trained IT engineer to know where those illegal activities are or are not performed).
Bit late to the thread, but I just want to let this out.
I want a graphical code editor, one that is not electron, has extensive plugin support (so that it can even be called a “light IDE” with the right plugins installed), is cross platform, and most importantly, is cross CPU architecture.
Sublime Text does all of those except for “cross CPU architecture”, and honestly ever since I got into ARM computers I didn’t even genuinely feel the need for something that can replace it, but as it stands now, ST runs a bit slow with qemu-user-static on my PBP, and nothing much can hold its place. I use vim for the most part, but I need something graphical for better productivity.
I wish it was easier to self host, I really do. I tried 3 times over the last 2 months to host jitsi. It’s a ridiculously complicated web of software, and impossible for anyone new to this to figure out how it’s all supposed to work when it doesn’t.
First attempt was using the magical ‘curl |bash’ method on debian, which installed but I could never get 3-way video chat to work reliably.
Second attempt was with their docker-compose project. After much effort trying different branches and config changes (both officially documented, and suggested in various issue comments in their repo), I ended up with something where 2-way video chat didn’t work reliably, and 3-way didn’t work at all.
Third attempt was installing packages from AUR and hoping that I could figure out how it’s all supposed to work together so that I could get it to actually function. I got less far than the previous two attempts.
Probably not much of a help to you but for others, NixOS just got support in release 20.03 and you should be able to use it like so:
Thanks. I don’t use NixOS, but maybe this is a great time to try it.
The PR wasn’t merged yet, as far as I can see:
https://github.com/NixOS/nixpkgs/pull/82920
Also the option search did not show the jitsi options.
That said, the reviewers are being diligent but the PR is shaping up being super nice! The current blocker is to have some meaningful tests for the PR, which is difficult because you need to fake video input, do some screenshots, compare them or something like that.
I did rip the relevant parts from the PR and make them available separately here in my nur-packages repo.
Ah bugger, sorry for some reason I thought it got merged a while ago!
I got it working using on my second attempt using docker-compose and traefik as a reverse proxy. I could write a blog post about my setup if you think that could be of any help.
Haven’t tried 3-way calls, yet…
That is a good thing to test since the two way calls don’t involve the brige. Which you probably know.
For me, I could reproduce problems by even just open the same conference in chrome/chromium three times or more. Only with the correct setup, I’d see the video feeds for all tiles in gallery view.
I did not know the bridge was not involved! I will test 3-way calls today.
Open 3 tabs and you should have 3-way calls.
Jitsi Meet is easy to install on e.g. Debian by adding the correct repo (
deb https://download.jitsi.org stable/) and installing thejitsi-meetpackage. This will pull in the required packages (jicofo, jitsi-meet-web, jitsi-meet-web-config, jitsi-meet-prosody) and suggests installing a turn server (jitsi-meet-turnserver). On installation you’ll be asked about what domain you want to use (give it a FQDN, i.e.somewhere.example.cominstead ofsomewhere). Open up the firewall toUDP:10000for Jitsi and whatever you use for XMPP,/BOSH/TURN/TURNS (I submitted a PR to get them to use the IANA-assigned ports for TURN/TURNS as that currently is a bit of a mess) but after that my experience is that it just works.The basic features of jitsi works ok. Try debugging jibri (Xorg server with a custom linux kernel module for audio loopback, starting chromium, starting the javascript web client, recorded with ffmpeg and using PJSUA for providing an SIP stack) video encoding errors or enabling Web Tokens and that is another story.
As long as it work out of the box and you do not have to seek in the internals, it is easy.
Yes! I didn’t think this wasn’t too difficult (sure could be a bit easier). Here are some tips we use: https://j11g.com/2020/05/04/jitsi-finetuning-and-customization-tips/
The official guide is fairly easy to follow IMO, and I never had issues on 3-way calls after installing it on debian buster: https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart
Jibri (the optional recording/streaming component) however is a lot more painful. It requires java 8 (or else video recording doesn’t terminate properly. Use of Java 8 causes cert issues on jicofo if you use let’s encrypt as the adoptopenjdk8 certstore doesn’t have LE), lots of cert tweakery (the one I mentioned about adoptopenjdk8 earlier, if you use self signed certs, chrome itself doesn’t like self signed certs so you’ll either have to trust the cert or run chrome in an insecure way), a kernel with alsa loopback capture support (can’t remember the name of the kernel module, but basically -cloud kernels don’t work, and I had no success with getting it to work in a container) etc.
@craftyguy Have you seen this? I think it was posted here before.
https://matrix.org/blog/2020/04/06/running-your-own-secure-communication-service-with-matrix-and-jitsi
I hadn’t seen that. Thanks for sharing, I’ll read up on it. Maybe I’ll make a 4th attempt soon :)
That is the whole thing: it is not a Web (HTTP) software: it is an XMPP software: a different protocol for which jitsi-meet is a web-to-xmpp gateway. :)
I managed to get Jitsi Meet working first time with the quick install instructions, however, I ended up spending days trying to get the JWT auth working which was incredibly frustrating.
In the end I scrapped my first attempt and found a post on the Jitsi forums which had step-by-step instructions for token auth with Ubuntu 18.04 and it worked like a charm. Here’s the link for anyone in a similar situation.
I am running a debian setup and it works fine with up to 6 parties. I have not tried more yet, but I see no reason why it should not work.
The thing is that you need more RAM. I started with a small vpc at hetzner cloud and it works for 1on1 Chat, but only because jitsi uses peer-to-peer for those. The moment a third party joins, you need at least 8GB ram. I upgraded my instance and it works fine now.
Did you check the videobridge logs? The main difference between between 2 and 3 way calls is that the latter are using the videobridge and I had to fiddle around a bit with the way Jitsis Debian packaging handled hostnames and certificates. I have an ansible playbook for Jitsi Meet on Debian buster which I could clean up if that would be of any interest.
I’m actually surprised that a mostly static website requires 18 Pi 4s.
Not really static, if the Pi’s are running the forum, blog, etc.
I think that it mentioned that the most intensive thing is the blog (which can be fairly static, even more so as raspberry pi’s blog doesn’t have a reply feature) I don’t see a mention of forum on the post, even.
edit: nvm, I see that they do have comments on the blog. It makes more sense now. Still makes me wonder how much the software could be optimized though.
The site is currently running on Pi 3’s the Pi 4’s currently don’t netboot which is a hard requirement for Mythic-Beasts.
Hopefully that will be resolved shortly and then the site will be hosted off the Pi 4.
This tweet (2 days later than the article) contradicts you: https://mobile.twitter.com/Mythic_Beasts/status/1143045366675312641
true - they’ve obviously solved the netboot issue :~)
This post is bullshit and I’m sad to see it here with 82 upvotes.
I hate the smug pedant writing style throughout, the massive effort spent explaining that WIP features are indeed a work in progress, the pages of copy pasted console output to demonstrate that there are trivially fixable bugs, and so many errors. (using trivially replaceable libc functions fits the standard definition of “zero dependencies” for C code, try making a release build, nobody cares if a compiler leaks memory, you would fix it by deleting the malloc, nobody cares that compiling a 1.2m line function fails, your benchmark is invalid because it doesn’t actually work, macbooks are 10x slower than any modern desktop, …)
I especially hate the condescending suggestions at the end and loosely sprinkled flowery statements that allow you to pretend you’re being constructive and not just making fun of someone in public for upvotes.
Five days ago you submitted a post about how you hope you can help new programmers get into the industry, now you’re writing multiple posts and comments dumping on someone because version 0.0.12 of the one man project they’re giving away for free isn’t as good as you hoped. Don’t you find that hypocritical?
BTW yes I am aware his patreon raises $800/month, remarkably average programmers fresh out of school make that much in one day at Google/FB/etc, all of whom will happily take his work and give nothing back should it benefit them.
That this was not how anything was portrayed or described for months on end. The post doesn’t really give full context.
No, V manages memory for you apparently.
I know you are exaggerating, but no, they aren’t 10X slower, especially not for a single threaded workload like the current v compiler. I agree the benchmark is synthetic and doesn’t mean much, but If anything a real program is split into many files which will slow things down further. The fact of the matter is the author likes to say V compiles 1.2 million lines of code a second, and it doesn’t. Why say things like that when they aren’t true? Just say V is fast, or V will be fast.
I don’t think he/she said they should get into the industry by telling people they are more capable or accomplished than they actually are. Say I have some free things to give your elderly parents that don’t work as advertised and then cause harm, fine by you I guess? It was free after all.
Can’t argue with that.
Anyway, the V site is much better now - all people want is honesty. It isn’t that hard.
Problem is that for months if not years, those features were advertised as present. The (WIP) icon only got added recently.
Not even close. A MBP can get as high as 5140 on geekbench, while the maximum a high end iMac has gotten is 6245. https://browser.geekbench.com/mac-benchmarks
$800/day is $208k/year
that’s notably higher than average dev salary at facebook and at google, and I’m sure that a new graduate doesn’t get the average salary.
But yeah, this is semantics, so whatever.
In any case, you should also account for that fact that he lives in Russia, and that $800/mo (used to be $1000/mo fwiw) is a notable amount by Russia standards. Yandex pays ~2k USD per month on average to their software developers. (conversion)
Note the patreon is $800 per month, not day. $9,600 per year is not much.
What @ac said is true. Here are the original claims he presented mostly like it was done. A few articles like that. On HN, we got him to back off admitting some claims were actually in just getting started stage. Eventually, he put WIP icons on some of that on the new site.
Before that, he was saying he had a language safe with no GC like Rust (but easier) that compiled fast like Go running as fast as C with no to sub-1MB dependencies with cost-free interop with C/C++. And he can transpile your C++ code to it, too.
Then, we got this repository as the deliverable. And it didn’t even deliver on some of the easier claims. Yeah, you bet folks are going to call him out for that.
Edit: Tagging ac and @cadey in case you want the archive link as evidence.
I’m glad you said something because this entire thing is embarrassing and in my opinion, all these folks dog-piling should be ashamed of themselves. If this person CAN make stuff happen, then why not cheer him on? If he can’t then why not say, ‘good try mate’? This hyper critical negative focus is so distasteful.
But but he’s taking MONEY! So? He’s got a patreon and he’s trying to fund something he thinks he can do. All these hyper technical nitpicking folks thinking somehow this is a zero-sum game. Just shameful.
I think he did a great job marketing, If he can make things happen then great. He just should stick to truth when getting attention. It isn’t that hard. It isn’t “hyper critical” to expect honesty. The site is much better now than it was before.
I didn’t see anyone make that claim.
If he can pull off all the WIP’s in december 2019 like the site says, it would be fantastic.
If he’s doing this in good faith (which I figure he probably is), then so long as he doesn’t give up, by December he’ll have learned a whole lot & be substantially more qualified to attempt everything he’s planned (even if he hasn’t managed to do so by that point). Jumping in the deep end is a great way to learn to swim.
Already, he’s learned an important lesson: that misrepresenting planned features as already-implemented will be generally interpreted as dishonesty, & so it makes more sense to build trust by working in public.
If he stays on this path, the donations will be justified simply because they will have supported the development of a skilled & well-rounded developer – something we desperately need more of in the world! And, cadey’s post is a vital part of making that happen.
YOU my friend, made that exact reference:
Why on earth do you care if people are giving him money or not? He’s working on something, he’s solicited for money and people have given it to him. How does this in any way affect you? This is what I meant by zero-sum. Folks giving him money doesn’t automagically reduce the available money for other people, so why begrudge him?
Perhaps this stems from my personal belief that we should be trying to always encourage each other in our endeavors rather than tearing them down constantly, but I see nothing but a bunch of folks jumping like blood-thirsty savages on a cat with some good hype-game and some ideas about PL that he’s making an attempt to make real.
Protecting others from perceived bad decisions is not being greedy. it is trying to help people.
My response to this copied from https://news.ycombinator.com/item?id=20258485
Thanks :) It’s 0.0.12, the first public release. What’s with all this “vaporware”?
The compiler can already compile itself in 0.3 seconds and is written 100% in V: https://github.com/vlang/v#installing-v-from-source
It allows building easy cross platform graphical apps: https://github.com/vlang/v/tree/master/examples/tetris
It has easy cross compilation and can even compile itself for another platform: https://twitter.com/v_language/status/1137537130887077890
It allows to build small performant GUI apps like Volt: https://volt-app.com/ (Volt 1.0 RC 1 for macOS has been used by thousands of happy users for several months.)
It powers a simple forum: https://blog.vlang.io/forum And the entire forum is one 65 KB binary.
It can translate and build DOOM: https://github.com/vlang/doom
It has very extensive and simple to read documentation that covers pretty much the entire language: https://vlang.io/docs
I think it’s pretty good for 0.0.12.
Come back when it’s v1.0 by the end of this year.
Now that you have added WIP, I am satisfied. Now it is not misleading and people can decide for themselves.
Keep it like this and I won’t complain any more. Keep up the good work, you are doing something right.
Please edit or delete this, I didn’t lie, I didn’t post anything negative about V since this.
Deleted; I am sincerely sorry about that. Mistaken identity as you correctly surmised elsewhere.
I only see one file there, can you please push the rest?
It seems like people are kind of dogpiling on your project here, and perhaps the criticism is warranted. I haven’t looked that much into V, but I’m hoping this is a case of just over-hyping and trying to deliver something too early (although you’ve made it clear this is an alpha), and that you continue to work on this and make it something great.
I think I’m just going soft–this writeup is something that years ago I would’ve been jealous to have written!
That said…I kind of hope the author of V doesn’t get too discouraged and they address this stuff and keep working on their language.
I think we all want the language to succeed. The difference between “I can cure cancer” vs “I am working on a cure for cancer” is huge. Now the site has changed I am more ok with it.
I actually want V to succeed. Having a cross platform GUI development tool is part of what we need badly to end the web app insanity. Just not like this exact implementation.
There’s plenty of cross platform GUI things though? Qt/QML is probably the most complete one, with fast OpenGL rendering, accessibility, internationalization, and countless other things a UI toolkit has to have. Google is reinventing that with Flutter thanks to NIH syndrome (or licensing issues, or whatever).
Developing a full, solid UI toolkit is not an easy problem and it’s been done a hundred times already. So I don’t think there’s a technical solution to the “I want people to use non-web cross-platform GUI tools” problem. What needs to be done is more promotion, more resources, documentation, tutorials, support for the existing tools.
(and I don’t like the Web Hate Bandwagon either. the web platform is awesome :P)
Absolutely. There are dozens (if not hundreds) of cross-platform GUI libraries, and five or six are at the intersection of well-maintained, frequently used, and featureful.
All of them, as far as I can tell, are ugly & awkward to use, but none of them are as ugly or awkward to use as web tech.
That said, almost all these libraries have their own universe & their own idioms that typically don’t match any of the idioms of languages they bind to (and in some cases, such as with GTK and QT, they have totally distinct type systems and build systems). Writing code in Tkinter is too much like writing code in Wish and not enough like writing code in Python. There’s a certain amount of intellectual work to be done to learn a new system like this (and these systems are typically grown organically, so even if you’re using a properly-designed host language, you’re locked into memorizing and dealing with ugly corners of fossilized design by your GUI toolkit), and I think this is what keeps so many people locked into webtech: they have, at great cost to their sanity and the length of their lives, memorized the most obvious ugly corners of CSS, HTML, JavaScript, browser behavior, and perhaps 3 creaking leviathans of web frameworks, and learning to navigate the treacherous twists of QT and the names and habits of the strange beasts in its depths seems rightly daunting.
Problem is that V promised cross platform GUI with tiny amounts of space requirements, which sounds great to me.
pyside2 is smth like 80MiB, pyqt is smth like 60MiB, which are absolutely massive compared to ~400KiB of V.
But sadly it turned out to be vaporwave. Oh well. It would be nice to have that (a graphics library that’s easy, cross platform, well documented and not massive) one day.
Anything that promises to be tiny is either cheating (big stuff is still coming somewhere else) or is a toy :)
Honestly the obsession with tininess is just a big waste of energy.
I always thought the heavy software taking up more CPU and RAM was a waste of energy. ;)
There’s always TK, if you don’t care about alpha support or 24-bit colors. It seems to ship with python (as TKInter).
tk support needs to be compiled in and isn’t available by default on all distros.
True. It’s as close to built-in as you can get with python, though. (Like, curses also ships with python, but if you’re building from scratch & you don’t have curses installed, the python bindings will not provide it.) Some binary distros will let you not install X, & will split off TK & tkinter to support Xless systems.
That said, last I looked, Tk ships with the binary windows and Mac OS classic versions of python.
(IIRC, TK also runs on less-common systems like riscos, though I’ve never seen it do so. I’ve also heard tell of a curses frontend to TK, for folks who don’t have a bitmapped display at all, but I don’t know how much it supports or how well it’s been maintained. Basically, it’s way more cross-platform than most of the stuff that gets called cross-platform.)
V UI is in fact not vaporware, it’s right here: https://github.com/vlang/ui
You also confused statements about what is being planned with what has already been implemented.
It seems to me much of this already exists with Rebol.
Rebol was the first thing that popped into my head when I was reading about V. It is also quite shit for doing anything (I’ve tried for something like a year) and it taught me that one-person projects done by brilliant coders are not good enough, even if they claim superior features. Community counts.
I am working on curing cancer. Hit my Patreon!
An honest crackpot is ok . If you do terrible cancer research, but you actually are doing something, all good. Open source helps people see what is going on regardless, then they can make a properly informed decision to throw money away. Before it was more like “I definitely cured cancer, coming soon, donate now.”
So do some cancer laboratory tours with investors and go ahead :) I hope you succeed lol.
Regarding my own work, I was kidding about actually doing cancer research (though I have a minor in molecular and cell biology in my Masters from UC Berkeley). I am, however, quite serious about solving the high performance cross-platform GUI problem.
Good luck :), definitely something people struggle with.