@New_scientist@feeds.twtxt.net It’s insane that a single botched software update can have worldwide impact. We’ve messed up badly.

Windows computers around the world are failing in a major outage
An update to a piece of software called CrowdStrike Falcon Sensor appears to be negatively impacting Windows computers worldwide, with banks, airports, broadcasters and more finding that devices display a “blue screen of death” instead of booting up ⌘ Read more

Regarding complexity budget, slow software, all that:

Very few people do take pride in building simple, elegant, high-quality systems, do they? Why is that? Why are huge shiny things with tons of features more attractive? 🤔

I never explicitly thought about this, to be honest. It was only at the back of my head. And I never tried to teach our younger “students” at work: “Hey, it’s a great achievement to build something simple and elegant. That’s something to be proud of!”

Worse, simple software is often described as “boring”. Yes, in a way, it is boring, because your brain doesn’t have to get into overdrive to understand it. But that’s exactly the point. And it’s hard to achieve that! Simple software isn’t just “fewer lines of code”, you have to be pretty clever to solve a problem in a simple and elegant way. So it’s something to be proud of.

Could this be an intuitive, emotional way to get more people on board the “simple software”-train? 🤔

I’ve been thinking about a new term I’ve come across whilst reading a book. It’s called “Complexity Budget” and I think it has relevant in lots of difficult fields. I specifically think it has a lot of relevant in the Software Industry and organizations in this field. When doing further research on this concept, I was only able find talks on complexity budget in the context of medical care, especially phychiratistic care. In this talk it was describe as, complexity:

• Complexity is confusing
  
• Complexity is costly
  
• Complexity kills
  

When we think of “complexity” in terms of software and software development, we have a sort-of intuitive about this right? We know when software has become too complex. We know when an organization has grown in complexity, or even a system. So we have a good intuition of the concept already.

My question to y’all is; how can we concretely think about “Complexity Budget” and define it in terms that can be leveraged and used to control the complexity of software dns ystems?

I’m starting to embrace containers on my PC for software I want to use once without littering my home folder with junk files. It’s nice.

Software Testing Day
⌘ Read more

I’m not a software guy

QOTD: What do you host on your home server? How do you host it? Are you using containers? VMs? Did you install any management interface or do you just SSH in? What OS does it run?

Mine runs Arch (btw) and hosts a handful of things using Docker. Adguard Home, http://mckinley2nxomherwpsff5w37zrl6fqetvlfayk2qjnenifxmw5i4wyd.onion/, and some other things. NFS, Flexo, and Wireguard (peer and bounce server in my personal network) are outside Docker. I have a hotkey in my window manager that spawns a terminal on my server using SSH. It makes things very easy and I highly recommend it.

I am thinking about replacing Docker with Podman because the Common Wisdom seems to say it’s better. I don’t really know if it is or isn’t.

Also, how much of your personal infrastructure is on IPv6? I think all the software I use supports both, but I’ve mostly been using IPv4 because it’s easier to remember the addresses. I’ve been working for the last couple days on making it IPv6-only.

I finally found the NASM assembler.

https://nasm.us/index.php

I had heard that name before, many times, but somehow never looked into it. Weird. 🤨🤔

This is the kind of program I was looking for.

1. It is free software. Especially in the DOS ecosystem, free/libre software is a very scarce resource.
   
2. It’s a small command line program, not a huge behemoth.
   
3. Documentation appears to be well written.
   
4. It can even cross-compile DOS binaries from Linux.

I noticed that some of my software projects have a rather long lifetime, so I made a little graph:

https://www.uninformativ.de/git/timeline.png

when writing a new tool/software, write doc first, explaining how it works. Then, actually writing the code is much easier :)

Lo que aprendí mientras estaba en burn out. (Contado por un Software Engineer)
https://medium.com/@erikalmaraz_/lo-que-aprend%C3%AD-mientras-estaba-en-burn-out-contado-por-un-software-engineer-78b2eb4deda5

https://github.com/pchagas72/suckless-software

With all M$’s apps being basically fancy web apps, there is no need to actually install any of their legacy applications locally anymore. Since I am online basically 100% of the time this turns my Office experience in a Chromebook like one. No installs, never outdated software. Just a yearly subscription contribution to worry about.

Plex Users Fear New Feature Will Leak Porn Habits To Their Friends and Family
Many Plex users were alarmed when they got a “week in review” email last week that showed them what they and their friends had watched on the popular media server software. From a report: Some users are saying that their friends’ softcore porn habits are being revealed to them with the feature, while others are horrified … ⌘ Read more

@movq@www.uninformativ.de Thanks for reaching out - just general wonkiness with the Epson printing job configuration UI. They offer Fedora software, but it seems that not all features are supported

Since I have these simple, yet effective bash shell commands, which allow me to edit notes, plans, todos and statuses from the terminal, I feel liberated from overly complex software - everything is just text files and applications which come preinstalled on every Linux system.

The amount of shady Android apps in Google’s “Play Store” is so large, it makes me want to write my own software instead. 😖

@prologic@twtxt.net

1. It’s criminal: Copilot was only possible because of massive theft of other peoples’ work (no compensation or even acknowledgement to any of the developers whose code was used to create Copilot)
   
2. It’s positioned to put software developers out of work or so fully de-skill them that they no longer know how to code anything but prompts (after which come corporate-justified salary and benefits decreases)
   

Don’t use it. No one should ever use it. You’re destroying your own future as a software developer by leaning on and supporting these things.

@jmjl@tilde.green I’m sorry that I’m not super knowledgeable about alternatives to jmp.chat but I’ll tell you what I know.

You’re probably right about jmp.chat not working for you, at least as it is now. You can only get US and Canadian phone numbers through it last time I checked, so if you’re not in either of those countries you’d be making international calls all the time and people who wanted to call you would be making international calls too.

I’ve seen people talk about using SIP as an intermediary: you can bridge SIP-to-XMPP, and bridge SIP-to-PSTN (PSTN = “packet switched telephone network”, meaning normal telephone). You can skip the SIP-to-XMPP side if you’re comfortable using a SIP client. I don’t know very much about SIP or PSTN so I am not sure what to recommend, but perhaps this helps your search queries.

There are a fair number of services like TextNow that let you sign up for a real telephone number that you can then use via their app (I wouldn’t use TextNow–they had tons of spyware in their app). I don’t know if that kind of service works for you but if it does perhaps you’d be able to find one of them that isn’t horrible. This page (https://alternativeto.net/software/jmp-chat/) has a bunch of alternatives; I can’t vouch for any of them but maybe it’s a starting point if you want to go this route.

Good luck!

Ugh, ffs–the datasette project just added #ChatGPT garbage. Another seemingly nice piece of software and project that I need to stop using.

I guess I can be thankful they self-identify.

@prologic@twtxt.net I don’t get your objection. dockerd is 96M and has to run all the time. You can’t use docker without it running, so you have to count both. docker + dockerd is 131M, which is over 3x the size of podman. Plus you have this daemon running all the time, which eats system resources podman doesn’t use, and docker fucks with your network configuration right on install, which podman doesn’t do unless you tell it to.

That’s way fat as far as I’m concerned.

As far as corporate goes, podman is free and open source software, the end. docker is a company with a pricing model. It was founded as a startup, which suggests to me that, like almost all startups, they are seeking an exit and if they ever face troubles in generating that exit they’ll throw out all niceties and abuse their users (see Reddit, the drama with spyware in Audacity, 10,000 other examples). Sure you can use it free for many purposes, and the container bits are open source, but that doesn’t change that it’s always been a corporate entity, that they can change their policies at any time, that they can spy on you if they want, etc etc etc.

That’s way too corporate as far as I’m concerned.

I mean, all of this might not matter to you, and that’s fine! Nothing wrong with that. But you can’t have an alternate reality–these things I said are just facts. You can find them on Wikipedia or docker.com for that matter.

GnuCOBOL 3.2 Released After 2+ Years In Development
For those fond of the COBOL programming language and continuing to make use of it in new development efforts, GnuCOBOL 3.2 was released on Friday as the latest feature update for this 21+ year old free software effort around being an open-source COBOL implementation… ⌘ Read more

An official FBI document dated January 2021, obtained by the American association “Property of People” through the Freedom of Information Act.

This document summarizes the possibilities for legal access to data from nine instant messaging services: iMessage, Line, Signal, Telegram, Threema, Viber, WeChat, WhatsApp and Wickr. For each software, different judicial methods are explored, such as subpoena, search warrant, active collection of communications metadata (“Pen Register”) or connection data retention law (“18 USC§2703”). Here, in essence, is the information the FBI says it can retrieve:

• Apple iMessage: basic subscriber data; in the case of an iPhone user, investigators may be able to get their hands on message content if the user uses iCloud to synchronize iMessage messages or to back up data on their phone.

• Line: account data (image, username, e-mail address, phone number, Line ID, creation date, usage data, etc.); if the user has not activated end-to-end encryption, investigators can retrieve the texts of exchanges over a seven-day period, but not other data (audio, video, images, location).

• Signal: date and time of account creation and date of last connection.

• Telegram: IP address and phone number for investigations into confirmed terrorists, otherwise nothing.

• Threema: cryptographic fingerprint of phone number and e-mail address, push service tokens if used, public key, account creation date, last connection date.

• Viber: account data and IP address used to create the account; investigators can also access message history (date, time, source, destination).

• WeChat: basic data such as name, phone number, e-mail and IP address, but only for non-Chinese users.

• WhatsApp: the targeted person’s basic data, address book and contacts who have the targeted person in their address book; it is possible to collect message metadata in real time (“Pen Register”); message content can be retrieved via iCloud backups.

• Wickr: Date and time of account creation, types of terminal on which the application is installed, date of last connection, number of messages exchanged, external identifiers associated with the account (e-mail addresses, telephone numbers), avatar image, data linked to adding or deleting.

TL;DR Signal is the messaging system that provides the least information to investigators.

Still undecided between TiddlyWiki, DokuWiki, Bear, Benotes, Memos, my blog software, standardnotes, apple notes and more. I like them all quite a bit, but standardnotes, the only one that has reall multiplatform is so fucking complicated to host on your own and then they have this stupid offline subscription thing that allows rich text or the block editor that works like notion. I also found codex docs which is really really nice. Unfortunately they lack proper authentication. 1 / 2

@prologic@twtxt.net I think those headsets were not particularly usable for things like web browsing because the resolution was too low, something like 1080p if I recall correctly. A very small screen at that resolution close to your eye is going to look grainy. You’d need 4k at least, I think, before you could realistically have text and stuff like that be zoomable and readable for low vision people. The hardware isn’t quite there yet, and the headsets that can do that kind of resolution are extremely expensive.

But yeah, even so I can imagine the metaverse wouldn’t be very helpful for low vision people as things stand today, even with higher resolution. I’ve played VR games and that was fine, but I’ve never tried to do work of any kind.

I guess where I’m coming from is that even though I’m low vision, I can work effectively on a modern OS because of the accessibility features. I also do a lot of crap like take pictures of things with my smartphone then zoom into the picture to see detail (like words on street signs) that my eyes can’t see normally. That feels very much like rudimentary augmented reality that an appropriately-designed headset could mostly automate. VR/AR/metaverse isn’t there yet, but it seems at least possible for the hardware and software to develop accessibility features that would make it workable for low vision people.

@stigatle@yarn.stigatle.no @prologic@twtxt.net @eldersnake@we.loveprivacy.club I love VR too, and I wonder a lot whether it can help people with accessibility challenges, like low vision.

But Meta’s approach from the beginning almost seemed like a joke? My first thought was “are they trolling us?” There’s open source metaverse software like Vircadia that looks better than Meta’s demos (avatars have legs in Vircadia, ffs) and can already do virtual co-working. Vircadia developers hold their meetings within Vircadia, and there are virtual whiteboards and walls where you can run video feeds, calendars and web browsers. What is Meta spending all that money doing, if their visuals look so weak, and their co-working affordances aren’t there?

On top of that, Meta didn’t seem to put any kind of effort into moderating the content. There are already stories of bad things happening in Horizon Worlds, like gangs forming and harassing people off of it. Imagine what that’d look like if 1 billion people were using it the way Meta says they want.

Then, there are plenty of technical challenges left, like people feeling motion sickness or disoriented after using a headset for a long period of time. I haven’t heard announcements from Meta that they’re working on these or have made any advances in these.

All around, it never sounded serious to me, despite how much money Meta seems to be throwing at it. For something with so much promise, and so many obvious challenges to attack first that Meta seems to be ignoring, what are they even doing?

On LinkedIn I see a lot of posts aimed at software developers along the lines of “If you’re not using these AI tools (X,Y,Z) you’re going to be left behind.”

Two things about that:

1. No you’re not. If you have good soft skills (good communication, show up on time, general time management) then you’re already in excellent shape. No AI can do that stuff, and for that alone no AI can replace people
   
2. This rhetoric is coming directly from the billionaires who are laying off tech people by the 100s of thousands as part of the class war they’ve been conducting against all working people since the 1940s. They want you to believe that you have to scramble and claw over one another to learn the “AI” that they’re forcing onto the world, so that you stop honing the skills that matter (see #1) and are easier to obsolete later. Don’t fall for it. It’s far from clear how this will shake out once governments get off their asses and start regulating this stuff, by the way–most of these “AI” tools are blatantly breaking copyright and other IP laws, and some day that’ll catch up with them.
   

That said, it is helpful to know thy enemy.

The EU’s Proposed CRA Law May Have Unintended Consequences for the Python Ecosystem (as well as the entire free software movement).

Y2K and 2038
⌘ Read more

@mckinley@twtxt.net Thank you! I didn’t even know about signing and encrypting XML documents. Right, RSS is a little bit messy.

Unfortunately, the autodiscovery document in one of your linked resources does not exist anymore. What annoys me in Atom is the distinction between <id> and <link>. I always want my URL also to be my ID, so I have to duplicate that – unnecessarily in my opinion.

Also, never found a good explanation why I should add <link rel="self" … /> to my feeds. I just do, but I don’t understand why. The W3C Feed Validation Service says:

[…] This value is important in a number of subscription scenarios where often times the feed aggregator only has access to the content of the feed and not the location from which the feed was fetched.

This just sounds like a very questionable bandaid to bad software architecture. Why would the feed parser need access to the feed URL at this stage? And if so, why not just pass down the input source? Just doesn’t make sense to me.

Also, I just noticed that I reference the http://purl.org/rss/1.0/modules/syndication/ namespace, but don’t use it in most of my feeds. Gotta fix that. Must have copied that from my yfav feed without paying attention what I’m doing.

Your article made me reread the Atom spec and I found out, that I can omit the <author> in the <entry> when I specify a global <author> at <feed> level. Awesome! Will do that as well and thus reduce the feed size.

I did a take home software engineering test for a company recently, unfortunately I was really sick (have finally recovered) at the time 😢 I was also at the same time interviewing for an SRE position (as well as Software Engineering).

Got the results of my take-home today and whilst there was some good feedback, man the criticisms of my work were harsh. I’m strictly not allowed to share the work I did for this take-home test, and I really can only agree with the “no unit tests” piece of the feedback, I could have done better there, but I was time pressured, sick and ran out of steam. I was using a lot of libraires to do the work so in the end found it difficult to actually think about a proper set of “Unit Tests”. I did write one (in shell) but I guess it wasn’t seen?

The other points were on my report and future work. Not detailed enough I guess? Hmmm 🤔

Am I really this bad? Does my code suck? 🤔 Have I completely lost touch with software engineering? 🤦‍♂️

trying some day planning on paper, quantizing all tasks into pomodoros. feels good. my goal is to make software only if/when I’ll feel I’ll need it and have a pretty decent idea of WHAT I need #tracking #selfimprovement #time

Salary Negotiation
⌘ Read more

Startup Aims To Help Software Companies Shift To Usage-Based Pricing Models
The startup Metronome “claims to have developed a billing and data infrastructure platform that is capable of ‘reliably’ processing data at scale so that usage-based companies can iterate on business models without code changes,” reports TechCrunch. “It does this by providing businesses with real-time APIs for their customer … ⌘ Read more

JavaScript : web apps

wut?! 😳 seriously?! 🤦‍♂️

Python : small tools

Okay 👌

Go: micro services

Umm bad generalization 🤣 – Example yarnd that powers most of Yarn.social 😂

Java: enterprise software

Yes! Oh gawd yes! 🤣 And Java™ needs to die a swift death!

C: crimes

Hmmm? 🤔 I feel this one is going to have some backslash and/or go the way of “Hacker” being misconstrued to mean entirely different/incorrect things as is what’s happening in the media (for various definitions of “media”).

🤔 👋 Reconsidering moving Yarn.social’s development back to Github: Speaking of which (I do not forget); @fastidious@arrakis.netbros.com and I were discussing over a video call two nights ago, as well as @lyse@lyse.isobeef.org who joined a bit later, about the the whole moved of all of my projects and their source code off of Github. Whilst some folks do understand and appreciate my utter disgust over what Microsoft and Copilot did by blatantly scraping open source software’s codebases without even so much as any attempt at attribution or respecting the licenes of many (if not all?) open source projects.

That being said however, @fastidious@arrakis.netbros.com makes a very good and valid argument for putting Yarn.social’s codebases, repositories and issues back on Github for reasons that make me “torn” over my own sense of morality and ethics.

But I can live with this as long as I continue to run and operate my new (yet to be off the ground) company “Self Hosted Pty Ltd” and where it operates it’s own code hosting, servicesa, tools, etc.

Plese comment here on your thoughts. Let us decide togetehr 🤗

#yarnsocial #github #opsnsource #copilot #microsoft

Trump’s Group has 30 days to remedy the violation, or their rights in the software are permanently terminated. SF Conservancy

I am out of popcorn, but might need some for this. 😂

It looks like @movq@www.uninformativ.de isn’t too active these days. This little piece of software is pretty neat!

this Nayib Bukele guy is pissing off all of the incumbent parties in El Salvador with his Nuevas Ideas party. i love it. mi mama es salvadoreña y me gustaría poder vivir ahí. tengo competências en competências sistemas de software y varios otros asuntos técnicos. gano bien y me encantaría participar en la economía salvadoreña. el problema es que soy lesbiana y uso el canabis (y otras plantas medicinales) por razones médicos y religiosos. no se se seria aceptada. tal vez haya otro modo para participar..

dick-hole software methodology

see also https://sunshinegardens.org/~xj9/chaotic-software/

Towards A Communal Software Movement https://communalsoftware.codeberg.page/

kill the rubber duck, and all software dies with it. kill the rubber duck.

i’d say in most cases, having another program in the mix is not the solution unless the problem is inherently technical and other software either misses the point, or solves a different (possibly overlapping) problem. its easy to think that hitting things with keyboards is a universal solution. especially if you have a lot of experience doing that. the common blindness of software people is the human elements that are often handled by other teams which eventually frame problems in technical terms for developers to deal with. then the naive developer goes home thinking they can replace the humans that make their work possible.

A short-and-sweet article on principles of successful teams: https://blog.brunomiranda.com/principles-of-successful-software-engineering-teams-41a65bfd56b3