Follow

I love that it's 2021 and Ubuntu still can't handle my USB mouse reliably. It's not like this hasn't been a solved issue for decades.

· · Web · 1 · 0 · 0

@roadriverrail I'll die happy when debian can hibernate and wake up consistently on my thinkpad 😅

@tangent I still explicitly suspend my Thinkpad every time just to be sure. That reminds me. You might enjoy reading this.
drewdevault.com/2021/10/17/Rel

@roadriverrail This is definitely a subject that I think about pretty often. The Unix philosophy of "doing one thing well" is so often ignored in favor of chasing the promises made by the next shiny new toy (especially in web development)

@tangent Indeed, it's probably worst in the web world, and especially the web frontend world, but it's crazy how I've seen this start to creep into basic tools and systems programming, fueled mostly by seemingly limitless RAM and storage. CLI tools that are 100 MB statically linked binaries. Python scripts that throw out all of termcap and are broken on most terminals. Etc.

@roadriverrail Maybe software development is like art (well, of course it is, but maybe this is another element of it) where having constraints breeds creativity and encourages hard work. Once there are no limits it's just too easy to slack-off and make a messy pile of junk.

@tangent Maybe, but I also think that we've made a cultural fetish out of maximizing developer comfort and minimizing the friction to distribute software, to the point that the horribly insecure and obviously risible "curl and bash" has become a common software installation method.

@roadriverrail That's exactly how I feel about the JavaScript development practices (in the node.js world) of running something like "npm install" to download piles of dependencies, which disturbingly frequently are compromised, like last week. It's very easy, and for a hobby project it's probably no problem, but it has become a part of professional deployment practices, which simply boggles the mind.

@tangent Indeed, there was that famous "padleft incident" that uncovered the vast frailty of the system. This has trickled down to system software, too, thanks to the static linkage you see in Go and Rust. Of course, this means devs can lock in their dependencies, but it also means they can lock in vulnerable or buggy dependencies. The responsibility for a safe system decentralizes to the point that a simple distro update no longer suffices.

@roadriverrail I have to say, that while I am dismayed that this became the norm in web development, I'm shocked that it has crept into systems development too. From my mile-high perspective I thought your side of the fence had the more responsible practices. I'll never forget the time my embedded systems professor told us that "you don't want to be the dev responsible for hitting the General in the back of the head with the tank barrel because your system hiccuped during the demo" 🙄

@tangent Conversely, though, memory leaks are meaningless on a missile as long as you have enough memory to outlast the travel time of the missile.

@roadriverrail That made me laugh a lot more than it should have 😆 Oh how I've missed chatting with you

@tangent In all seriousness, kernels and MCU firmware aren't too subject to bad practices, but Go and Rust both have a dev ecosystem where dependencies are downloaded, built in place, and statically linked, so they both have the "npm problem", with the twist that any bombs in a dependency are baked into a finished binary forever.

@tangent And most Go and Rust devs have to update their compilers out of band of their distros because the languages "evolve" that fast. Rust has historically resisted having a stable ABI or a language specification, too. This is all about choosing "speed" and short-term developer comfort over everything else.

@roadriverrail For all my fandom of Rust, that's actually a really serious counterpoint against it.

I guess this actually is a point in _favor_ of developers who suffer the Not Invented Here syndrome, at least they understand what's being included.

Although I think what this really makes me want to see is a more robust standard library and/or dependencies being produced by organizations (a la Red Hat) that have some accountability and can sign the releases.

@tangent Make no bones about it-- I think Rust either is the future or indicates it. The type system is a bolt from above. It's reached a point where I'd consider a bare metal project on it as an exploratory thing. But I find much of the culture surrounding Rust to be a problem, and it trickles down in terms an unstable, unspecified language, lack of ABI stability (that, I think, is improving), the static linkage, cargo build system, and "rewrite it in Rust" sloganism.

Sign in to participate in the conversation
Signs & Codes

Signs & Codes is a private Mastodon instance built around a community of friends.