People who are architecting your production environment with containers on a VM
Not exactly an answer to your question, but: at $DAYJOB we don’t do this, and having experienced many production environments that do, in a variety of roles (from “keeping it running” to “explaining to the exec team why it’s hard to keep running”) I’m very happy we don’t.
What we do is bake base images weekly; then at deployment time, bake a fresh AMI from the base image + the branch we want to deploy. That then gets deployed to one or more EC2 instances in an ASG.
Very straightforward tooling; was set up by one of my colleagues a few years ago. Easy to learn, easy to understand, and easy to modify. Far less complex than say K8s; it’s basically just some shell scripts that invoke the AWS CLI as required.
I don’t even call MS-DOS an “operating system”, despite the name. By modern standards, it’s barely a bootloader. That, and calling it an OS detracts from the functionality of Windows 3.x/9x, even deluding people into insisting they’re not “operating systems” in the first place, but just shells over MS-DOS. Despite them have everything you’d consider a modern OS to have, like an API, scheduler, memory manager and device manager/driver model. By the time Windows ME came out, MS-DOS was literally just a bootloader, you couldn’t even interact with it anymore. And now it’s been replaced with NTLDR, which is probably significantly more sophisticated and featureful than MS-DOS, and is still just a bootloader. Hell, UEFI itself is more sophisticated than MS-DOS.
I don’t even call MS-DOS an “operating system”, despite the name
Not exactly a DOS fanatic here (started using Linux in 1995). But I think that’s unfair. Even fairly early versions of DOS featured a lot of what you’d expect in an operating system for hardware as basic as the IBM 5150. E.g. …
command interpreter
(a very poor) text editor
disk management tools
debugger
linker
BASIC
simple scripting
Later versions included disk compression, screen editor, “modern” BASIC, games, defrag tool, etc.
UEFI also isn’t a bootloader. It’s an execution environment rather similar to MS-DOS in that it doesn’t provide process management or multitasking but it can load executables and provides an API to them to abstract the hardware layer away and a UEFI application can give the control back to the UEFI. Many applications running under the UEFI environment are bootloaders but there are UEFI shells and it’s possible to write all kinds of applications for it, like a solitaire or a VisiCalc-like spreadsheet
Actual bootloaders like GRUB or NTLDR don’t provide anything of that sort, only functionality for loading other programs and irreversibly giving them full control of the machine.
MS-DOS did have some of those things though. It had an “API” that was invoked through interrupt 21h. You could interact with other devices through other interrupt vectors.
Microsoft sold Windows as an operating system on top of an operating system, sure enough (there are ads with that messaging for Windows 3.1)
Still, there’s that period from 1981 to 1985 where there was no Windows. What did people do with their OS-less PCs in those 4 years?
“[MS-DOS]’s been replaced with NTLDR” is somewhat ahistoric: NTLDR existed in parallel to MS-DOS-as-a-distinct-product (WinNT 3.1 came out in July 1993, MS-DOS 6.22 in April 1994), while the Windows3.x-line-to-WindowsNT-line transition was a complete OS swap underneath, even if Microsoft did a very good job of making that implementation detail disappear from the regular user.
There have been drivers for DOS that were a must-have to operate certain hardware, and Windows 95-ME knew to fall back to those real-mode drivers in the right moment, something that wasn’t really possible to retrofit into WinNT.
Only when there was sufficient Windows-level driver software out there that was more easily ported between Win9x and WinNT (and when that old MS-DOS-only hardware aged out of the pool of widely used stuff) Microsoft dared to move away from the bare-metal MS-DOS support that 95-ME offered (“regular” MS DOS applications were never a problem due to NTVDM.)
As for sophistication and feature sets, NTLDR is more featureful than MS-DOS’ boot sector (e.g. NTLDR loads the registry, it has to select the right kernel based on CPU properties, …) but that comes with the territory: All of computing becomes ever more sophisticated and featureful, for better or worse. But that seems like an apples-to-oranges comparison.
Stack Exchange has changed a lot in the past few years. Much like Google it started out as a darling of the development community, and is now cheerfully burning all its goodwill on the pyre of AI.
Does anyone have any insight into this, & what latest is going on at VMWare after the acquisition? Is this a good thing for Fusion/Workstation users, or just the first step on a long road of gradual decay toward an eventual unsupported dusty death?
My suspicion is that Broadcom is winding down these products but have to maintain them for at least a few years yet due to existing support contracts. Someone in middle management thought it would improve the company’s image a little bit to release these for “free” while they are still supported.
(The company I work for has a lot of vSphere, which was already eye-wateringly expensive before VMware was purchased by private equity. Earlier this year when it came time to renew the support contracts, they literally tripled the price. Our company said, “no thanks,” and we are now running thousands of vSphere hosts and a bunch of vCenters with zero support while whole teams scramble to transition our services to a mix of OpenStack and Kubernetes.
I’m not a heavy user of either product but Broadcom previously added some kind of non-commercial license for both that was useful for me for playing with retro operating systems and checking/improving various FreeBSD emulated device drivers. From the casual perspective it seems like they are still working on both and it doesn’t seem like either were the main focus of VMWare before the acquisition so no perceptible change in terms of quality (which is merely acceptable).
It’s a little crazy this didn’t happen a long time ago, under VMWare, to try and keep some level of relevance to the underlying hypervisor and device model. People seem to think Broadcom is the only greedy company but VMWare was always a very greedy company.
Dunno whether the author is reading these replies, but in case you are: I’m reading this on a 27” monitor at a comfortable zoom level, and more than half of the vertical space is taken up by the AI slop image. Why? It’s an immediate turn-off for what is otherwise a fun article.
Was expecting the obligatory shitpost, and there it is elsewhere in the comments (I’m not referring to the CVE itself).
Yes, safer languages are better. Yes, it’s desirable to rewrite / port to them from C. No, C is not a good language to target in 2024, for most purposes (/me eyes his Amstrad CPC in the corner).
However I don’t think the C shitposts add much value.
How much effort would it take to:
rewrite or port all of X.org to a safer language
ensure the safety features of that language worked in the face of any weird shit the old protocols and implementations might be doing
ensure that every popular system X.org is developed on has first class support for the safer language
ensure that every popular system X.org runs on is at least targeted by the safer language
upgrade all possible systems to the new replacement
I believe this would be a project of comparable scale to Wayland, and that’s taken 16 years and still isn’t a complete replacement for many folks, despite several vendor attempts to serve it raw.
That’s not a criticism of Wayland: my point is that software takes time (and thus money; either sponsorship or donated time with associated opportunity costs). Lots of it. From 23 years ago:
I’m a big Rust advocate, but… we already solved this particular problem many years ago when we realized that the X server has a large attack surface, by not running it as root. Most native-Xorg systems should be running without root these days, and every Wayland system runs XWayland as non-root. The X protocol doesn’t have any privilege separation, so if you’re trying to fully containerize X11 applications you already need to run a dedicated XWayland instance in the container to lock down its privileges anyway… which makes this whole thing basically irrelevant.
The X.Org server is practically unmaintained outside of XWayland, so I don’t think we should be spending any time worrying about real or potential CVEs which don’t affect systems that already implement the X11 protocol securely.
It’s been a long time since I’ve looked inside X.org but I have a very strong feeling that, especially due to its age, it’s going to have a lot of patterns inside it that are both correct and not-borrow-checker-compatible. One of my personal rules for “porting” is that there’s two modes:
porting, where you’re converting code from one language/framework/platform/whatever to another
working on software improvements
The only way, in my experience, that you can do a successful port is by very rigidly keeping everything as architecturally similar as possible and with feature parity. Second system effect is too strong and there’s a huge risk that you end up with a new piece of software that implements half of the old system, plus some new stuff, but doesn’t actually fully replace the original.
You didn’t say Rust, but I’m sure people are thinking it. My speculation (informed with having worked with multi-decade-old code many times) is that there would have to be either a massive re-architecture effort or vast swaths of unsafe code to move Xorg to Rust. And I’m also going to speculate that Xorg doesn’t have a formal test suite; even if it does, Hyrum’s Law applies here: every observable behaviour of Xorg is now “part of the API” that userland software somewhere is going to be relying on. If the rewritten version isn’t a drop-in replacement, there’s going to be enough users complaining about things being broken that there’s going to be a serious traction issue. Some of the code that talks to Xorg is going to be 30+ years old and while it won’t have a huge userbase… there’ll be enough for it to be a huge problem.
For my taste, you’ve just expressed precisely why it’s both obtuse and irrational (ie borderline trolling) to post little quips about x.org being implemented in the “wrong” programming language.
I think we all agree what ‘correct’ means. If the code is correct, how come it has a vulnerability? I’d posit that it is in fact not correct. It might be possible to make it correct. We have tools to help with that.
The borrow checker is just one tool people can use to improve software quality. Another is to e.g. use fuzz testing or use program extraction from a proof assistant. Why not just qualify the label ‘correct’ then? There is a difference between suspecting a program correct, and having proven it.
Allowing the term is equivalent to accepting a proof sketch as a proof. We should have a higher standards by now.
I think we all agree what ‘correct’ means. If the code is correct, how come it has a vulnerability? I’d posit that it is in fact not correct. It might be possible to make it correct. We have tools to help with that.
Very fair. The point I was going for is that code can be correct while also behaving in a way that’s incompatible with e.g. Rust’s borrow checker. The borrow checker with the “many read XOR one mutable” rule is one approach for guaranteeing correctness but isn’t strictly the only way.
it’s going to have a lot of patterns inside it that are both correct and not-borrow-checker-compatible
Yup that’s exactly what I meant by “ensure the safety features of that language worked in the face of any weird shit the old protocols and implementations might be doing”.
I should have made the implication clear: I believe there’d be a lot of such weirdness in that old and complex a codebase.
You didn’t say Rust
Yup :) Very deliberately so :) There are enough flamewars over that topic that I thought I’d keep it technology-neutral.
On the topic of “how much effort would it take to X”, I think a good joke here is that it might be possible that more effort has been put into writing apologetics for memory unsafety than solutions for memory unsafety!
Seriously though, how about we all just come clean and admit that the vast majority of open source work is done on an unpaid volunteer basis which by necessity of the global economy under which we all live, will only ever have an incredibly small amount of energy put into it at all, and so no matter what engineering task you’re talking about if it is non trivial it will probably take at least half a decade longer to complete than if it was developed professionally, with adequate resources and all that.
The Morello system under my desk isn’t running X.org, it’s running the KDE Wayland server, but the quantity of C code is similar. The entire graphics stack, from the in-kernel drivers, through the userspace ones and the display server, to userspace GUI apps, are all memory safe. A bug of this nature would crash the display server but would not trigger privilege elevation.
The only reason that this isn’t mainstream is that CPU vendors are not seeing demand. Arm would move their post-Morello architecture to final if one major partner demanded it. With zero rewrites, we could eliminate these vulnerabilities in one upgrade cycle if the industry chose to, with existing proven technology.
Rewriting in a safe language is a much larger project than Wayland. Some Wayland compositors are written in memory-safe languages but Wayland reuses a lot of code from X.org. A lot of the low-level bits of the graphics stack are shared.
I suspect that was largely a retroactive justifications, but the places it’s true were typically higher up the graphics stack. All of the KMS / DRI code, for example, is shared.
Was this in response to a different post, perhaps one that was merged and deleted? It now appears as a reply to the CVE story itself, and I’m scratching my head at the term “shitpost” being applied here.
Sorry for that. For the record I meant “obligatory” as in “yes, Xe has posted about this one too”, but I see that it could be read in a serious manner. I agree with you that it would not be desirable to rewrite the X server in a safe language; I just thought it was funny in the moment.
My desktop now runs FreeBSD as a daily driver, courtesy a powerline ethernet adaptor (I will get around to hauling cat-6 through the house at some point), and a used Intel Pro/1000 NIC that “just works” on FreeBSD.
So, I’m setting up a vm-bhyve VM for $DAY_JOB so I can run Linux-specific stuff under FreeBSD. Then I can finally switch back to FreeBSD as a daily driver, leaving Linux (Linux Mint, specifically) for media and gaming.
Indeed. I am told – life is too short to verify – that if you remove all the “modern” apps from Win11, it fails to boot or at least fails to get to the desktop.
Whereas I took a brutal approach to my own relic Win10 builds: I use a Powershell command to remove all the modern apps. Windows Store and all.
(I only keep it around for things like BIOS upgrades on non-UEFI machines, rooting Android devices and so on. I don’t much care if I nuke it.)
The only thing that failed was the “Windows Hello” fingerprint sign-on. Everything else is totally unaffected, AFAICS.
Although taskbar and most of user session UI is still hosted by explorer.exe, the actual applets (Start, Search, Quick Settings, notifications, tray etc) has been rewritten as modern packages and run in separate processes.
StartMenuExperienceHost.exe
ShellExperienceHost.exe
sihost.exe
SearchHost
TextInputHost which is invoked with Win+Period
LockApp
Client.Core
AccountsControl etc
You can find them in Windows\SystemApps. Removing them will break your system.
Windows 11 really is product development in action:
Windows ME
OK, so, nobody wanted this, but we’ve cobbled together another release from bits of Windows 98SE and bits of Windows 2000, and it will confuse customers like hell, but some will buy it by mistake!
Hey, that worked, let’s do it again.
Windows Vista
Right, so, Longhorn didn’t work, so what we’ll do is, we’ll do a knock off of Quartz Extreme and slap it on the Server 2003 kernel, and we’ll put widgets on it!
Wow. They really hated that, but they bought it. Suckers.
Windows 8
OK, listen, what we’ll do is rip out the most famous UI in the business, and slap a tablet interface on it! They’ll love it!
Windows 8.1
Hurrah! 10 million units! OK, OK, update it but put the Start button back, but bolt it to the tablet launcher!
Wow. 100 million units. Awesome.
Windows 11
So… inhales deeply… let’s put widgets like everywhere man and we’ll do ’em in that C# shit that weird Danish dude invented!
One slight advantage of car / cdr is that they compose tersely; otherwise cadr would have to be head-of-tail-of, or something. Likewise cddr would be tail-of-tail-of-tail-of. It’d get silly quickly.
Maybe it could be improved by better abbreviations? So instead of cddr, ttt? And instead of cadr, ht? You’d probably want a prefix, and to implement with a macro … so maybe #cttt or #cht? Doesn’t seem much more readable than cddr or cadr.
If you find yourself cadr/cddring then you should instead use whatever pattern matcher is available in whatever lisp you are using. Much clearer that way.
Clojure solves this with threading macros: (-> coll next next next first) But clojure also has drop: (first (drop 3 coll)) There’s no need to compose car/cdr if you can build sequence functions.
Tired of being an unpaid Microsoft support technician, I offered people to install Linux on their computer, with my full support, or to never talk with me about their computer any more.
The more time went by, the more I realised that this state of mind was particularly toxic and ultimately disrespectful of the real needs of the people around us.
I’m using the word ‘we’ here because obviously, I also had this approach at the time (admittedly, a few years later, being a bit younger), but I’m a bit ashamed of the approach I had at the time and today I have a deep rejection for this way of behaving towards a public who often use IT tools for specific needs and who shouldn’t become dependent on a certain type of IT support that isn’t necessarily available elsewhere.
Who are we to put so much pressure on people to change almost their entire digital environment? Even more so at a time when tools were not as widely available online as they are today.
In short, I’m quite fascinated by those who* are proud to have done this at the time, and still are today, even in the name of ‘liberating’ (often in spite of themselves) users who don’t really understand the ins and outs of such a migration.
[*] To be clear, I’m not convinced, given the tone of the blogpost, that the author of this blog post does!
The more time went by, the more I realised that this state of mind was particularly toxic and ultimately disrespectful of the real needs of the people around us.
Can we please stop throwing around the word “toxic” for things are totally normal human interactions. Nobody is obliged to do free work for a product they neither bought themselves nor use nor like.
The “or never talk to me about your computer anymore” if you don’t run it the way I tell you to part, is, IMO, not normal or nice. I’m not sure I’d have called it toxic, but I’d have called it unpleasant and insensitive.
Of course nobody is obliged to do free work for a product they don’t purchase, use or like. That’s normal. But you can express sympathy to your friends and family who are struggling with a choice they made for reasons that seemed good or necessary to them, even if you don’t agree that it was a good choice. It’s normal listen to them talk about their challenges, etc., without needing to solve them yourself. You can even gently remind them that if they did things a different way, you could help but that you don’t understand their system choice well enough to help them meet their goals with it.
The problem is telling a friend or loved one not to talk to you about their struggles. Declining to work on a system you don’t purchase, use or like, is of course normal and not a problem.
I’ve used Linux on my own machines exclusively since 1999, and when I get asked to deal with computer problems (that aren’t related to hardware, networking or “basic computer literacy” skills) I can’t help with, I’ll usually say something along the lines of “you know, you actually probably know more about running a Windows machine than I do” - which doesn’t usually get interpreted as uncaring or insulting, and is also generally true.
If you buy a car that needs constant repairs you get rid of it and buy something else that does not require it. There is no need to sit with family/friends and discuss their emotianal journey working with a Windows computer. it is a thing. If it is broken have it repaired or buy something else.
If you buy a car that needs constant repairs you get rid of it and buy something else that does not require it.
You might. Or you might think that even though you’ve had to fix door closing sensor on that minivan’s automatic door 6 times now, no other style of vehicle meets your family’s current needs, and while those sensors are known to be problematic across the entire industry, there’s not a better move for you right now. And the automatic door closing function is useful to you the 75+% of the time that it works.
And you still might vent to your friend who’s a car guy about how annoying the low quality of the sensor is, or about the high cost of getting it replaced each time it fails.
Your friend telling you “don’t talk to me about this unless you suck it up and get a truck instead” would be insensitive, unpleasant and might even be considered by some to be toxic.
It’s not an emotional journey. You’re not asking your friend to fix it. You’re venting. A normal response from the friend would be “yeah, it’s no fun to deal with that.” Or “I’d know how to fix that on a truck, but I have no idea about a minivan.”
–
edit to add: For those who aren’t familiar with modern minivans, they have error prone sensors on the rear doors that are intended to prevent them from closing on small fingers. To close the doors when those fail, it’s a cumbersome process that involves disabling the automatic door function from the driver’s area with the car started, then getting out and closing the door manually. It’s a pain, and if your sensor fails and your family is such that you use the rear seats regularly, you’ll fix it if you value your sanity.
As a sometimes erstwhile unpaid support technician, I vehemently disagree.
I fully admit that sometimes I stepped into that unpaid support technician role when I could have totally, in a kind, socially acceptable way, said “Wow, it’s miserable that your computer broke. You should talk to {people you bought it from}. I can tell you a lot about computing in general, but they’ll know a lot more about Windows than I would.”
And it would’ve been OK, because the people telling me about their problems were mostly venting, not really looking for a solution from me.
But as a problem solver, I’m conditioned to think that someone telling me about an issue is looking for a solution from me. That’s not so; it’s my bias and orientation toward fixing this kind of thing that makes me think so.
Thank you, you’ve put into much better words what I wanted to say than the adjective ‘toxic’, which was the only one I had to hand when I wanted to describe all this.
How on hell could it be considered as toxic to refuse to support something which is against your values, which requires you a lot of work, which is unpaid while still offering to provide a solution to the initial problem ?
All the people I’ve converted to Linux were really happy for at least several years (because, of course, I was not migrating someone without a lot of explanations and without studying their real needs).
The only people who had problem afterward were people who had another “unpaid microsoft technician” doing stuff behind my back. I mean I had been called by a old lady because her Linux was not working as she expected only to find out that one of her grand-children had deleted the Linux partition and did a whole new Windows XP install without any explanation.
First of all it is obviously your choice whether you want to give support for a system you don’t enjoy and may not have as much experience with. Especially when you could expect the vendors of that system to help, instead of you.
But the second part is how you express this: You are - after all - the expert getting asked about providing support. And so your answer might lead them down a route where they choose linux, even though it is a far worse experience for the requirements of the person asking for help.
The last point comes from the second: You have to accept that installing linux is for those people not something they can support on their own. If they couldn’t fix their windows problems, installing linux will at best keep it to the same level. Realistically they now have n+1 problems. And now they are 100% reliant upon you - the single linux expert they actually know for their distribution. And if you’re not there, they are royally fucked with getting their damn printer running again. Or their nVidia GPU freezing the browser. Or Teams not working as well with their camera. In another context you could say you secured your job. And if only because updates on windows are at least 100% happening, which is just not true on linux.
I have seen people with a similar attitude installing rolling releases for other people while disabling updates over more than 6 months, because they didn’t have the time to care about all the regular breakage. And yes that includes the browser.
And the harsh truth is that for many people that printer driver, MS Office, Teams + Zoom and Camera is the reason they have this computer in the first place. So accepting their needs can include “Sorry I am not able to help with that” while also accepting that even mentioning linux to them is a bad idea.
Because it’s a nice thing to do for your family and friends and they’ll likely reciprocate if you need help with something different. Half of the time when I get a “tech support” call from my aunt or grandparents, it’s really just to provide reassurance with something and have a nice excuse to catch up.
Mine was of wasting hours trying to deal with issues with a commercial OS because, despite paying for it, support was nonexistent.
One example: Dell or Microsoft (unsure of the guilty party) pushed a driver update that enabled power saving on WiFi idle by default. That combined with a known bug on my MIL’s WiFi chipset, where it wouldn’t come out of power saving mode. End result was the symptom “the Internet stops working after a while but comes back if I reboot it”.
Guess how much support she got from the retailer who sold her the laptop? Zip, zero, zilch, nada.
You’re not doing free technical support for your relatives, really: you’re doing free technical support for Dell, and Microsoft, and $BIG_RETAILER.
When Windows 11 comes around (her laptop won’t support it) I’m going to upgrade the system to Mint like the rest of my family :) If I’m going to donate my time I’d rather it be to a good cause.
Yes, that was never my experience, and if it had been I would be inclined to agree with you. These days I hear more of “why did I run out of iCloud storage again” or “did this extortion spammer actually hack my email,” which I find less frustrating to answer :)
Yeah it doesn’t matter for generic tech support, in my experience, what OS they’re running.
It’s just the rabbit holes where it’s soul destroying.
Another example was my wife’s laptop. She was a Dell XPS fan for years, and ran Windows. Once again a bad driver got pushed, and her machine took to blue-screening every few minutes. We narrowed it down to the specific Dell driver update. Fixed it by installing Mint :)
Edit: … and she’s now a happy Ryzen Framework 13 user. First non-XPS she’s owned since 2007.
Ugh. It’s not “toxic” to inform people of your real-world limitations.
My brother-in-law is a very experienced mechanic. But there are certain car brands he won’t touch because he doesn’t have the knowledge, equipment, or parts suppliers needed to do any kind of non-trivial work on them. If you were looking at buying a 10-year-old BMW in good shape that just needs a bit of work to be road-worthy, he would say, “Sorry, I can’t help you with that, I just don’t work on those. But if you end up with a Lexus or Acura, maybe we could talk.” He knows from prior experience that ANY time spent working on a car he has no training on would likely either result in wasted time or painting himself into an expensive corner, and everyone involved getting frustrated.
Similarly, my kids would prefer to have Windows laptops, so that they could play all the video games their peers are playing. However, I just simply don’t know how to work on Windows. I don’t have the skills or tools. I haven’t touched Windows in 20 years and forgot most of what I knew back then. I don’t know how to install software (does it have an app store or other repository these days?), I don’t know how to do back ups, I don’t know how to keep their data safe, I don’t know how to fix a broken file system or shared library.
But I can do all of these things on Linux, so they have Linux laptops and get along just fine with them.
Edit: To color this, when I was in my 20’s, I tried very hard to be “the computer guy” to everyone I knew, figuring that it would open doors for me somehow. What happened instead was that I found myself spending large amounts of my own free time trying to fix virus-laden underpowered Celerons, and either getting nowhere, or breaking their systems further because they were already on the edge. Inevitably, the end result was strained (or broken) relationships. Now, when I do someone a favor, I make sure it is something that I know I can actually handle.
But he didn’t force anyone, he clearly says that if those people didn’t want his help, he could just leave it the way it was. To me that’s reasonable - you want my help, sure, but don’t make me do something I’m personally against. It’s like, while working in a restaurant, being asked to prepare meat dishes when being a vegetarian, except that my example is about work and his story is about helping someone, so there’s even less reason to do it against his own beliefs.
From my experience being an unpaid support technician for friends and family, that’s the only reasonably approach. I had multiple situations when people called me to fix the result of someone else’s “work” and expected me to do it for free. It doesn’t work that way. Either I do it for free on my own terms, or you pay me the market rate.
Some examples I remember offhand. In one instance, I tried to teach a person with a malware-infested Windows some basic security practices, created an unprivileged account, and told them how to run things as administrator if they needed to install programs and so on. A few weeks later I was called to find the computer malware-infested again, because they asked someone else to help and he told them that creating a separate administrator account was “nonsense” and gave the user account administrator rights. Well, either you trust me and live more or less malware-free or you trust that guy and live with malware.
In another instance, I installed Linux for someone and put quite some effort into setting things up the way the person wanted. Some time later, they wanted some game but called someone else instead of me to help install it (I almost certainly would be able to make it run in Wine). That someone wiped out all my work and installed Windows to install that game.
People expecting you to be their personal IT team for free just because you “know computers” is just as disrespectful. I don’t think it’s unfair to tell people “no if you want help with your windows system you need to pay someone who actually deals with such things”
The more time went by, the more I realised that this state of mind was particularly toxic and ultimately disrespectful of the real needs of the people around us.
This is looking at the things with the current context. Windows nowadays is much more secure and you can basically leave a Windows installation to a normal user and not expect it to explode or something.
However at the time Windows was still the kind of operational system that if you put it on internet without the proper updates, it would be instantly be infected by malware 1. Most users run with admin accounts and it was really easy to get a malware installed by installing a random program, because things like binaries signatures didn’t exist yet. There were also no anti-malware installed by default in Windows, so unless you had some third-party anti-malware installed your computer could quickly become infested with malware. And you couldn’t also just refresh your installation by clicking in one button, you would need to actually format and reinstall everything (that would be annoying because drivers were much less likely to be included in the installation media, so you would need to have another computer that had an internet connection since the freshly installed Windows wouldn’t have any way to connect to internet).
At that time, it would make much more sense to try to convince users to switch to Linux. I did this with my mom for example, switching her computer to Linux since most things she did was accessing the internet. Migrating her to use Linux reduced the amount of support I had to do from once a week to once a month (and instead of having to fix something, it would be in most cases just to update the system).
It should be added that if you helped someone once with his Windows computer, you were considered responsible of every single problem happening on that computer afterward.
In some cases, it was even very strong problem (I remember a computer which was infected by a malware that dialed a very expensive line all the time. That family had a completely crazy phone bill and they had no idea why. Let assure you that they were really happy with Linux for the next 3 or 4 years)
It should be added that if you helped someone once with his Windows computer, you were considered responsible of every single problem happening on that computer afterward.
Very much that. It was never the user fault, even if you left the computer in pristine condition, if they had an issue in the same week it was your fault and you would need to fix that.
However at the time Windows was still the kind of operational system that if you put it on internet without the proper updates, it would be instantly be infected by malware.
At the same time, however, it was also much more likely that you needed to deal with an application that would only run on windows, a file format that could only be roundtripped by such an application, a piece of hardware that only worked on windows (remember winmodems? scanners sucked, too, and many printers were windows GDI only), etc.
So convincing someone to use Linux was more likely to cause them a different kind of pain.
Today, most hardware works reasonably with Linux. Printers need to work with iPhones and iPads, and that moved them off the GDI specific things that made them hard to support under Linux. Modems are no longer a thing for most people’s PCs. Proton makes a great many current games work with Linux. Linux browsers are first class. And Linux software handles most common file formats, even in a round trip, very well. So while there’s less need to switch someone to Linux, they’re also less likely to suffer if you do.
That said, I got married in 2002. Right after I got married, I got sent on a contract 2500 miles away from home on a temporary basis. My wife uses computers for office software, calendar, email, web browsing and not much else. She’s a competent user, but not able to troubleshoot very deeply on her own. Since she was working a job she considered temporary (and not career-track) at home, she decided to travel for that contract with me, and we lived in corporate housing. Her home computer at the time was an iMac. It wasn’t practical to bring that and we didn’t want to ship it.
The only spare laptop I had to bring with us so she had something to use for web browsing and job hunting on the road didn’t have a current enough to be trustworthy windows license, so I installed Red Hat 7.3 (not enterprise!) on there for her. She didn’t have any trouble. She’d rather have had a Mac, but we couldn’t have reasonably afforded one at the time. It went fine, but I’d never have dared to try that with someone who didn’t live with me.
At the same time, however, it was also much more likely that you needed to deal with an application that would only run on windows, a file format that could only be roundtripped by such an application, a piece of hardware that only worked on windows (remember winmodems? scanners sucked, too, and many printers were windows GDI only), etc.
Yes, but it really depends on the kinda of user. I wouldn’t just recommend Linux unless I knew that every needs from the user would fit in Linux. For example, for my mom, we had broadhand Ethernet at the time, our printer worked better on Linux than Windows (thanks CUPS!), and the remaining of her tasks were basically done via web browser.
It went fine, but I’d never have dared to try that with someone who didn’t live with me.
It also helped that she lived with me, for sure ;).
my shell git prompt is basically noise for a dangling HEAD commit and my editor will proudly tell me about how much it has staged even though jj doesn’t use the staging area.
which is adjacent to the main thing that’s stopped me from spending any time with jj. I’m concerned that it’ll make interacting with people who aren’t using it (including future-me, if I decide I don’t like it very much) a challenge if it’s making things like shell prompts and editor integration act funny.
For those who have tried this out: Do git repositories that get used with jj by some people and just using plain ’ol git by others develop strange problems for either the jj users or the git users?
My initial reaction to “without telling anybody” was horror.
This was shortly followed by the dawning realisation that I use magit (an Emacs Git front-end) and it never occurred to me to mention that to any of the teams I’ve worked in (unless I was evangelising Emacs).
Because of course Magit is “just” a UI.
Now I’m thinking deeply about things and it’s not even nine o’clock in the morning.
Right, one way to look at Jujutsu is as a friendly frontend to Git with a coherent UX, similar to Magit.
Imoortantly, Jujutsu is not merely a frontend to Git. It is its own system with Git as one supported backend. Another one is Google’s internal Piper/CitC stuff they use in their google3 monorepo. The pluggable back ends mean that Jujutsu isn’t too closely tied to git specifics, which leads to a generally better design.
In my experience, the interop is really flaweless. No conflicts at all between people using jj and people using git, it’s really transparent.
You can in some cases make your local copy act weird when colocating and manipulating the repo with both tools at the same time in conflicting ways. The general advice is to use jj for manipulating the repo, and git for read-only operations/integrations that aren’t yet supported by (or don’t support) jj.
But, really, don’t worry about interaction (including future you), it truly works perfectly.
As for the dangling HEAD commit noise, I added a fish_jj_prompt (based on one found online at random) which takes precedence over my fish_git_prompt when it succeeds, so I don’t have to suffer that any more.
For completeness, here’s my fish_vcs_prompt — I just exported fish’s default (type fish_vcs_prompt), and then prepended fish_jj_prompt $argv or so it’ll try jj first and leave it at that if it works.
That’s the one! I’ve added some commands in my version since my jj is an alias which I want ignored for the prompt, and s/branches/bookmarks/ since I’m on jj 0.22.
So people you interact with via the same remote can do whatever with git and jj seems to just handle it in my experience.
The warnings about jj/git interop are mostly about certain git commands that write locally can confuse jj. For example, I did manage to get out of sync once by deleting a git remote with the git remote remove command where jj still thought the remote existed. In that case I just added the remote back with git then used jj git remote remote to resolve it.
I am a around 30 years old, and here is something I don’t get: why do we care about the FSF? This is a sincere question that may help keep the discussion on topic.
To me FSF already feels like a relic of a bygone time of CS and free software, and RMS embodies this “ancientness”. All of this is free software that can be forked, and RMS relevance is mostly linked to giving talks if I’m not mistaken. Why is so much focus put on getting the FSF to fire RMS? Why not let them both die down in their own little bubble? Fork the software, and stop attending RMS’s lectures. What am I missing?
You’ve missed the decade when it was really uncertain whether Free Software, or even Open Source, would exist beyond a fringe.
In the 80-90s all “home computers” were entirely proprietary closed-source systems. In the 90s and early 00s, Microsoft was incredibly dominant. Office + IE lock-in + winmodems made it nearly impossible not to use Windows. Competition didn’t matter, was unaffordable, and also proprietary anyway.
Microsoft was unashamedly aggressive, and busy spreading FUD. #1 software company in the world kept saying that exposing source code is dangerous, non-commercial software is made by shady amateurs, DRM is necessary for “trustworthy computing”. They even supported a Business Software Alliance that pretended to be anti-piracy agency, and incited police raids on Linux users under the premise that Linux is a useless junk with no purpose other than to illegally buy computers without paying OEM fees to Microsoft, and hide the real commercial software they must have stolen.
We’ve dodged a massive bullet, but that took a lot of advocacy. RMS/FSF have been influential in starting counter-movements. RMS has been proven right on software freedoms.
They’re irrelevant now because Microsoft has lost that battle, even though Free Software didn’t win.
Azure now running Linux feels surreal. Microsoft literally used to call Linux “cancer”.
FSF is still a high profile organisation in FOSS, in charge of GPL and a few projects, plus they do show up in many places trough their campaigns.
Most importantly, FSF and RMS still having support and people defending them sends a warning signal that the larger community doesn’t take such issues seriously, and it’s a bigger problem than just a one creep.
Sorry but what? You are just listing some of your opinions about FSF. Can someone explain what concrete way FSF is preventing women and minorities from participating in Free Software that can’t just be attributed to the general abysmal representation rate of women and minorities in tech in general?
Azure runs Linux on Hyper-V, so on top of Windows!
I was surprised when I saw that (in VM boot logs) but I guess if there’s a single company where that might make sense it’s Microsoft.
Aside from questions of RMS’s influence, there’s a clear technical reason to pay attention to the governance of the FSF: thousands of projects give them the right to relicense anything that “GPLv2-or-later” or “GPLv3-or-later”.
Incidentally, I think for this reason, it’s the wrong strategic move to simply abandon the FSF. While it’s not the end-all-be-all, the ability to define a putative GPLv4 may come in handy some day, and it would be bad if that power fell into the wrong hands (even worse hands than Stallman’s).
In my opinion, the “or-later” licenses are foolish anyway*. You’re licensing your work under a license that could become literally anything in the future. And as we have seen time and time again, organizations can be captured and even entire cultural movements start working against their original agenda. Say against Stallman what you will, he was always steadfast in his dedication to actual user freedom, like a rock in the surf.
What’s the problem with that? Say for example apple. They took FreeBSD because they could do just that while they could not under GPL. Personally I don’t care for apple and don’t use their products, but what exactly is the problem? They seem to be rather popular even amongst many free software authors. It it so bad that they did their thing?
I think the whole idea of forcing it to be free has more bizarreness to it. I don’t want to be exercising control of stuff I wrote if some company takes it and makes closed source changes for whatever purpose. I shared it. From that point on, it’s not mine anymore, as per definition of sharing.
Sure, and reasonably, protection against usurpation of intelectual property is something I would care. If I write something of value, I would want a company to claim they wrote it themselves. But using it and modifying it… Well I released it, shared it.
It’s a fair question. For the record, I am personally very close to coming to this same conclusion: that the FSF has lost so much credibility it’s probably irredeemable at this point, both for their refusal to condemn RMS’s behavior and for their myopic insistence that license is the thing that matters above all else when it comes to user freedom, which has led to situations like Google Chromium that technically qualifies as free software but has been a tremendous force towards consolidating monopoly power and eroding end-user freedom. All this while condemning projects like Debian just for shipping working wifi drivers.
I think the reason that a lot of people are hesitant to move on is that it feels like admitting defeat and saying that “open source” has won, and that the point of what we do is to make software that’s “more effective” (for whoever controls the software) rather than actually working towards a world that’s better for end users. As far as I’m aware there does not exist any other organized form of resistance. (with the possible exception of the FSFe which does condemn Stallman and just general has much more sensible priorities)
But I think you might be right in that the energy could be better spent building up some kind of post-FSF movement with an explicitly anti-capitalist foundation the likes of which the FSF was never bold enough to claim. A lot has happened since the 1980s, and the free-software-vs-open-source divide has always been sooooo subtle that it’s easy for naive programmers to think they’re the same thing.
On the other hand, I am not putting my own energy towards building such a movement, so for me to criticize what other people choose to put their energy into feels a bit hypocritical.
FWIW the non-free element of wifi drivers that FSF does not approve of is user-uploadable firmware. If the firmware would be stored locally on the wireless adapter and be inaccessible to the end user, the wifi driver would be free from FSF’s standpoint. Same if the functionality would be implemented in hardware. In all cases the question what the card is actually doing would apply in equal measure.
When you get to the low level stuff, the distinction between hardware and software becomes really blurry.
For those of us a bit older, it certainly felt like RMS’s views - and efforts to disseminate them - on free software were pretty important in kick-starting the open-source explosion in the late 90s. Obviously “open source” software has existed since the beginning of time, and was particularly prevalent in certain communities, particularly the original Unix world that sees its continuation in the modern BSD eco-system. However in the 80s and 90s the software that ordinary people were likely to encounter, as the use of and exposure to computing exploded, was all closed-source and commercial - mostly the DOS/Windows ecosystem. RMS’s free software advocacy along with Linux’s use of the GPL was a strong counterpoint to that, and the FSF/GNU project did contribute the libc and dev tools that turned Linux into a usable operating system.
Obviously, none of this forgives the way RMS appears to have behaved or the views he has stated (I’ve not delved very deeply into the accusations because of the ‘ick’ factor, but that certainly doesn’t mean I disbelieve them.) But perhaps it explains a bit why the subject feels important to those of us 40+ years old whereas it may well seem like an irrelevance, albeit a very grim one, to anyone younger.
Technically we are very nearly in a post-FSF/GNU world - we have musl, clang/llvm, many new dev tools, editors, and whole languages and ecosystems. A younger acquaintance on IRC wrote this evening, “.. and to be honest I think given that the FSF seems to be largely a cult of personality around RMS, it’s time to let it die” .. and while my initial reaction was to bristle a bit, I can’t help thinking he’s right. Such a shame its legacy is going to be tainted by one man and his enablers :(
Just wow. This bald statement is a testament to the past success of the FSF, that someone in their 30s can take the current success of free software for granted. (Not to imply that they did it all single-handedly, but you cannot deny the role that they played.)
The current success of Libre Software may stem from the (undeniable) work the FSF did, but it is no longer driven by the FSF. I acknowledge that the FSF did extremely important things from its founding until circa the early 2000s, but since then it has been a sad downhill decline towards irrelevance. Since #MeToo and what came out about RMS and his friends around then, it has also been a decline into active harm to the Libre Software community.
We have the SFC to advocate for software freedom. RYF has been incredibly infuriating for those of us who want to see the Libre Hardware movement flourish; it took two years to certify the Talos II board, and by the time it was certified it had lost most of its market relevance. They are putting resources into a campaign to get non-technical users to use GnuPG for their email without fixing any of its user experience issues - and they don’t even recommend cycling keys regularly, only suggesting to do it in the event of compromise. Taking the cake is their insistence on confusingly calling Thunderbird “Icedove” as a primary name and suggesting Thunderbird is somehow an alternative name.
I appreciate the FSF’s steadfast dedication to purity, but as Python famously encodes into this, practicality beats purity. I stand against FSF’s requirement that libre operating systems necessarily must not allow users the option to install firmware as it prevents users from learning about the benefits of Libre Software without sacrificing Wi-Fi and in many cases graphics acceleration. I don’t think it’s right that the hardware requires firmware, but this is the world we live in, and if Bash can run on the Mac OS and the LGPL can exist, then users should have a freedom to use the hardware they are stuck with. This is why Adélie’s installer asks the user to make the choice themselves.
Or, to make the counterpoint seen elsewhere in this thread, I can boot my Linux kernel system into a BSD-2-Clause OpenRC built against MIT musl libc and log in to my account to start using my Zsh shell session using either toybox or chimerautils for the POSIX command set, all built with NCSA/Apache-2.0 LLVM and Clang. The GNU Operating System plays no part in it.
And to be clear, I disagree with exactly none of your points. Nonetheless, I am old enough to remember when the goals of the FSF seemed utopian, to the point of being unmoored from reality. Somewhere along the line the world surpassed what they set out to do. (Perhaps they were unready for that.)
There were also a strong culture for sharing software, both free and unfree, on BBS-es, on copyparties, in the demoscene, in person and then on the internet, completely independent of the FSF. I feel that you might be giving them a bit too much credit. The culture for sharing code was already there.
Someone has to file amicus curiae briefs in the Federal appeals circuit courts and SCOTUS. The FSF (and others, like OSI) do that for cases related to software copyright. My understanding is that the FSF and related organizations are to FOSS what the ACLU and SPLC are to civil rights.
This goes beyond code, where you need humans to show up and argue with each other in person or in writing what words mean or how they should be interpreted. But ironically, that’s not the kind of belligerently ignorant trolling highlighted in this report.
This seems like something that could be verified empirically. Has anyone gathered data on how many briefs have come from each organization? I always think of the EFF when it comes to copyright cases. The FSF doesn’t even come to mind unless it’s specifically about the GPL.
Someone has to file amicus curiae briefs in the Federal appeals circuit courts and SCOTUS. The FSF (and others, like OSI) do that for cases related to software copyright.
That’s just an aphorism, it’s not some kind of objective statement of truth. It’s a self-fulfilling aphorism, you just need confirmation bias to apply it to the current era.
I didn’t include a rationalization for the aphorism; instead, I’ve used it to make a point. In other words, it’s not about the aphorism itself, but about the tendency to forget that times change. For example, if the entire population were to get vaccinated, future generations might doubt the necessity of vaccines because there would be no pathogens for the vaccines to combat (assuming vaccines work as inteded).
For better or worse FSF hosts some resources, technical and social, in use by the GNU project. And the latter has projects that are very important to keep going.
In my mind, the clearest case for the FSF is the definition of free software as a liberty, defined by the four freedoms (and by extension the freedom to help someone non-technical, by for example fixing a bug in some software upstream has abandoned).
As well as the argument that extends from it in favour of democracy; Free voting software, Free policing software, Free medical software, Free research and educational software and so on.
I am glad that this question is top voted and I applaud its neutral tone.
Disclamer: I’ve been an open source user for a quarter of a century and still run Linux on all my computers.
I like free software because it allows me to trust it more. The whole process allows for more transparency and even for people to fork the code and modify it. It feels safer and it lenda itself for software that is more focus on usefulness rather than all sorts of gimmicks to achieve marketing goals. Although there is a fair share of such gimmicks in the free software world too.
I would not only agree with your skepticism, I will also state that I personally already had a similar opinion to yours back in the mid 2000s. There was already a relic feeling to it and it already smelled of gatekeeping and silly void elitism.
So back in the day I red about the famous GPL licenses and why they were important (which they were) but then headed up to the web and it was all about “should this or that project be included in the gnu project?” Taken as a political matter. gatekeeping. Should we allow this guy to play with the cool kids? Do we let him speak in the mailing lists or do we moderate him to complete silence?
It always ringed wrong to me. It’s not so much about whatever policy they follow, but rather positioning themselves as some sorts of oficial leaders of free software, when the whole point should be allegedly that we don’t need to be subjected to such authority.
IIRC, netcat’s man page does take a jab at the whole thing saying free software licenses are non sense.
Personally it annoys me when I hack together a quick script and share it … it always comes some party pooper with some boring blab about which license I should release it under.
The FSF and RMS did play a central rolle in free software, which Stalman defining much of what it is. But we should leave it at that. At this point, things like GitHub, package registries, etc. are arguably of comparable if not even greater importance.
I do find this pattern in many free software projects that get popular and large. Often times some power hungry self-important group of people decides they should run the thing officially and start creating all this power structure, while hackers are under the impression that it was just a bunch of people hacking.
Isn’t this something that should be put to Stallman for response before using it to assassinate his character and the free software movement by association? Or does responsible journalism no longer exist? Like, there’s a difference with him being wrong about sexual activity’s impact on minors under 16 (the average age of consent around the world) versus him being a malicious pedophile intent on defending child sex abuse.
Thankfully you can find this addressed in the report, which also details his various apologies and how he has worked to undermine his own apologies over time. This is not something new coming out of nowhere that Stallman would respond to in a novel way, it is documentation of a very long pattern of behavior.
I feel like responses to Stallman usually don’t come with data, so the arguments and rebuttals and such turn into semantic warfare. This isn’t that sort of thing.
Journalistic ethics vary worldwide. Here in Europe, for example, I’m not aware that the right of reply is generally understood as requiring that the subject of a piece be allowed to see it and respond before publication. This may be different in English-speaking countries where the right of reply might not enjoy the same legal protection as here. In any case, the right of reply generally covers factual statements only (which would be the numerous quotations from Stallman’s blog, transcripts of his public appearances etc.) – in these cases, the editors have noted Stallman’s excuses, partial retractions, etc. where they exist. The rebuttal sections would not be covered by right of reply, since they are commentary and analysis. The factual sections are very well-cited with hyperlinks. There is very little that would be covered by a right of reply.
As for the accusation of a motive to ‘assassinate [the character of?] the free software movement’ – pointing out Stallman’s personal flaws of any kind really should not affect the free software movement in toto. Most of the people I’ve seen posting and sharing this are themselves free software activists. I have good reason to believe that the authors are free software programmers, users, and activists. This is not a psyop by … (I don’t know who the anti-free-software boogeyman is since Microsoft embraced FOSS, but whoever people are blaming for anti-free software propaganda now.) From all I can tell, those who authored and many of those agree with this report want, among other things, a free software movement whose reputation is less unfairly tied to the reputation of one man – a man whose reputation deserves to be called into question when he keeps doing things such as what is described in this report.
These aren’t new allegations, and this isn’t the first time RMS’s conduct has been reported.
It’s merely a documentation of years of recurring problematic behavior, non-apologies, and FSF looking the other way.
They all had numerous chances to respond and correct these issues, and they didn’t. In 2019 the same reports about the same issues have flared up again, and even resulted in RMS being removed from the board… temporarily.
RMS and FSF have shown time after time that they’re not going to change.
There is no response needed, and even if there was one, there is no reason to believe any of it is genuine, and not yet another feigned concern, insincere apology, superficial change, and back to normal.
I didn’t get that sense, at all, from the document. Rather it contained a fairly simple proposal for the free software movement (in the form of the FSF) to eject Stallman based on his publicly stated opinions.
If there’s any character damage being done, it’ll be by the FSF to themselves, if they fail to act following this publication.
Isn’t this something that should be put to Stallman for response before […]? Or does responsible journalism no longer exist?
I do not think that “responsible journalism” requires informing subject of an article about its content beforehand. I would say more - in many cases, especially in investigative journalism about public people, it is something that will not be sent for approval/response beforehand.
It’s a little more subtle than that. See, for instance, this article from NPR about what kind of factors are taken into account when deciding how long to wait after a request for comment.
Reaching out for a comment isn’t a legal requirement under many (most?) jurisdictions but it’s usually good practice, especially in investigative journalism. However, it’s something where the journalist is expected to exercise their own judgement. There are some basic rules of thumb for when not to do it, too, like not calling someone for a comment on something they’ve already issued a public position on, or if you’re not publishing new material but just quoting things that are public knowledge by now and, literally, old news.
So why do journalists do it? There’s a lot of reasons, some editorial in nature, sometimes it Legal’s advice, but also, ultimately, just to be on the safe side, because:
It’s rare, but it happens – sometimes you’re really missing a critical piece of context that only the other person can provide, or you literally got something wrong. The unfortunate reality is that some things wind up in print not only due to a journalist’s persistence, but also as a byproduct of institutional power struggle, and when that happens, not everyone you talk to tells you the whole story, or even the truth, for that matter.
It’s easy to forget this but whoever’s involved in what you’re investigating doesn’t live in a vacuum. Reaching out to someone for a comment also acts as a heads-up to e.g. maybe not send their nine year-old to school for a day or two if they might be at the receiving end of hatred directed at their parents, even if the parents deserve all that hatred.
When it’s done, it’s always done as a courtesy and in the form of a request for comment, though, there’s no “approval” there. As in, the journalist will call that person or their press representative, say hey, I’m X from Y, we’re going to publish a material that says such and such, would you care to comment on that. Asking for that material not to be published is a very big no-no.
I don’t know if what’s in the linked report warrants a request for comments because I just haven’t followed this thing closely enough in the past few years. I’m only mentioning this (sauce: used to work for a print publication like 20 years ago) because journalistic practices are easy to have opinions on, and maybe a quasi-insider perspective (I was young and never wrote anything of importance, but I worked with people who weren’t and covered real stuff), even if out-of-date, would be useful to someone.
Character assassination is all that comes to mind when i.e. the section on “Credible allegations of sexual misconduct” contains zero sexual activity, not even exposing himself to women which is what I expected to read. He emotionally pressured/bullied/coerced a woman to go on a date with him, disgusting and embarrassing behaviour, obviously wrong - but with nothing sexual, it’s not a great lead to the “sexual misconduct” section.
It would seem your definition of sexual misconduct requires lewd/severe acts, which is false. Sexual misconduct is a fairly wide range of offenses, including but not limited to sexual harassment and sexual coercion.
Attempting to frame it as requiring lewd acts only serves to dilute the voices of people on the receiving end of the harassment.
Character assassination is all that comes to mind when i.e. the section on “Credible allegations of sexual misconduct” contains zero sexual activity, not even exposing himself to women which is what I expected to read.
Perhaps I’m reading too much into your comment, but your expectation was that there should be a lewd act for the “sexual misconduct”.
You can split hairs all you want, unwanted advances by people in a position of power even without a mention of sex is still considered sexual harassment by most courts in the US(where the vast majority of the report is about).
Having a teen come on stage and make a joke about virginity isn’t only inappropriate for that person, it is also subjecting every one in the audience to the same treatment.
I agree with you. It’s sexual harassment to put a 13-year-old into a sexual context, regardless of their permission. It also makes everyone in the audience an unwitting accomplice, and he will point to their silence as approval.
We should bear in mind that the majority of the evidence that exists is not going to be available to us. The reports we have paint a picture of someone who attempted to exercise authority to gain a sexual favor in a few situations where they didn’t really have the authority. This suggests there were other times this tactic bore fruit, or he wouldn’t have kept trying.
You can’t assassinate someone’s character by correctly pointing out that he has, and continues to, defend pedophilia. All they are doing is expanding the context in which people evaluate the character’s output.
They go on a date, it goes well or more likely doesn’t go well because of the circumstances, and grown adults make decisions. I don’t have the rizz to go back to mine for coffee after every first date, and would be surprised if Stallman did.
To cool off the descendant threads slightly, I would say that many stories of coercive relationships start with this kind of coercion. Whatever power differential someone can exploit to coerce someone into a date, they can also use to coerce other things, and claims from the victim against the aggressor become harder to prosecute because of the entanglement of the relationship. Abusive relationships are legal, in a sense, although the abuse isn’t, there is a coercive context that makes even reporting abuse difficult, let alone prosecuting it.
Back to the article, I wouldn’t assume that just because someone failed to coerce a couple people, they wouldn’t try again with others, especially when the time span is so wide between the two specific claims in the article. I would expect coercion in the beginning to be a prelude to more coercion later. RMS also spends a great deal of energy defending sexual aggression and trying to redefine what constitutes sexual coercion on his website. Taking these positions, while also having attempted to coerce people (even if it’s “just” dates or attempting pick-ups), is not a great combination.
To give an example less specific to this context, in many countries still today, marital rape is not considered a crime—and indeed, until 1993 it wasn’t a crime in all the United States.
I think this is the first time when I have to write something and preface it with a trigger warning. Hopefully I’m doing this right, I’m not entirely sure how this goes.
None of this is specifically about something in this report, this is just about your comment. I’d like to try to explain why you (and some of the people downthread) are getting stronger reactions than you think are warranted. I imagine, or at least I hope, that you think it’s being blown out of proportion simply from a lack of experience – as in hopefully you were never bullied into a date and if you ever went on a date that wasn’t good, it was just boring or something.
“Likely doesn’t go well because of the circumstances” is an euphemism that only covers the kind of awkward but harmless cringe of, say, a friend playing matchmaker and setting you up with someone who turns out to be a devout vegan and your idea of a cool first date begins with dinner at this new burger joint where the star of the menu is something called the Mega Smoked Bacon Four-Pounder And No We Didn’t Mean Quarter.
Being pressured into a date is not that kind of cringe. Especially not when one person is on an entirely different “level” than the other – not necessarily in terms of formal workplace hierarchy, social pressure works like that, too.
Saying “no” isn’t just a matter of whether you like that person or not, it’s also a matter of wondering if that’ll have any consequences over your work/study/circle of friends, and living with that choice for however long it takes. The teacher you’re turning down today, as a freshman, may teach a senior year class. The charismatic person you’re saying no to may not be in charge of your work but if they have management’s year, they might as well be.
You think turning down the date is the end of it but depending on circumstances it may not be, it’s the kind of thing that can have long-lasting consequences with the wrong person. And more generally, bullying someone into a date, even if they eventually stick by their refusal, isn’t fine for the same reason why bullying someone isn’t fine even if you don’t beat them up in the end.
Saying “yes” is even worse: it’s (hopefully just) an evening in which you’re constantly wondering at what point avoiding whatever you’re risking by saying “no” begins to not be worth the pain of saying “yes”, and then realising you’re basically doing risk-benefit analyses and trying to bargain with yourself. And as you do that, you also can’t help but wonder if the person who wouldn’t take no for an answer when they asked you out would take no for an answer when it comes to the rest of the date. What will they do if you don’t hold their hand? What if you won’t kiss them? What if you won’t say yes to another date?
Sometimes, when they’re young (edit: this part is specifically about the report, it’s about something that happened between people in their late teens/mid-twenties), people do this sort of stupid thing just because they don’t understand how hurtful it is – out of ignorance, or loneliness, or whatever, we’re all human. I get that, especially with “unwritten”, social rules; there was no abuse there, but as an awkward, nerdy teenager, I once dated one of the most popular girls in my high school, and I swear to God I didn’t understand anything going on around me, I just didn’t get how cool kids functioned. The entire human society gets that, it’s how we’ve come up with apologies – which can’t undo things, but they can at least re-establish some lost decency.
Also, sure, no amount of space policing will keep you safe from psychopaths, so developing a thick skin for these things is useful. But given the choice, why not be nice, instead of being someone’s villain origin story?
“More likely doesn’t go well” doesn’t even begin to capture how bad these things can be. Depending on circumstances, the rizz may not be what gets the other person back to yours for a coffee. (Edit:) I get that you’re not condoning coercion or sexual harassment; but a) you may not realise it but your comment sounds a lot like the kind of stuff people who do condone that say, so you’re getting flak for it, and b) when someone is coerced into a date, some of the decision-making ability that you think adults have is lost; that’s what makes it so awful.
I’m not sure what the correct flag type is for this comment, but are we really a community that welcomes comments that say that, when men bully women to try to get them to go on dates with them, women should simply acquiesce?
I’m sorry, but you seem to be reading something I didn’t say. I categorically do not believe women should acquiesce to bullying behaviour and I think it’s disgusting that Stallman did so. If you assumed as you say in another comment that I meant everything was fine because this woman went on the date, that’s on you - I didn’t imply that, I don’t think that, it wouldn’t justify the behaviour, and you should try to be more charitable when reading something you disagree with. I appreciate @linkdd reading my comment charitably, instead of making me out to be some insane misogynist monster.
He emotionally pressured/bullied/coerced a woman to go on a date with him, disgusting and embarrassing behaviour, obviously wrong
To:
are we really a community that welcomes comments that say that, when men bully women to try to get them to go on dates with them, women should simply acquiesce?
At the point where I interjected, where the answer to ‘What would you expect to be the likely outcomes of being coerced into a dating someone?’ began with the words ‘They go on a date’.
The outcome of being coerced into dating someone comes after said date. So it feels logical that the answer begins with “They go on a date”. And the author also re-state their disapproval with “doesn’t go well because of the circumstances”.
The implication that everything would be alright (that the coercion/bullying would stop?) once they had been on a date once and the victim had made a ‘decision’ is another dangerously naïve aspect of the comment author’s premise.
Believing things like this is how people end up in long-term abusive relationships.
I may have interpreted the author’s comment differently. What I understood was: “this specific example did not seem to have led to anything worse than the bad thing it already was”
Thunderbird has one of the worst user experiences I’ve ever seen. It takes seconds to delete an email from my inbox, the UI thread hangs all the time, if I click on a notification, it makes a black window because the filter moved the email while the notification was up and they didn’t track it by its ID or some basic mistake like that. Every update the UI gets clunkier and slower. Searching has a weird UI and fails to find matches. I could go on and on, there are so many UX issues with this worthless software. I have no idea what’s going on over at Mozilla. I think the org just needs to be burned to the ground.
I use it as my daily driver for now, but I feel like I’m on a sinking ship surrounded by nothing but ocean.
I use K-9 on Android and it’s fine… the idea of transforming it into Thunderbird blows my mind.
Yep, same boat. 100k+ emails, lots of filters, etc., it just works honestly. Thunderbird has only gotten better for me since Mozilla stopped supporting them.
Out of curiosity, are you using POP or IMAP? I imagine the performance characteristics would be very different, given their different network patterns.
I run Dovecot as an IMAP server on a Thinkpad which was first sold in 2010 with an SSD in it. I keep thinking I should change the hardware but it just keeps trucking & draws less than 10W so it never seems worth the effort.
It’s stuck behind a 100Mbit ethernet connection (for power saving reasons) which is roughly equivalent to my Internet connection but the latency is probably lower than it would be to an IMAP server on the wider Internet.
Having exclusive use of all that SSD bandwidth probably helps too of course.
I use K-9 on Android and it’s fine… the idea of transforming it into Thunderbird blows my mind.
Branding is a powerful concept. You think Outlook on iOS or Android shares anything with the desktop app? Nope, it’s also a rebranded M&A. It is kind of funny the same happened with Thunderbird.
Which leads to funny things where Outlook for mobile gets features before the desktop version (unified inbox and being able to see the sender’s email address as well as their name come to mind).
I don’t have it in front of me to double check but yeah the message UI is weird. It shows their name and if you hover over it then it pops up a little contact card that also doesn’t show the actual email address. IIRC hitting reply helps because it’s visible in the compose email UI.
I use K-9 on Android and it’s fine… the idea of transforming it into Thunderbird blows my mind.
i thought the idea in Mozilla’s head would be more like “okay we have this really good base for an email app (k-9), lets support it, and add our branding to it and ship it as Thunderbird “
Thunderbird does a lot of disk I/O on the main thread. On most platforms, this responds in, at most, one disk seek time (<10ms even for spinning rust, much less for SSDs, even less for things in the disk cache) so typically doesn’t hurt responsiveness. On Windows, Window Defender will intercept these things and scan them, which can add hundreds of milliseconds or even seconds of latency, depending on the size of the file.
This got better when Thunderbird moved from mbox to Maildir by default, but I don’t think it migrates automatically. If you have a 1 GB mbox file, Windows Defender will scan the whole thing before letting Thunderbird read on 1 KiB email from it. This caused pause times of 20-30 seconds in common operations. With Maildir, it will just scan individual emails. This can still be slow for things with big attachments, but it rarely causes stutters of more than a second.
Thunderbird was originally a refactoring of Mozilla Mail and News into a stand-alone app. Mozilla Mail and Newsgroups was the open-source version of Netscape Mail and Newsgroups (both ran in the same process as the browser, so a browser crash took out your mail app, and browser crashes happened a few times a day back then). Netscape Mail and Newsgroups was released in 1995.
It ran on Windows 3.11, Windows 95, Classic MacOS, and a handful of *NIX systems. Threading models were not present on all of them, and did not have the same semantics on the ones that did. Doing I/O on the UI thread wasn’t a thing, doing I/O and UI work on the one thread in the program was.
It’s been refactored a lot since those days, but there’s still a lot of legacy code. Next year, the codebase will be 30 years old.
I really agree. I’m a big fan of K-9 Mail and hearing that Thunderbird was taking it over did not sound like good news at all.
I’ll disagree with one of your points though – deleting an email happens instantly and usually by accident. Hitting undo and waiting for there to be any sign in the UI that it heard you, now that takes forever.
Just in case anyone had any doubts about the future direction of Redis, Mirko Ortensi has helpfully cleared it all up :)
Taking a week of leave at the same time as my wife - something we’ve not been able to do for some time.
I spent this evening at Cub Scouts, then sketching (still catching up on Inktober).
Not exactly an answer to your question, but: at $DAYJOB we don’t do this, and having experienced many production environments that do, in a variety of roles (from “keeping it running” to “explaining to the exec team why it’s hard to keep running”) I’m very happy we don’t.
valid, thank you :)
What we do is bake base images weekly; then at deployment time, bake a fresh AMI from the base image + the branch we want to deploy. That then gets deployed to one or more EC2 instances in an ASG.
Very straightforward tooling; was set up by one of my colleagues a few years ago. Easy to learn, easy to understand, and easy to modify. Far less complex than say K8s; it’s basically just some shell scripts that invoke the AWS CLI as required.
Baking an AMI is nice because deployment of brand new infra is fast.
Curious, though. What runs your applications? What exactly happens when the box boots?
Super cool! Another FreeBSD laptop user here - i3 rather than KDE, though. Good to see FreeBSD getting more visibility.
another one: https://mro.name/FreeBSD-XFCE/ here :-)
I don’t even call MS-DOS an “operating system”, despite the name. By modern standards, it’s barely a bootloader. That, and calling it an OS detracts from the functionality of Windows 3.x/9x, even deluding people into insisting they’re not “operating systems” in the first place, but just shells over MS-DOS. Despite them have everything you’d consider a modern OS to have, like an API, scheduler, memory manager and device manager/driver model. By the time Windows ME came out, MS-DOS was literally just a bootloader, you couldn’t even interact with it anymore. And now it’s been replaced with NTLDR, which is probably significantly more sophisticated and featureful than MS-DOS, and is still just a bootloader. Hell, UEFI itself is more sophisticated than MS-DOS.
Not exactly a DOS fanatic here (started using Linux in 1995). But I think that’s unfair. Even fairly early versions of DOS featured a lot of what you’d expect in an operating system for hardware as basic as the IBM 5150. E.g. …
Later versions included disk compression, screen editor, “modern” BASIC, games, defrag tool, etc.
UEFI also isn’t a bootloader. It’s an execution environment rather similar to MS-DOS in that it doesn’t provide process management or multitasking but it can load executables and provides an API to them to abstract the hardware layer away and a UEFI application can give the control back to the UEFI. Many applications running under the UEFI environment are bootloaders but there are UEFI shells and it’s possible to write all kinds of applications for it, like a solitaire or a VisiCalc-like spreadsheet
Actual bootloaders like GRUB or NTLDR don’t provide anything of that sort, only functionality for loading other programs and irreversibly giving them full control of the machine.
Yes, but it’s not an operating system either.
A good question is: how many people use UEFI as the primary mechanism to manage their PC?
DOS? Millions of people did.
UEFI: Zero, as far as I’m aware.
MS-DOS did have some of those things though. It had an “API” that was invoked through interrupt 21h. You could interact with other devices through other interrupt vectors.
Microsoft sold Windows as an operating system on top of an operating system, sure enough (there are ads with that messaging for Windows 3.1)
Still, there’s that period from 1981 to 1985 where there was no Windows. What did people do with their OS-less PCs in those 4 years?
“[MS-DOS]’s been replaced with NTLDR” is somewhat ahistoric: NTLDR existed in parallel to MS-DOS-as-a-distinct-product (WinNT 3.1 came out in July 1993, MS-DOS 6.22 in April 1994), while the Windows3.x-line-to-WindowsNT-line transition was a complete OS swap underneath, even if Microsoft did a very good job of making that implementation detail disappear from the regular user.
There have been drivers for DOS that were a must-have to operate certain hardware, and Windows 95-ME knew to fall back to those real-mode drivers in the right moment, something that wasn’t really possible to retrofit into WinNT.
Only when there was sufficient Windows-level driver software out there that was more easily ported between Win9x and WinNT (and when that old MS-DOS-only hardware aged out of the pool of widely used stuff) Microsoft dared to move away from the bare-metal MS-DOS support that 95-ME offered (“regular” MS DOS applications were never a problem due to NTVDM.)
As for sophistication and feature sets, NTLDR is more featureful than MS-DOS’ boot sector (e.g. NTLDR loads the registry, it has to select the right kernel based on CPU properties, …) but that comes with the territory: All of computing becomes ever more sophisticated and featureful, for better or worse. But that seems like an apples-to-oranges comparison.
Holy shit I had no idea how traceroute worked under the hood.
I’m afraid I have come away with more, not less, respect for the tool having read the article. Not sure that was the author’s intent :)
Perhaps relevant: https://meta.stackexchange.com/questions/399619/our-partnership-with-openai/399767
Stack Exchange has changed a lot in the past few years. Much like Google it started out as a darling of the development community, and is now cheerfully burning all its goodwill on the pyre of AI.
Does anyone have any insight into this, & what latest is going on at VMWare after the acquisition? Is this a good thing for Fusion/Workstation users, or just the first step on a long road of gradual decay toward an eventual unsupported dusty death?
My suspicion is that Broadcom is winding down these products but have to maintain them for at least a few years yet due to existing support contracts. Someone in middle management thought it would improve the company’s image a little bit to release these for “free” while they are still supported.
(The company I work for has a lot of vSphere, which was already eye-wateringly expensive before VMware was purchased by private equity. Earlier this year when it came time to renew the support contracts, they literally tripled the price. Our company said, “no thanks,” and we are now running thousands of vSphere hosts and a bunch of vCenters with zero support while whole teams scramble to transition our services to a mix of OpenStack and Kubernetes.
“May you live in interesting times.”
I don’t know. Could be @icefox’s Tenth Law.
Oooh, what’s that?
https://lobste.rs/s/u3t4sg/xmpp_forgotten_gem_instant_messaging#c_rawvsq has it as
“@icefox’s Tenth Law: Never attribute to anything else what can be explained by embrace-extend-extinguish.”
https://lobste.rs/s/u3t4sg/xmpp_forgotten_gem_instant_messaging#c_rawvsq
It’s something I named in this other thread:
https://lobste.rs/s/4ll6vo/vmware_fusion_workstation_now_free_for#c_zfwmi4
(I may have been wrong about it that time.)
I’m not a heavy user of either product but Broadcom previously added some kind of non-commercial license for both that was useful for me for playing with retro operating systems and checking/improving various FreeBSD emulated device drivers. From the casual perspective it seems like they are still working on both and it doesn’t seem like either were the main focus of VMWare before the acquisition so no perceptible change in terms of quality (which is merely acceptable).
It’s a little crazy this didn’t happen a long time ago, under VMWare, to try and keep some level of relevance to the underlying hypervisor and device model. People seem to think Broadcom is the only greedy company but VMWare was always a very greedy company.
Dunno whether the author is reading these replies, but in case you are: I’m reading this on a 27” monitor at a comfortable zoom level, and more than half of the vertical space is taken up by the AI slop image. Why? It’s an immediate turn-off for what is otherwise a fun article.
Don’t wish to be annoying, but would you mind inlining those twitter images and content? When I tried to view them, I got authwalled.
Fwiw, I don’t know that the author is with us.
RIP
If he’s not with us, he’s against us!
🙃
Was expecting the obligatory shitpost, and there it is elsewhere in the comments (I’m not referring to the CVE itself).
Yes, safer languages are better. Yes, it’s desirable to rewrite / port to them from C. No, C is not a good language to target in 2024, for most purposes (/me eyes his Amstrad CPC in the corner).
However I don’t think the C shitposts add much value.
How much effort would it take to:
I believe this would be a project of comparable scale to Wayland, and that’s taken 16 years and still isn’t a complete replacement for many folks, despite several vendor attempts to serve it raw.
That’s not a criticism of Wayland: my point is that software takes time (and thus money; either sponsorship or donated time with associated opportunity costs). Lots of it. From 23 years ago:
https://www.joelonsoftware.com/2001/07/21/good-software-takes-ten-years-get-used-to-it/
I’m a big Rust advocate, but… we already solved this particular problem many years ago when we realized that the X server has a large attack surface, by not running it as root. Most native-Xorg systems should be running without root these days, and every Wayland system runs XWayland as non-root. The X protocol doesn’t have any privilege separation, so if you’re trying to fully containerize X11 applications you already need to run a dedicated XWayland instance in the container to lock down its privileges anyway… which makes this whole thing basically irrelevant.
The X.Org server is practically unmaintained outside of XWayland, so I don’t think we should be spending any time worrying about real or potential CVEs which don’t affect systems that already implement the X11 protocol securely.
It’s been a long time since I’ve looked inside X.org but I have a very strong feeling that, especially due to its age, it’s going to have a lot of patterns inside it that are both correct and not-borrow-checker-compatible. One of my personal rules for “porting” is that there’s two modes:
The only way, in my experience, that you can do a successful port is by very rigidly keeping everything as architecturally similar as possible and with feature parity. Second system effect is too strong and there’s a huge risk that you end up with a new piece of software that implements half of the old system, plus some new stuff, but doesn’t actually fully replace the original.
You didn’t say Rust, but I’m sure people are thinking it. My speculation (informed with having worked with multi-decade-old code many times) is that there would have to be either a massive re-architecture effort or vast swaths of
unsafecode to move Xorg to Rust. And I’m also going to speculate that Xorg doesn’t have a formal test suite; even if it does, Hyrum’s Law applies here: every observable behaviour of Xorg is now “part of the API” that userland software somewhere is going to be relying on. If the rewritten version isn’t a drop-in replacement, there’s going to be enough users complaining about things being broken that there’s going to be a serious traction issue. Some of the code that talks to Xorg is going to be 30+ years old and while it won’t have a huge userbase… there’ll be enough for it to be a huge problem.For my taste, you’ve just expressed precisely why it’s both obtuse and irrational (ie borderline trolling) to post little quips about x.org being implemented in the “wrong” programming language.
I think we all agree what ‘correct’ means. If the code is correct, how come it has a vulnerability? I’d posit that it is in fact not correct. It might be possible to make it correct. We have tools to help with that.
The borrow checker is just one tool people can use to improve software quality. Another is to e.g. use fuzz testing or use program extraction from a proof assistant. Why not just qualify the label ‘correct’ then? There is a difference between suspecting a program correct, and having proven it.
Allowing the term is equivalent to accepting a proof sketch as a proof. We should have a higher standards by now.
Very fair. The point I was going for is that code can be correct while also behaving in a way that’s incompatible with e.g. Rust’s borrow checker. The borrow checker with the “many read XOR one mutable” rule is one approach for guaranteeing correctness but isn’t strictly the only way.
Yup that’s exactly what I meant by “ensure the safety features of that language worked in the face of any weird shit the old protocols and implementations might be doing”.
I should have made the implication clear: I believe there’d be a lot of such weirdness in that old and complex a codebase.
Yup :) Very deliberately so :) There are enough flamewars over that topic that I thought I’d keep it technology-neutral.
On the topic of “how much effort would it take to X”, I think a good joke here is that it might be possible that more effort has been put into writing apologetics for memory unsafety than solutions for memory unsafety!
Seriously though, how about we all just come clean and admit that the vast majority of open source work is done on an unpaid volunteer basis which by necessity of the global economy under which we all live, will only ever have an incredibly small amount of energy put into it at all, and so no matter what engineering task you’re talking about if it is non trivial it will probably take at least half a decade longer to complete than if it was developed professionally, with adequate resources and all that.
The Morello system under my desk isn’t running X.org, it’s running the KDE Wayland server, but the quantity of C code is similar. The entire graphics stack, from the in-kernel drivers, through the userspace ones and the display server, to userspace GUI apps, are all memory safe. A bug of this nature would crash the display server but would not trigger privilege elevation.
The only reason that this isn’t mainstream is that CPU vendors are not seeing demand. Arm would move their post-Morello architecture to final if one major partner demanded it. With zero rewrites, we could eliminate these vulnerabilities in one upgrade cycle if the industry chose to, with existing proven technology.
Rewriting in a safe language is a much larger project than Wayland. Some Wayland compositors are written in memory-safe languages but Wayland reuses a lot of code from X.org. A lot of the low-level bits of the graphics stack are shared.
Oh! That’s news to me. I thought one of the driving factors behind Wayland was that the X.org code was a PITA to maintain.
I suspect that was largely a retroactive justifications, but the places it’s true were typically higher up the graphics stack. All of the KMS / DRI code, for example, is shared.
Was this in response to a different post, perhaps one that was merged and deleted? It now appears as a reply to the CVE story itself, and I’m scratching my head at the term “shitpost” being applied here.
Not exactly a reply, more of a commentary on that kind of reply. Have edited to clarify, thanks for the question.
Sorry for that. For the record I meant “obligatory” as in “yes, Xe has posted about this one too”, but I see that it could be read in a serious manner. I agree with you that it would not be desirable to rewrite the X server in a safe language; I just thought it was funny in the moment.
When I post Gemini content here, I do so through a Web proxy link.
Making some tweaks to my home office setup.
My desktop now runs FreeBSD as a daily driver, courtesy a powerline ethernet adaptor (I will get around to hauling cat-6 through the house at some point), and a used Intel Pro/1000 NIC that “just works” on FreeBSD.
So, I’m setting up a vm-bhyve VM for $DAY_JOB so I can run Linux-specific stuff under FreeBSD. Then I can finally switch back to FreeBSD as a daily driver, leaving Linux (Linux Mint, specifically) for media and gaming.
the headline is a lie if you read to the last paragraph:
Indeed. I am told – life is too short to verify – that if you remove all the “modern” apps from Win11, it fails to boot or at least fails to get to the desktop.
Whereas I took a brutal approach to my own relic Win10 builds: I use a Powershell command to remove all the modern apps. Windows Store and all.
(I only keep it around for things like BIOS upgrades on non-UEFI machines, rooting Android devices and so on. I don’t much care if I nuke it.)
The only thing that failed was the “Windows Hello” fingerprint sign-on. Everything else is totally unaffected, AFAICS.
Although taskbar and most of user session UI is still hosted by explorer.exe, the actual applets (Start, Search, Quick Settings, notifications, tray etc) has been rewritten as modern packages and run in separate processes.
You can find them in Windows\SystemApps. Removing them will break your system.
Dear gods. No wonder it can suck bowling balls through lead water pipes.
Thanks for the info!
Yet more reason to work out how to crack Win10 IoT edition… ;-)
WONTFIX: BYDESIGN
Yes, I reckon so.
Windows 11 really is product development in action:
Windows ME
OK, so, nobody wanted this, but we’ve cobbled together another release from bits of Windows 98SE and bits of Windows 2000, and it will confuse customers like hell, but some will buy it by mistake!
Hey, that worked, let’s do it again.
Windows Vista
Right, so, Longhorn didn’t work, so what we’ll do is, we’ll do a knock off of Quartz Extreme and slap it on the Server 2003 kernel, and we’ll put widgets on it!
Wow. They really hated that, but they bought it. Suckers.
Windows 8
OK, listen, what we’ll do is rip out the most famous UI in the business, and slap a tablet interface on it! They’ll love it!
Windows 8.1
Hurrah! 10 million units! OK, OK, update it but put the Start button back, but bolt it to the tablet launcher!
Wow. 100 million units. Awesome.
Windows 11
So… inhales deeply… let’s put widgets like everywhere man and we’ll do ’em in that C# shit that weird Danish dude invented!
One slight advantage of car / cdr is that they compose tersely; otherwise cadr would have to be head-of-tail-of, or something. Likewise cddr would be tail-of-tail-of-tail-of. It’d get silly quickly.
Maybe it could be improved by better abbreviations? So instead of cddr, ttt? And instead of cadr, ht? You’d probably want a prefix, and to implement with a macro … so maybe #cttt or #cht? Doesn’t seem much more readable than cddr or cadr.
If you find yourself cadr/cddring then you should instead use whatever pattern matcher is available in whatever lisp you are using. Much clearer that way.
Rust has
.map(|(car, _)| car), but this needs so many shift presses that I’m seriously considering making a.car()helper method for it.But why not call it
left?Is there a reason
my_tuple.0ormy_tuple.1wouldn’t work?Clojure solves this with threading macros:
(-> coll next next next first)But clojure also hasdrop:(first (drop 3 coll))There’s no need to compose car/cdr if you can build sequence functions.maybe
second? (assumingfirst/restinstead ofcar/cdrorhead/tail)The more time went by, the more I realised that this state of mind was particularly toxic and ultimately disrespectful of the real needs of the people around us.
I’m using the word ‘we’ here because obviously, I also had this approach at the time (admittedly, a few years later, being a bit younger), but I’m a bit ashamed of the approach I had at the time and today I have a deep rejection for this way of behaving towards a public who often use IT tools for specific needs and who shouldn’t become dependent on a certain type of IT support that isn’t necessarily available elsewhere.
Who are we to put so much pressure on people to change almost their entire digital environment? Even more so at a time when tools were not as widely available online as they are today.
In short, I’m quite fascinated by those who* are proud to have done this at the time, and still are today, even in the name of ‘liberating’ (often in spite of themselves) users who don’t really understand the ins and outs of such a migration.
[*] To be clear, I’m not convinced, given the tone of the blogpost, that the author of this blog post does!
Can we please stop throwing around the word “toxic” for things are totally normal human interactions. Nobody is obliged to do free work for a product they neither bought themselves nor use nor like.
The “or never talk to me about your computer anymore” if you don’t run it the way I tell you to part, is, IMO, not normal or nice. I’m not sure I’d have called it toxic, but I’d have called it unpleasant and insensitive.
Of course nobody is obliged to do free work for a product they don’t purchase, use or like. That’s normal. But you can express sympathy to your friends and family who are struggling with a choice they made for reasons that seemed good or necessary to them, even if you don’t agree that it was a good choice. It’s normal listen to them talk about their challenges, etc., without needing to solve them yourself. You can even gently remind them that if they did things a different way, you could help but that you don’t understand their system choice well enough to help them meet their goals with it.
The problem is telling a friend or loved one not to talk to you about their struggles. Declining to work on a system you don’t purchase, use or like, is of course normal and not a problem.
I’ve used Linux on my own machines exclusively since 1999, and when I get asked to deal with computer problems (that aren’t related to hardware, networking or “basic computer literacy” skills) I can’t help with, I’ll usually say something along the lines of “you know, you actually probably know more about running a Windows machine than I do” - which doesn’t usually get interpreted as uncaring or insulting, and is also generally true.
If you buy a car that needs constant repairs you get rid of it and buy something else that does not require it. There is no need to sit with family/friends and discuss their emotianal journey working with a Windows computer. it is a thing. If it is broken have it repaired or buy something else.
You might. Or you might think that even though you’ve had to fix door closing sensor on that minivan’s automatic door 6 times now, no other style of vehicle meets your family’s current needs, and while those sensors are known to be problematic across the entire industry, there’s not a better move for you right now. And the automatic door closing function is useful to you the 75+% of the time that it works.
And you still might vent to your friend who’s a car guy about how annoying the low quality of the sensor is, or about the high cost of getting it replaced each time it fails.
Your friend telling you “don’t talk to me about this unless you suck it up and get a truck instead” would be insensitive, unpleasant and might even be considered by some to be toxic.
It’s not an emotional journey. You’re not asking your friend to fix it. You’re venting. A normal response from the friend would be “yeah, it’s no fun to deal with that.” Or “I’d know how to fix that on a truck, but I have no idea about a minivan.”
–
edit to add: For those who aren’t familiar with modern minivans, they have error prone sensors on the rear doors that are intended to prevent them from closing on small fingers. To close the doors when those fail, it’s a cumbersome process that involves disabling the automatic door function from the driver’s area with the car started, then getting out and closing the door manually. It’s a pain, and if your sensor fails and your family is such that you use the rear seats regularly, you’ll fix it if you value your sanity.
“Tired of being an unpaid Microsoft support technician…” - no, it’s not venting.
As a sometimes erstwhile unpaid support technician, I vehemently disagree.
I fully admit that sometimes I stepped into that unpaid support technician role when I could have totally, in a kind, socially acceptable way, said “Wow, it’s miserable that your computer broke. You should talk to {people you bought it from}. I can tell you a lot about computing in general, but they’ll know a lot more about Windows than I would.”
And it would’ve been OK, because the people telling me about their problems were mostly venting, not really looking for a solution from me.
But as a problem solver, I’m conditioned to think that someone telling me about an issue is looking for a solution from me. That’s not so; it’s my bias and orientation toward fixing this kind of thing that makes me think so.
Thank you, you’ve put into much better words what I wanted to say than the adjective ‘toxic’, which was the only one I had to hand when I wanted to describe all this.
How on hell could it be considered as toxic to refuse to support something which is against your values, which requires you a lot of work, which is unpaid while still offering to provide a solution to the initial problem ?
All the people I’ve converted to Linux were really happy for at least several years (because, of course, I was not migrating someone without a lot of explanations and without studying their real needs).
The only people who had problem afterward were people who had another “unpaid microsoft technician” doing stuff behind my back. I mean I had been called by a old lady because her Linux was not working as she expected only to find out that one of her grand-children had deleted the Linux partition and did a whole new Windows XP install without any explanation.
I think there are three aspects to this:
First of all it is obviously your choice whether you want to give support for a system you don’t enjoy and may not have as much experience with. Especially when you could expect the vendors of that system to help, instead of you.
But the second part is how you express this: You are - after all - the expert getting asked about providing support. And so your answer might lead them down a route where they choose linux, even though it is a far worse experience for the requirements of the person asking for help.
The last point comes from the second: You have to accept that installing linux is for those people not something they can support on their own. If they couldn’t fix their windows problems, installing linux will at best keep it to the same level. Realistically they now have n+1 problems. And now they are 100% reliant upon you - the single linux expert they actually know for their distribution. And if you’re not there, they are royally fucked with getting their damn printer running again. Or their nVidia GPU freezing the browser. Or Teams not working as well with their camera. In another context you could say you secured your job. And if only because updates on windows are at least 100% happening, which is just not true on linux.
I have seen people with a similar attitude installing rolling releases for other people while disabling updates over more than 6 months, because they didn’t have the time to care about all the regular breakage. And yes that includes the browser.
And the harsh truth is that for many people that printer driver, MS Office, Teams + Zoom and Camera is the reason they have this computer in the first place. So accepting their needs can include “Sorry I am not able to help with that” while also accepting that even mentioning linux to them is a bad idea.
If I had that attitude towards my wife I would end up very principled and very single.
(Context: she is blind and needs to use Windows for work. I also have to use Windows for work)
I also agree with your interpretation a lot more but I doubt the author would mean that quite so literally.
Why on earth should the author be doing free tech support for people on an OS that they didn’t enjoy using?
Because it’s a nice thing to do for your family and friends and they’ll likely reciprocate if you need help with something different. Half of the time when I get a “tech support” call from my aunt or grandparents, it’s really just to provide reassurance with something and have a nice excuse to catch up.
Maybe we had different experiences.
Mine was of wasting hours trying to deal with issues with a commercial OS because, despite paying for it, support was nonexistent.
One example: Dell or Microsoft (unsure of the guilty party) pushed a driver update that enabled power saving on WiFi idle by default. That combined with a known bug on my MIL’s WiFi chipset, where it wouldn’t come out of power saving mode. End result was the symptom “the Internet stops working after a while but comes back if I reboot it”.
Guess how much support she got from the retailer who sold her the laptop? Zip, zero, zilch, nada.
You’re not doing free technical support for your relatives, really: you’re doing free technical support for Dell, and Microsoft, and $BIG_RETAILER.
When Windows 11 comes around (her laptop won’t support it) I’m going to upgrade the system to Mint like the rest of my family :) If I’m going to donate my time I’d rather it be to a good cause.
Yes, that was never my experience, and if it had been I would be inclined to agree with you. These days I hear more of “why did I run out of iCloud storage again” or “did this extortion spammer actually hack my email,” which I find less frustrating to answer :)
Yeah it doesn’t matter for generic tech support, in my experience, what OS they’re running.
It’s just the rabbit holes where it’s soul destroying.
Another example was my wife’s laptop. She was a Dell XPS fan for years, and ran Windows. Once again a bad driver got pushed, and her machine took to blue-screening every few minutes. We narrowed it down to the specific Dell driver update. Fixed it by installing Mint :)
Edit: … and she’s now a happy Ryzen Framework 13 user. First non-XPS she’s owned since 2007.
Ugh. It’s not “toxic” to inform people of your real-world limitations.
My brother-in-law is a very experienced mechanic. But there are certain car brands he won’t touch because he doesn’t have the knowledge, equipment, or parts suppliers needed to do any kind of non-trivial work on them. If you were looking at buying a 10-year-old BMW in good shape that just needs a bit of work to be road-worthy, he would say, “Sorry, I can’t help you with that, I just don’t work on those. But if you end up with a Lexus or Acura, maybe we could talk.” He knows from prior experience that ANY time spent working on a car he has no training on would likely either result in wasted time or painting himself into an expensive corner, and everyone involved getting frustrated.
Similarly, my kids would prefer to have Windows laptops, so that they could play all the video games their peers are playing. However, I just simply don’t know how to work on Windows. I don’t have the skills or tools. I haven’t touched Windows in 20 years and forgot most of what I knew back then. I don’t know how to install software (does it have an app store or other repository these days?), I don’t know how to do back ups, I don’t know how to keep their data safe, I don’t know how to fix a broken file system or shared library.
But I can do all of these things on Linux, so they have Linux laptops and get along just fine with them.
Edit: To color this, when I was in my 20’s, I tried very hard to be “the computer guy” to everyone I knew, figuring that it would open doors for me somehow. What happened instead was that I found myself spending large amounts of my own free time trying to fix virus-laden underpowered Celerons, and either getting nowhere, or breaking their systems further because they were already on the edge. Inevitably, the end result was strained (or broken) relationships. Now, when I do someone a favor, I make sure it is something that I know I can actually handle.
But he didn’t force anyone, he clearly says that if those people didn’t want his help, he could just leave it the way it was. To me that’s reasonable - you want my help, sure, but don’t make me do something I’m personally against. It’s like, while working in a restaurant, being asked to prepare meat dishes when being a vegetarian, except that my example is about work and his story is about helping someone, so there’s even less reason to do it against his own beliefs.
From my experience being an unpaid support technician for friends and family, that’s the only reasonably approach. I had multiple situations when people called me to fix the result of someone else’s “work” and expected me to do it for free. It doesn’t work that way. Either I do it for free on my own terms, or you pay me the market rate.
Some examples I remember offhand. In one instance, I tried to teach a person with a malware-infested Windows some basic security practices, created an unprivileged account, and told them how to run things as administrator if they needed to install programs and so on. A few weeks later I was called to find the computer malware-infested again, because they asked someone else to help and he told them that creating a separate administrator account was “nonsense” and gave the user account administrator rights. Well, either you trust me and live more or less malware-free or you trust that guy and live with malware.
In another instance, I installed Linux for someone and put quite some effort into setting things up the way the person wanted. Some time later, they wanted some game but called someone else instead of me to help install it (I almost certainly would be able to make it run in Wine). That someone wiped out all my work and installed Windows to install that game.
People expecting you to be their personal IT team for free just because you “know computers” is just as disrespectful. I don’t think it’s unfair to tell people “no if you want help with your windows system you need to pay someone who actually deals with such things”
This is looking at the things with the current context. Windows nowadays is much more secure and you can basically leave a Windows installation to a normal user and not expect it to explode or something.
However at the time Windows was still the kind of operational system that if you put it on internet without the proper updates, it would be instantly be infected by malware 1. Most users run with admin accounts and it was really easy to get a malware installed by installing a random program, because things like binaries signatures didn’t exist yet. There were also no anti-malware installed by default in Windows, so unless you had some third-party anti-malware installed your computer could quickly become infested with malware. And you couldn’t also just refresh your installation by clicking in one button, you would need to actually format and reinstall everything (that would be annoying because drivers were much less likely to be included in the installation media, so you would need to have another computer that had an internet connection since the freshly installed Windows wouldn’t have any way to connect to internet).
At that time, it would make much more sense to try to convince users to switch to Linux. I did this with my mom for example, switching her computer to Linux since most things she did was accessing the internet. Migrating her to use Linux reduced the amount of support I had to do from once a week to once a month (and instead of having to fix something, it would be in most cases just to update the system).
It should be added that if you helped someone once with his Windows computer, you were considered responsible of every single problem happening on that computer afterward.
In some cases, it was even very strong problem (I remember a computer which was infected by a malware that dialed a very expensive line all the time. That family had a completely crazy phone bill and they had no idea why. Let assure you that they were really happy with Linux for the next 3 or 4 years)
Very much that. It was never the user fault, even if you left the computer in pristine condition, if they had an issue in the same week it was your fault and you would need to fix that.
At the same time, however, it was also much more likely that you needed to deal with an application that would only run on windows, a file format that could only be roundtripped by such an application, a piece of hardware that only worked on windows (remember winmodems? scanners sucked, too, and many printers were windows GDI only), etc.
So convincing someone to use Linux was more likely to cause them a different kind of pain.
Today, most hardware works reasonably with Linux. Printers need to work with iPhones and iPads, and that moved them off the GDI specific things that made them hard to support under Linux. Modems are no longer a thing for most people’s PCs. Proton makes a great many current games work with Linux. Linux browsers are first class. And Linux software handles most common file formats, even in a round trip, very well. So while there’s less need to switch someone to Linux, they’re also less likely to suffer if you do.
That said, I got married in 2002. Right after I got married, I got sent on a contract 2500 miles away from home on a temporary basis. My wife uses computers for office software, calendar, email, web browsing and not much else. She’s a competent user, but not able to troubleshoot very deeply on her own. Since she was working a job she considered temporary (and not career-track) at home, she decided to travel for that contract with me, and we lived in corporate housing. Her home computer at the time was an iMac. It wasn’t practical to bring that and we didn’t want to ship it.
The only spare laptop I had to bring with us so she had something to use for web browsing and job hunting on the road didn’t have a current enough to be trustworthy windows license, so I installed Red Hat 7.3 (not enterprise!) on there for her. She didn’t have any trouble. She’d rather have had a Mac, but we couldn’t have reasonably afforded one at the time. It went fine, but I’d never have dared to try that with someone who didn’t live with me.
Yes, but it really depends on the kinda of user. I wouldn’t just recommend Linux unless I knew that every needs from the user would fit in Linux. For example, for my mom, we had broadhand Ethernet at the time, our printer worked better on Linux than Windows (thanks CUPS!), and the remaining of her tasks were basically done via web browser.
It also helped that she lived with me, for sure ;).
The author mentions that:
which is adjacent to the main thing that’s stopped me from spending any time with jj. I’m concerned that it’ll make interacting with people who aren’t using it (including future-me, if I decide I don’t like it very much) a challenge if it’s making things like shell prompts and editor integration act funny.
For those who have tried this out: Do git repositories that get used with jj by some people and just using plain ’ol git by others develop strange problems for either the jj users or the git users?
FWIW I used jj for many months at Oxide without telling anybody, and when I did tell folks over 10 of us adopted it :)
But also I have many years of experience building source control, specifically Sapling, and am generally a fan of the jj/sapling/hg workflows.
My initial reaction to “without telling anybody” was horror.
This was shortly followed by the dawning realisation that I use magit (an Emacs Git front-end) and it never occurred to me to mention that to any of the teams I’ve worked in (unless I was evangelising Emacs).
Because of course Magit is “just” a UI.
Now I’m thinking deeply about things and it’s not even nine o’clock in the morning.
Right, one way to look at Jujutsu is as a friendly frontend to Git with a coherent UX, similar to Magit.
Imoortantly, Jujutsu is not merely a frontend to Git. It is its own system with Git as one supported backend. Another one is Google’s internal Piper/CitC stuff they use in their google3 monorepo. The pluggable back ends mean that Jujutsu isn’t too closely tied to git specifics, which leads to a generally better design.
hmm, maybe I’ll be adventurous and use it for my open source work
In my experience, the interop is really flaweless. No conflicts at all between people using jj and people using git, it’s really transparent.
You can in some cases make your local copy act weird when colocating and manipulating the repo with both tools at the same time in conflicting ways. The general advice is to use jj for manipulating the repo, and git for read-only operations/integrations that aren’t yet supported by (or don’t support) jj.
But, really, don’t worry about interaction (including future you), it truly works perfectly.
As for the dangling HEAD commit noise, I added a
fish_jj_prompt(based on one found online at random) which takes precedence over myfish_git_promptwhen it succeeds, so I don’t have to suffer that any more.https://gist.github.com/hroi/d0dc0e95221af858ee129fd66251897e ?
For completeness, here’s my
fish_vcs_prompt— I just exported fish’s default (type fish_vcs_prompt), and then prependedfish_jj_prompt $argv orso it’ll tryjjfirst and leave it at that if it works.That’s awesome! I’ll give yours a shot.
That’s the one! I’ve added some
commands in my version since myjjis an alias which I want ignored for the prompt, ands/branches/bookmarks/since I’m on jj 0.22.So people you interact with via the same remote can do whatever with git and jj seems to just handle it in my experience.
The warnings about jj/git interop are mostly about certain git commands that write locally can confuse jj. For example, I did manage to get out of sync once by deleting a git remote with the
git remote removecommand where jj still thought the remote existed. In that case I just added the remote back with git then usedjj git remote remoteto resolve it.I am a around 30 years old, and here is something I don’t get: why do we care about the FSF? This is a sincere question that may help keep the discussion on topic. To me FSF already feels like a relic of a bygone time of CS and free software, and RMS embodies this “ancientness”. All of this is free software that can be forked, and RMS relevance is mostly linked to giving talks if I’m not mistaken. Why is so much focus put on getting the FSF to fire RMS? Why not let them both die down in their own little bubble? Fork the software, and stop attending RMS’s lectures. What am I missing?
You’ve missed the decade when it was really uncertain whether Free Software, or even Open Source, would exist beyond a fringe.
In the 80-90s all “home computers” were entirely proprietary closed-source systems. In the 90s and early 00s, Microsoft was incredibly dominant. Office + IE lock-in + winmodems made it nearly impossible not to use Windows. Competition didn’t matter, was unaffordable, and also proprietary anyway.
Microsoft was unashamedly aggressive, and busy spreading FUD. #1 software company in the world kept saying that exposing source code is dangerous, non-commercial software is made by shady amateurs, DRM is necessary for “trustworthy computing”. They even supported a Business Software Alliance that pretended to be anti-piracy agency, and incited police raids on Linux users under the premise that Linux is a useless junk with no purpose other than to illegally buy computers without paying OEM fees to Microsoft, and hide the real commercial software they must have stolen.
We’ve dodged a massive bullet, but that took a lot of advocacy. RMS/FSF have been influential in starting counter-movements. RMS has been proven right on software freedoms.
They’re irrelevant now because Microsoft has lost that battle, even though Free Software didn’t win.
Azure now running Linux feels surreal. Microsoft literally used to call Linux “cancer”.
OK, but why do we care about FSF now? Is FSF actually preventing women and minorities from participating in Free Software?
Yes, they are.
FSF is still a high profile organisation in FOSS, in charge of GPL and a few projects, plus they do show up in many places trough their campaigns.
Most importantly, FSF and RMS still having support and people defending them sends a warning signal that the larger community doesn’t take such issues seriously, and it’s a bigger problem than just a one creep.
Sorry but what? You are just listing some of your opinions about FSF. Can someone explain what concrete way FSF is preventing women and minorities from participating in Free Software that can’t just be attributed to the general abysmal representation rate of women and minorities in tech in general?
Azure runs Linux on Hyper-V, so on top of Windows!
I was surprised when I saw that (in VM boot logs) but I guess if there’s a single company where that might make sense it’s Microsoft.
Aside from questions of RMS’s influence, there’s a clear technical reason to pay attention to the governance of the FSF: thousands of projects give them the right to relicense anything that “GPLv2-or-later” or “GPLv3-or-later”.
Incidentally, I think for this reason, it’s the wrong strategic move to simply abandon the FSF. While it’s not the end-all-be-all, the ability to define a putative GPLv4 may come in handy some day, and it would be bad if that power fell into the wrong hands (even worse hands than Stallman’s).
In my opinion, the “or-later” licenses are foolish anyway*. You’re licensing your work under a license that could become literally anything in the future. And as we have seen time and time again, organizations can be captured and even entire cultural movements start working against their original agenda. Say against Stallman what you will, he was always steadfast in his dedication to actual user freedom, like a rock in the surf.
* Yes, I am aware that Linux is stuck with GPLv2.
What’s the problem with that? Say for example apple. They took FreeBSD because they could do just that while they could not under GPL. Personally I don’t care for apple and don’t use their products, but what exactly is the problem? They seem to be rather popular even amongst many free software authors. It it so bad that they did their thing?
I think the whole idea of forcing it to be free has more bizarreness to it. I don’t want to be exercising control of stuff I wrote if some company takes it and makes closed source changes for whatever purpose. I shared it. From that point on, it’s not mine anymore, as per definition of sharing.
Sure, and reasonably, protection against usurpation of intelectual property is something I would care. If I write something of value, I would want a company to claim they wrote it themselves. But using it and modifying it… Well I released it, shared it.
It’s a fair question. For the record, I am personally very close to coming to this same conclusion: that the FSF has lost so much credibility it’s probably irredeemable at this point, both for their refusal to condemn RMS’s behavior and for their myopic insistence that license is the thing that matters above all else when it comes to user freedom, which has led to situations like Google Chromium that technically qualifies as free software but has been a tremendous force towards consolidating monopoly power and eroding end-user freedom. All this while condemning projects like Debian just for shipping working wifi drivers.
I think the reason that a lot of people are hesitant to move on is that it feels like admitting defeat and saying that “open source” has won, and that the point of what we do is to make software that’s “more effective” (for whoever controls the software) rather than actually working towards a world that’s better for end users. As far as I’m aware there does not exist any other organized form of resistance. (with the possible exception of the FSFe which does condemn Stallman and just general has much more sensible priorities)
But I think you might be right in that the energy could be better spent building up some kind of post-FSF movement with an explicitly anti-capitalist foundation the likes of which the FSF was never bold enough to claim. A lot has happened since the 1980s, and the free-software-vs-open-source divide has always been sooooo subtle that it’s easy for naive programmers to think they’re the same thing.
On the other hand, I am not putting my own energy towards building such a movement, so for me to criticize what other people choose to put their energy into feels a bit hypocritical.
Who knows what the non-free wifi drivers are actually doing, though?
Personally, I prefer having working wifi over no wifi, but excluding non-free software is also a valid stance.
FWIW the non-free element of wifi drivers that FSF does not approve of is user-uploadable firmware. If the firmware would be stored locally on the wireless adapter and be inaccessible to the end user, the wifi driver would be free from FSF’s standpoint. Same if the functionality would be implemented in hardware. In all cases the question what the card is actually doing would apply in equal measure.
When you get to the low level stuff, the distinction between hardware and software becomes really blurry.
For those of us a bit older, it certainly felt like RMS’s views - and efforts to disseminate them - on free software were pretty important in kick-starting the open-source explosion in the late 90s. Obviously “open source” software has existed since the beginning of time, and was particularly prevalent in certain communities, particularly the original Unix world that sees its continuation in the modern BSD eco-system. However in the 80s and 90s the software that ordinary people were likely to encounter, as the use of and exposure to computing exploded, was all closed-source and commercial - mostly the DOS/Windows ecosystem. RMS’s free software advocacy along with Linux’s use of the GPL was a strong counterpoint to that, and the FSF/GNU project did contribute the libc and dev tools that turned Linux into a usable operating system.
Obviously, none of this forgives the way RMS appears to have behaved or the views he has stated (I’ve not delved very deeply into the accusations because of the ‘ick’ factor, but that certainly doesn’t mean I disbelieve them.) But perhaps it explains a bit why the subject feels important to those of us 40+ years old whereas it may well seem like an irrelevance, albeit a very grim one, to anyone younger.
Technically we are very nearly in a post-FSF/GNU world - we have musl, clang/llvm, many new dev tools, editors, and whole languages and ecosystems. A younger acquaintance on IRC wrote this evening, “.. and to be honest I think given that the FSF seems to be largely a cult of personality around RMS, it’s time to let it die” .. and while my initial reaction was to bristle a bit, I can’t help thinking he’s right. Such a shame its legacy is going to be tainted by one man and his enablers :(
Just wow. This bald statement is a testament to the past success of the FSF, that someone in their 30s can take the current success of free software for granted. (Not to imply that they did it all single-handedly, but you cannot deny the role that they played.)
The current success of Libre Software may stem from the (undeniable) work the FSF did, but it is no longer driven by the FSF. I acknowledge that the FSF did extremely important things from its founding until circa the early 2000s, but since then it has been a sad downhill decline towards irrelevance. Since #MeToo and what came out about RMS and his friends around then, it has also been a decline into active harm to the Libre Software community.
We have the SFC to advocate for software freedom. RYF has been incredibly infuriating for those of us who want to see the Libre Hardware movement flourish; it took two years to certify the Talos II board, and by the time it was certified it had lost most of its market relevance. They are putting resources into a campaign to get non-technical users to use GnuPG for their email without fixing any of its user experience issues - and they don’t even recommend cycling keys regularly, only suggesting to do it in the event of compromise. Taking the cake is their insistence on confusingly calling Thunderbird “Icedove” as a primary name and suggesting Thunderbird is somehow an alternative name.
I appreciate the FSF’s steadfast dedication to purity, but as Python famously encodes into
this, practicality beats purity. I stand against FSF’s requirement that libre operating systems necessarily must not allow users the option to install firmware as it prevents users from learning about the benefits of Libre Software without sacrificing Wi-Fi and in many cases graphics acceleration. I don’t think it’s right that the hardware requires firmware, but this is the world we live in, and if Bash can run on the Mac OS and the LGPL can exist, then users should have a freedom to use the hardware they are stuck with. This is why Adélie’s installer asks the user to make the choice themselves.Or, to make the counterpoint seen elsewhere in this thread, I can boot my Linux kernel system into a BSD-2-Clause OpenRC built against MIT musl libc and log in to my account to start using my Zsh shell session using either toybox or chimerautils for the POSIX command set, all built with NCSA/Apache-2.0 LLVM and Clang. The GNU Operating System plays no part in it.
And to be clear, I disagree with exactly none of your points. Nonetheless, I am old enough to remember when the goals of the FSF seemed utopian, to the point of being unmoored from reality. Somewhere along the line the world surpassed what they set out to do. (Perhaps they were unready for that.)
There were also a strong culture for sharing software, both free and unfree, on BBS-es, on copyparties, in the demoscene, in person and then on the internet, completely independent of the FSF. I feel that you might be giving them a bit too much credit. The culture for sharing code was already there.
Someone has to file amicus curiae briefs in the Federal appeals circuit courts and SCOTUS. The FSF (and others, like OSI) do that for cases related to software copyright. My understanding is that the FSF and related organizations are to FOSS what the ACLU and SPLC are to civil rights.
This goes beyond code, where you need humans to show up and argue with each other in person or in writing what words mean or how they should be interpreted. But ironically, that’s not the kind of belligerently ignorant trolling highlighted in this report.
I’m not going to claim to know much about it, but Software Freedom Law Center also exists and does this sort of work. As well as Conservancy.
This seems like something that could be verified empirically. Has anyone gathered data on how many briefs have come from each organization? I always think of the EFF when it comes to copyright cases. The FSF doesn’t even come to mind unless it’s specifically about the GPL.
When was the last time FSF actually did this?
There is this saying:
I feel your POV is from the “good times” stage.
I mean, why do we even need some ancient FSF if we have a good open source ecosystem, and we’re generally in good times to be a software developer?
Well, FSF is from the previous stage when they did not have that. And it’s because of the FSF, that stage can be called “previous”.
Like it or not, you’re benefitting greatly from what Stallman did.
That’s just an aphorism, it’s not some kind of objective statement of truth. It’s a self-fulfilling aphorism, you just need confirmation bias to apply it to the current era.
I didn’t include a rationalization for the aphorism; instead, I’ve used it to make a point. In other words, it’s not about the aphorism itself, but about the tendency to forget that times change. For example, if the entire population were to get vaccinated, future generations might doubt the necessity of vaccines because there would be no pathogens for the vaccines to combat (assuming vaccines work as inteded).
For better or worse FSF hosts some resources, technical and social, in use by the GNU project. And the latter has projects that are very important to keep going.
In my mind, the clearest case for the FSF is the definition of free software as a liberty, defined by the four freedoms (and by extension the freedom to help someone non-technical, by for example fixing a bug in some software upstream has abandoned).
As well as the argument that extends from it in favour of democracy; Free voting software, Free policing software, Free medical software, Free research and educational software and so on.
https://www.gnu.org/philosophy/free-sw.html#fs-definition
I don’t think I’ve ever cared bout the FSF. So I think that’s a fine way to move forward.
I am glad that this question is top voted and I applaud its neutral tone.
Disclamer: I’ve been an open source user for a quarter of a century and still run Linux on all my computers.
I like free software because it allows me to trust it more. The whole process allows for more transparency and even for people to fork the code and modify it. It feels safer and it lenda itself for software that is more focus on usefulness rather than all sorts of gimmicks to achieve marketing goals. Although there is a fair share of such gimmicks in the free software world too.
I would not only agree with your skepticism, I will also state that I personally already had a similar opinion to yours back in the mid 2000s. There was already a relic feeling to it and it already smelled of gatekeeping and silly void elitism.
So back in the day I red about the famous GPL licenses and why they were important (which they were) but then headed up to the web and it was all about “should this or that project be included in the gnu project?” Taken as a political matter. gatekeeping. Should we allow this guy to play with the cool kids? Do we let him speak in the mailing lists or do we moderate him to complete silence?
It always ringed wrong to me. It’s not so much about whatever policy they follow, but rather positioning themselves as some sorts of oficial leaders of free software, when the whole point should be allegedly that we don’t need to be subjected to such authority.
IIRC, netcat’s man page does take a jab at the whole thing saying free software licenses are non sense.
Personally it annoys me when I hack together a quick script and share it … it always comes some party pooper with some boring blab about which license I should release it under.
The FSF and RMS did play a central rolle in free software, which Stalman defining much of what it is. But we should leave it at that. At this point, things like GitHub, package registries, etc. are arguably of comparable if not even greater importance.
I do find this pattern in many free software projects that get popular and large. Often times some power hungry self-important group of people decides they should run the thing officially and start creating all this power structure, while hackers are under the impression that it was just a bunch of people hacking.
Isn’t this something that should be put to Stallman for response before using it to assassinate his character and the free software movement by association? Or does responsible journalism no longer exist? Like, there’s a difference with him being wrong about sexual activity’s impact on minors under 16 (the average age of consent around the world) versus him being a malicious pedophile intent on defending child sex abuse.
Thankfully you can find this addressed in the report, which also details his various apologies and how he has worked to undermine his own apologies over time. This is not something new coming out of nowhere that Stallman would respond to in a novel way, it is documentation of a very long pattern of behavior.
I feel like responses to Stallman usually don’t come with data, so the arguments and rebuttals and such turn into semantic warfare. This isn’t that sort of thing.
Journalistic ethics vary worldwide. Here in Europe, for example, I’m not aware that the right of reply is generally understood as requiring that the subject of a piece be allowed to see it and respond before publication. This may be different in English-speaking countries where the right of reply might not enjoy the same legal protection as here. In any case, the right of reply generally covers factual statements only (which would be the numerous quotations from Stallman’s blog, transcripts of his public appearances etc.) – in these cases, the editors have noted Stallman’s excuses, partial retractions, etc. where they exist. The rebuttal sections would not be covered by right of reply, since they are commentary and analysis. The factual sections are very well-cited with hyperlinks. There is very little that would be covered by a right of reply.
As for the accusation of a motive to ‘assassinate [the character of?] the free software movement’ – pointing out Stallman’s personal flaws of any kind really should not affect the free software movement in toto. Most of the people I’ve seen posting and sharing this are themselves free software activists. I have good reason to believe that the authors are free software programmers, users, and activists. This is not a psyop by … (I don’t know who the anti-free-software boogeyman is since Microsoft embraced FOSS, but whoever people are blaming for anti-free software propaganda now.) From all I can tell, those who authored and many of those agree with this report want, among other things, a free software movement whose reputation is less unfairly tied to the reputation of one man – a man whose reputation deserves to be called into question when he keeps doing things such as what is described in this report.
They really haven’t. Most (almost all?) Microsoft software is at least partially closed source, and much of it is entirely so.
Also, they supported OpenAI in creating derivative works of all Free Software on GitHub, which I hope will be ruled illegal in the near future.
It’s alarming watching so many hackers align behind Microsoft, since Google revealed their true colours.
Fool me once, etc.
These aren’t new allegations, and this isn’t the first time RMS’s conduct has been reported.
It’s merely a documentation of years of recurring problematic behavior, non-apologies, and FSF looking the other way.
They all had numerous chances to respond and correct these issues, and they didn’t. In 2019 the same reports about the same issues have flared up again, and even resulted in RMS being removed from the board… temporarily.
RMS and FSF have shown time after time that they’re not going to change.
There is no response needed, and even if there was one, there is no reason to believe any of it is genuine, and not yet another feigned concern, insincere apology, superficial change, and back to normal.
I didn’t get that sense, at all, from the document. Rather it contained a fairly simple proposal for the free software movement (in the form of the FSF) to eject Stallman based on his publicly stated opinions.
If there’s any character damage being done, it’ll be by the FSF to themselves, if they fail to act following this publication.
I do not think that “responsible journalism” requires informing subject of an article about its content beforehand. I would say more - in many cases, especially in investigative journalism about public people, it is something that will not be sent for approval/response beforehand.
It’s a little more subtle than that. See, for instance, this article from NPR about what kind of factors are taken into account when deciding how long to wait after a request for comment.
Reaching out for a comment isn’t a legal requirement under many (most?) jurisdictions but it’s usually good practice, especially in investigative journalism. However, it’s something where the journalist is expected to exercise their own judgement. There are some basic rules of thumb for when not to do it, too, like not calling someone for a comment on something they’ve already issued a public position on, or if you’re not publishing new material but just quoting things that are public knowledge by now and, literally, old news.
So why do journalists do it? There’s a lot of reasons, some editorial in nature, sometimes it Legal’s advice, but also, ultimately, just to be on the safe side, because:
When it’s done, it’s always done as a courtesy and in the form of a request for comment, though, there’s no “approval” there. As in, the journalist will call that person or their press representative, say hey, I’m X from Y, we’re going to publish a material that says such and such, would you care to comment on that. Asking for that material not to be published is a very big no-no.
I don’t know if what’s in the linked report warrants a request for comments because I just haven’t followed this thing closely enough in the past few years. I’m only mentioning this (sauce: used to work for a print publication like 20 years ago) because journalistic practices are easy to have opinions on, and maybe a quasi-insider perspective (I was young and never wrote anything of importance, but I worked with people who weren’t and covered real stuff), even if out-of-date, would be useful to someone.
Character assassination is all that comes to mind when i.e. the section on “Credible allegations of sexual misconduct” contains zero sexual activity, not even exposing himself to women which is what I expected to read. He emotionally pressured/bullied/coerced a woman to go on a date with him, disgusting and embarrassing behaviour, obviously wrong - but with nothing sexual, it’s not a great lead to the “sexual misconduct” section.
It would seem your definition of sexual misconduct requires lewd/severe acts, which is false. Sexual misconduct is a fairly wide range of offenses, including but not limited to sexual harassment and sexual coercion.
Attempting to frame it as requiring lewd acts only serves to dilute the voices of people on the receiving end of the harassment.
Perhaps I’m reading too much into your comment, but your expectation was that there should be a lewd act for the “sexual misconduct”.
You can split hairs all you want, unwanted advances by people in a position of power even without a mention of sex is still considered sexual harassment by most courts in the US(where the vast majority of the report is about).
Having a teen come on stage and make a joke about virginity isn’t only inappropriate for that person, it is also subjecting every one in the audience to the same treatment.
I agree with you. It’s sexual harassment to put a 13-year-old into a sexual context, regardless of their permission. It also makes everyone in the audience an unwitting accomplice, and he will point to their silence as approval.
We should bear in mind that the majority of the evidence that exists is not going to be available to us. The reports we have paint a picture of someone who attempted to exercise authority to gain a sexual favor in a few situations where they didn’t really have the authority. This suggests there were other times this tactic bore fruit, or he wouldn’t have kept trying.
You can’t assassinate someone’s character by correctly pointing out that he has, and continues to, defend pedophilia. All they are doing is expanding the context in which people evaluate the character’s output.
What would you expect to be the likely outcomes of being coerced into a dating someone?
They go on a date, it goes well or more likely doesn’t go well because of the circumstances, and grown adults make decisions. I don’t have the rizz to go back to mine for coffee after every first date, and would be surprised if Stallman did.
To cool off the descendant threads slightly, I would say that many stories of coercive relationships start with this kind of coercion. Whatever power differential someone can exploit to coerce someone into a date, they can also use to coerce other things, and claims from the victim against the aggressor become harder to prosecute because of the entanglement of the relationship. Abusive relationships are legal, in a sense, although the abuse isn’t, there is a coercive context that makes even reporting abuse difficult, let alone prosecuting it.
Back to the article, I wouldn’t assume that just because someone failed to coerce a couple people, they wouldn’t try again with others, especially when the time span is so wide between the two specific claims in the article. I would expect coercion in the beginning to be a prelude to more coercion later. RMS also spends a great deal of energy defending sexual aggression and trying to redefine what constitutes sexual coercion on his website. Taking these positions, while also having attempted to coerce people (even if it’s “just” dates or attempting pick-ups), is not a great combination.
To give an example less specific to this context, in many countries still today, marital rape is not considered a crime—and indeed, until 1993 it wasn’t a crime in all the United States.
I think this is the first time when I have to write something and preface it with a trigger warning. Hopefully I’m doing this right, I’m not entirely sure how this goes.
None of this is specifically about something in this report, this is just about your comment. I’d like to try to explain why you (and some of the people downthread) are getting stronger reactions than you think are warranted. I imagine, or at least I hope, that you think it’s being blown out of proportion simply from a lack of experience – as in hopefully you were never bullied into a date and if you ever went on a date that wasn’t good, it was just boring or something.
“Likely doesn’t go well because of the circumstances” is an euphemism that only covers the kind of awkward but harmless cringe of, say, a friend playing matchmaker and setting you up with someone who turns out to be a devout vegan and your idea of a cool first date begins with dinner at this new burger joint where the star of the menu is something called the Mega Smoked Bacon Four-Pounder And No We Didn’t Mean Quarter.
Being pressured into a date is not that kind of cringe. Especially not when one person is on an entirely different “level” than the other – not necessarily in terms of formal workplace hierarchy, social pressure works like that, too.
Saying “no” isn’t just a matter of whether you like that person or not, it’s also a matter of wondering if that’ll have any consequences over your work/study/circle of friends, and living with that choice for however long it takes. The teacher you’re turning down today, as a freshman, may teach a senior year class. The charismatic person you’re saying no to may not be in charge of your work but if they have management’s year, they might as well be.
You think turning down the date is the end of it but depending on circumstances it may not be, it’s the kind of thing that can have long-lasting consequences with the wrong person. And more generally, bullying someone into a date, even if they eventually stick by their refusal, isn’t fine for the same reason why bullying someone isn’t fine even if you don’t beat them up in the end.
Saying “yes” is even worse: it’s (hopefully just) an evening in which you’re constantly wondering at what point avoiding whatever you’re risking by saying “no” begins to not be worth the pain of saying “yes”, and then realising you’re basically doing risk-benefit analyses and trying to bargain with yourself. And as you do that, you also can’t help but wonder if the person who wouldn’t take no for an answer when they asked you out would take no for an answer when it comes to the rest of the date. What will they do if you don’t hold their hand? What if you won’t kiss them? What if you won’t say yes to another date?
Sometimes, when they’re young (edit: this part is specifically about the report, it’s about something that happened between people in their late teens/mid-twenties), people do this sort of stupid thing just because they don’t understand how hurtful it is – out of ignorance, or loneliness, or whatever, we’re all human. I get that, especially with “unwritten”, social rules; there was no abuse there, but as an awkward, nerdy teenager, I once dated one of the most popular girls in my high school, and I swear to God I didn’t understand anything going on around me, I just didn’t get how cool kids functioned. The entire human society gets that, it’s how we’ve come up with apologies – which can’t undo things, but they can at least re-establish some lost decency.
Also, sure, no amount of space policing will keep you safe from psychopaths, so developing a thick skin for these things is useful. But given the choice, why not be nice, instead of being someone’s villain origin story?
“More likely doesn’t go well” doesn’t even begin to capture how bad these things can be. Depending on circumstances, the rizz may not be what gets the other person back to yours for a coffee. (Edit:) I get that you’re not condoning coercion or sexual harassment; but a) you may not realise it but your comment sounds a lot like the kind of stuff people who do condone that say, so you’re getting flak for it, and b) when someone is coerced into a date, some of the decision-making ability that you think adults have is lost; that’s what makes it so awful.
I’m not sure what the correct flag type is for this comment, but are we really a community that welcomes comments that say that, when men bully women to try to get them to go on dates with them, women should simply acquiesce?
I’m sorry, but you seem to be reading something I didn’t say. I categorically do not believe women should acquiesce to bullying behaviour and I think it’s disgusting that Stallman did so. If you assumed as you say in another comment that I meant everything was fine because this woman went on the date, that’s on you - I didn’t imply that, I don’t think that, it wouldn’t justify the behaviour, and you should try to be more charitable when reading something you disagree with. I appreciate @linkdd reading my comment charitably, instead of making me out to be some insane misogynist monster.
How do you go from:
To:
At the point where I interjected, where the answer to ‘What would you expect to be the likely outcomes of being coerced into a dating someone?’ began with the words ‘They go on a date’.
The outcome of being coerced into dating someone comes after said date. So it feels logical that the answer begins with “They go on a date”. And the author also re-state their disapproval with “doesn’t go well because of the circumstances”.
The implication that everything would be alright (that the coercion/bullying would stop?) once they had been on a date once and the victim had made a ‘decision’ is another dangerously naïve aspect of the comment author’s premise.
Believing things like this is how people end up in long-term abusive relationships.
I may have interpreted the author’s comment differently. What I understood was: “this specific example did not seem to have led to anything worse than the bad thing it already was”
Thunderbird has one of the worst user experiences I’ve ever seen. It takes seconds to delete an email from my inbox, the UI thread hangs all the time, if I click on a notification, it makes a black window because the filter moved the email while the notification was up and they didn’t track it by its ID or some basic mistake like that. Every update the UI gets clunkier and slower. Searching has a weird UI and fails to find matches. I could go on and on, there are so many UX issues with this worthless software. I have no idea what’s going on over at Mozilla. I think the org just needs to be burned to the ground.
I use it as my daily driver for now, but I feel like I’m on a sinking ship surrounded by nothing but ocean.
I use K-9 on Android and it’s fine… the idea of transforming it into Thunderbird blows my mind.
I have an inbox with > 20k emails in it & deletions happen instantly in Thunderbird.
Likewise dialog boxes appear & disappear instantaneously.
Are you sure there isn’t something up with your system?
Yep, same boat. 100k+ emails, lots of filters, etc., it just works honestly. Thunderbird has only gotten better for me since Mozilla stopped supporting them.
Also for me. 157k mails, everything feels snappy.
I like it significantly better than any web client too, as those are usually pretty laggy.
OP, could it be slow hardware or no compaction?
Out of curiosity, are you using POP or IMAP? I imagine the performance characteristics would be very different, given their different network patterns.
IMAP.
I run Dovecot as an IMAP server on a Thinkpad which was first sold in 2010 with an SSD in it. I keep thinking I should change the hardware but it just keeps trucking & draws less than 10W so it never seems worth the effort.
Ah, IMAP, but on the local network? That’s likely to be much faster than IMAP over the internet, which I think is a very common use case.
It’s stuck behind a 100Mbit ethernet connection (for power saving reasons) which is roughly equivalent to my Internet connection but the latency is probably lower than it would be to an IMAP server on the wider Internet.
Having exclusive use of all that SSD bandwidth probably helps too of course.
Branding is a powerful concept. You think Outlook on iOS or Android shares anything with the desktop app? Nope, it’s also a rebranded M&A. It is kind of funny the same happened with Thunderbird.
Which leads to funny things where Outlook for mobile gets features before the desktop version (unified inbox and being able to see the sender’s email address as well as their name come to mind).
Wait what?
Be thankful if you’ve never had to use desktop Outlook…
I don’t have it in front of me to double check but yeah the message UI is weird. It shows their name and if you hover over it then it pops up a little contact card that also doesn’t show the actual email address. IIRC hitting reply helps because it’s visible in the compose email UI.
i thought the idea in Mozilla’s head would be more like “okay we have this really good base for an email app (k-9), lets support it, and add our branding to it and ship it as Thunderbird “
I think it’s more like “K-9, now known as Thunderbird”
Are you on Windows, by any chance?
Thunderbird does a lot of disk I/O on the main thread. On most platforms, this responds in, at most, one disk seek time (<10ms even for spinning rust, much less for SSDs, even less for things in the disk cache) so typically doesn’t hurt responsiveness. On Windows, Window Defender will intercept these things and scan them, which can add hundreds of milliseconds or even seconds of latency, depending on the size of the file.
This got better when Thunderbird moved from mbox to Maildir by default, but I don’t think it migrates automatically. If you have a 1 GB mbox file, Windows Defender will scan the whole thing before letting Thunderbird read on 1 KiB email from it. This caused pause times of 20-30 seconds in common operations. With Maildir, it will just scan individual emails. This can still be slow for things with big attachments, but it rarely causes stutters of more than a second.
It happens on any platform as long as you have enough mail. IDK why we still have GUI apps in $CURRENTYEAR doing work on the UI thread.
Thunderbird was originally a refactoring of Mozilla Mail and News into a stand-alone app. Mozilla Mail and Newsgroups was the open-source version of Netscape Mail and Newsgroups (both ran in the same process as the browser, so a browser crash took out your mail app, and browser crashes happened a few times a day back then). Netscape Mail and Newsgroups was released in 1995.
It ran on Windows 3.11, Windows 95, Classic MacOS, and a handful of *NIX systems. Threading models were not present on all of them, and did not have the same semantics on the ones that did. Doing I/O on the UI thread wasn’t a thing, doing I/O and UI work on the one thread in the program was.
It’s been refactored a lot since those days, but there’s still a lot of legacy code. Next year, the codebase will be 30 years old.
No, I’m on KDE. I also experienced this behavior on XFCE.
I really agree. I’m a big fan of K-9 Mail and hearing that Thunderbird was taking it over did not sound like good news at all.
I’ll disagree with one of your points though – deleting an email happens instantly and usually by accident. Hitting undo and waiting for there to be any sign in the UI that it heard you, now that takes forever.