Elijah's recent activity

  1. Comment on Run more stuff in Docker in ~comp

    Elijah
    Link
    I dockerized Firefox and ran that for a few years (on Linux, not Windows). You really have to jump through some hoops. My goal was to put it in an extra-strong sandbox with minimal actual...

    I dockerized Firefox and ran that for a few years (on Linux, not Windows). You really have to jump through some hoops. My goal was to put it in an extra-strong sandbox with minimal actual knowledge of the computer. It could not play audio, for example, and that was a feature.

    3 votes
  2. Comment on Daily Tildes discussion - how to handle account deletion in ~tildes.official

    Elijah
    Link
    Again Discourse has a model for this. Removing all the content a user has creates enormous holes in the history. If creating accounts is easy (and I don't think it is now, but most sites have easy...

    Again Discourse has a model for this.

    Removing all the content a user has creates enormous holes in the history. If creating accounts is easy (and I don't think it is now, but most sites have easy to make accounts), and deleting accounts can be done by the user, it can be used for trolling / griefing.

    When people close their accounts the username should be retired, some signal should be used to mark the username as inactive, and (optionally -- probably up to the user), the username should be replaced with an anonymized string.

    2 votes
  3. Comment on Tildes feels so cozy in ~talk

    Elijah
    Link
    "Mothership"? I think that suggests a wrong attitude about Tildes. While it may have had some inspiration from things Reddit gets wrong, it takes inspiration from other sources, too. And some of...

    "Mothership"? I think that suggests a wrong attitude about Tildes. While it may have had some inspiration from things Reddit gets wrong, it takes inspiration from other sources, too. And some of us did not come there from that site.

    7 votes
  4. Comment on Google and Facebook Are Quietly Fighting California’s Privacy Rights Initiative, Emails Reveal in ~tech

    Elijah
    Link
    So the battle here is trying to get a state law enacted rather than letting a voter initiative be presented to the voters. You see, if there's an initiative that's potentially changing the state...

    So the battle here is trying to get a state law enacted rather than letting a voter initiative be presented to the voters. You see, if there's an initiative that's potentially changing the state constitution, which makes it much harder to undo. And if it's an initiative coming up to vote, that means parties against it have to advertise to the voters to try to sway them. But groups buying political advertising have to disclose their funding, so the big names like Uber, Facebook, and Google don't want to be placed in the position of choosing between fighting against strong privacy protections in public or submitting to strong privacy protections.

    (Seriously, URLs with no summary suck.)

    2 votes
  5. Comment on What are some interesting hobbies you can start for free and without leaving your home? in ~hobbies

    Elijah
    Link Parent
    All that work, and at the end you just have kvass. :^) I was at a Russian history museum about a year ago and bought a can of kvass to try. The gift shop attendant was surprised to be selling one....

    All that work, and at the end you just have kvass.

    :^)

    I was at a Russian history museum about a year ago and bought a can of kvass to try. The gift shop attendant was surprised to be selling one. Then I tried it. The flavor was one of my childhood, but not one I was yearning to have again. It tastes just like Malta Goya, available in so many NYC bodegas.

  6. Comment on What are the positive aspects of Microsoft's acquisition of GitHub, if any? in ~comp

    Elijah
    Link Parent
    To add to Crespyl's answer, integration of orthogonal components. Tighter integration into Microsoft software development products will get full MS shops into buying Github web and Enterprise...

    To add to Crespyl's answer, integration of orthogonal components. Tighter integration into Microsoft software development products will get full MS shops into buying Github web and Enterprise products. Building out GVFS into something bigger and better such as a GVFS / NFS hybrid. The filesystem thing can be done in a way that makes repos exportable as if traditional git, but work differently under the hood. Swapping the plumbing but not the porcelain, if you will.

    1 vote
  7. Comment on What's in a git repo? in ~comp

    Elijah
    Link Parent
    I'm actually curious how much rebase can screw up attributions, and thought the paper might offer at least case studies in that. Because I don't think rebase type rewriting of history exists in...

    I'm actually curious how much rebase can screw up attributions, and thought the paper might offer at least case studies in that. Because I don't think rebase type rewriting of history exists in most SCM tools, not that one can't achieve the functional equivalent through manual diffs and patches.

  8. Comment on What are the positive aspects of Microsoft's acquisition of GitHub, if any? in ~comp

    Elijah
    Link Parent
    Microsoft isn't in a great place now. The EEE model requires a clear dominance in industry to work. In my (largely one city) experience, not a lot of coders are just Microsoft people. Many more...

    Microsoft isn't in a great place now. The EEE model requires a clear dominance in industry to work. In my (largely one city) experience, not a lot of coders are just Microsoft people. Many more are just Apple people. Github isn't Git, and it isn't the only git-on-the-web tool. They aren't going to get very far just extinguishing it.

    The clear potential to them is to make git work better for companies with massive codebases, like their own, because selling super-spiffy Github Enterprise systems that Embrace and Extend (in a backwards compatible way) to git is a way to get themselves back into the corporate ecosystem. I've expanded on the filesystem like extensions I think git could use in another post already.

    4 votes
  9. Comment on What are the positive aspects of Microsoft's acquisition of GitHub, if any? in ~comp

    Elijah
    Link
    Microsoft owns Linkedin. Has it been ruined? Here's what I think might come of this: git is a hackish way to get a filesystem style view of code history. In my own experience this looks a lot like...

    Microsoft owns Linkedin. Has it been ruined?

    Here's what I think might come of this:

    git is a hackish way to get a filesystem style view of code history. In my own experience this looks a lot like ClearCase which I used in the late 1990s. Microsoft is currently using git for a lot of stuff, and they are surely running into the issues that "hackish" implies. Let's say you have a big program that includes graphics (for UI, in-app documentation, and/or for embedding in content users produce), audio (for feedback when actions happen and/or for embedding in content users produce), and video (for UI, in-app documentation, and/or for embedding in content users produce). You might really, really want to have particular versions of particular files associated with particular branches of the code. Like the Mac icon designs might be different than the Windows ones. Git isn't great at versioning binary files.

    And because this is a big project, there are a lot of files. When you check out a different (existing) branch, behind the scenes, git has to track down a lot of different files from the .git directory and put them in the right place. That's going to involve a lot of filesystem operations. If some of these are big binaries, it will potentially also add a lot disk writes.

    Making git be more filesystem like, and more network file system like, will make git more usable for that case. In an office environment, it's not unreasonable to expect a lot of people will use network file shares to access the code. Those people are prime targets for optimization by way of making git into a real filesystem. If you know how snapshots work in zfs, for example, branches could be snapshot equivalents. Zfs doesn't do separate snapshots on a per repo basis, though, so it isn't quite the same.

    I suspect that Microsoft will put work into making Github (and the corporate private version, Github Enterprise) work more like a network filesystem for at least some larger projects.

    9 votes
  10. Comment on What's in a git repo? in ~comp

    Elijah
    Link Parent
    Next day update. Git Internals Maintenance and Data Recovery shows me how to get a file name for that zip file. But the suggested way to find the commit isn't working. $ git rev-list --objects...

    Next day update.

    Git Internals Maintenance and Data Recovery shows me how to get a file name for that zip file. But the suggested way to find the commit isn't working.

    $ git rev-list --objects --all | grep $id
    b3b5f502870687f4a8b18b3ca61096b1f5745a87 dest/linux-x86.zip
    $ git log --oneline --branches -- dest/linux-x86.zip
    $
    
    1 vote
  11. Comment on What's in a git repo? in ~comp

    Elijah
    Link Parent
    The first is not at all in-depth enough. The second goes over the graph theory view of git in detail, a view I understand already, even if I'm not always certain of the command line to get where I...

    The first is not at all in-depth enough. The second goes over the graph theory view of git in detail, a view I understand already, even if I'm not always certain of the command line to get where I want to go. That's the stated goal, how to think so git actions make sense. I'm coming from a different angle, which is more archeology than new construction.

    If you've seen my post where I figured out the way to find the binary files in the pack file, you can see where I am now in my understanding. Git has this stuff, but git log doesn't show me any commits that look likely to relevant. (History begins in January 2017, but I suspect this stuff is older.)

    Internally git seems to use SHA1 hashes for both commits (collection of file states, the nodes in the graph view) and for file references (every change to every file is a represented by a different string). This is a little confusing because the two look exactly alike.

    So where I am now, given a file SHA1, how do I find the corresponding commit? The usual access method is the reverse, given a commit, what are the corresponding files?

    1 vote
  12. Comment on What's in a git repo? in ~comp

    Elijah
    Link Parent
    Okay, I've read it now. This can be boiled down do "git blame is misleading" and "Linux kernel commit messages can't be trusted to credit authorship as defined by copyright law." There is nothing...

    Okay, I've read it now. This can be boiled down do "git blame is misleading" and "Linux kernel commit messages can't be trusted to credit authorship as defined by copyright law." There is nothing specific about git as a technical tool, these faults would exist in any other SCM that I have used.

    2 votes
  13. Comment on What's in a git repo? in ~comp

    Elijah
    Link Parent
    I'm clearly not a git expert, but I thought garbage collection happened automatically before sending to a remote depot. Since this is something I've git cloned off of Github, it clearly has seen...

    I'm clearly not a git expert, but I thought garbage collection happened automatically before sending to a remote depot. Since this is something I've git cloned off of Github, it clearly has seen some "remote" motions.

    I think this is a zip file that was accidentally -- or misguidedly -- committed some years ago and then updated several times, then finally deleted. But because the whole history is there in the .git directory, it has every version of those binaries committed.

    I suspect the proper thing to do here, is some sort of soft or hard fork to a new version that can allow history to be discarded. The specifics of how this is best done in git, I do not know.

    1 vote
  14. Comment on What's in a git repo? in ~comp

    Elijah
    Link Parent
    The title alone has my attention, thanks.

    The title alone has my attention, thanks.

  15. Comment on Thermostats, locks and lights: Digital tools of domestic abuse in ~tech

    Elijah
    Link Parent
    In particular I'm thinking about lights and thermostats that can be made to "seem" flakey to drive people crazy. (Annoyed, frustrated crazy, not insane.)

    In particular I'm thinking about lights and thermostats that can be made to "seem" flakey to drive people crazy. (Annoyed, frustrated crazy, not insane.)

    1 vote
  16. Comment on Daily Tildes discussion - title editing in ~tildes.official

    Elijah
    Link Parent
    I think moderators should win over OP, otherwise why bother with moderators? If OP doesn't like it, he can take his marbles and go play somewhere else.

    I think moderators should win over OP, otherwise why bother with moderators? If OP doesn't like it, he can take his marbles and go play somewhere else.

    5 votes
  17. Comment on Thermostats, locks and lights: Digital tools of domestic abuse in ~tech

    Elijah
    Link
    (Representative quote, because bare links suck.) This all appears to be spousal abuse here, mostly men exercising remote control capabilities of connected devices to torment. I bet that it won't...

    (Representative quote, because bare links suck.)

    Muneerah Budhwani, who takes calls at the National Domestic Violence Hotline, said she started hearing stories about smart homes in abuse situations last winter. “Callers have said the abusers were monitoring and controlling them remotely through the smart home appliances and the smart home system,” she said.

    Graciela Rodriguez, who runs a 30-bed emergency shelter at the Center for Domestic Peace in San Rafael, Calif., said some people had recently come in with tales of “the crazy-making things” like thermostats suddenly kicking up to 100 degrees or smart speakers turning on blasting music.

    “They feel like they’re losing control of their home,” she said. “After they spend a few days here, they realize they were being abused.”

    This all appears to be spousal abuse here, mostly men exercising remote control capabilities of connected devices to torment. I bet that it won't stop there. Landlords wanting to get rid of renters, former owners (particularly if evicted), just general creepy tech installers, etc.

    Ugh, people are shitty.

    8 votes
  18. Comment on What's in a git repo? in ~comp

    Elijah
    Link Parent
    Teach a man to fish huh? Okay. With Git Internals Packfiles I was able to learn how to get a directory listing of a pack file. $ git verify-pack -v...

    Teach a man to fish huh?

    Okay. With Git Internals Packfiles I was able to learn how to get a directory listing of a pack file.

    $ git verify-pack -v .git/objects/pack/pack-df07816cd15fb091439112029c28ebc366501652.pack
    ...
    c2286dca4c913602e6e8c4e7a21cb5615f7aa0ac blob   104 110 23237 3 4f569aff3acb6175e94827f69868de6a7a8654c2
    4df9ccab88ff6c36422d87f5e119e9b04da1332d tree   78 83 23347
    b3b5f502870687f4a8b18b3ca61096b1f5745a87 blob   11674692 11572461 23430
    81ecae4bf177ed325c19826d77160dddcfc7d479 blob   3947317 3876239 11595891 1 b3b5f502870687f4a8b18b3ca61096b1f5745a87
    a50b2ae4e6a7f53c3fa89f8a03b4c4436f440ca4 blob   3592695 3528486 15472130 2 81ecae4bf177ed325c19826d77160dddcfc7d479
    8ad29edd5cc8e09f5719b3a5ee2e299e2f28a88a blob   3781788 3712794 19000616 3 a50b2ae4e6a7f53c3fa89f8a03b4c4436f440ca4
    ...
    

    The third column is file size, so you can see it starts to get interesting at the line with "11674692".

    Then using Git Internals Git References, I was able to extract a few of those objects, specifically:

    $ git cat-file -p b3b5f502870687f4a8b18b3ca61096b1f5745a87 > /tmp/b3b5f502870687f4a8b18b3ca61096b1f5745a87
    $ git cat-file -p a50b2ae4e6a7f53c3fa89f8a03b4c4436f440ca4 > /tmp/a50b2ae4e6a7f53c3fa89f8a03b4c4436f440ca4
    

    They are both zip files.

    $ unzip -l /tmp/b3b5f502870687f4a8b18b3ca61096b1f5745a87
    Archive:  /tmp/b3b5f502870687f4a8b18b3ca61096b1f5745a87
      Length      Date    Time    Name
    ---------  ---------- -----   ----
         1076  2017-02-04 11:07   LICENSE
         8420  2018-02-19 07:42   README.md
        10831  2018-02-19 07:41   README.ja.md
     33076979  2018-02-26 09:22   index
    ---------                     -------
     33097306                     4 files
    $ unzip -l /tmp/a50b2ae4e6a7f53c3fa89f8a03b4c4436f440ca4
    Archive:  /tmp/a50b2ae4e6a7f53c3fa89f8a03b4c4436f440ca4
      Length      Date    Time    Name
    ---------  ---------- -----   ----
         8420  2018-02-19 07:42   README.md
        10831  2018-02-19 07:41   README.ja.md
     33079580  2018-02-27 23:57   index
         1076  2017-02-04 11:07   LICENSE
    ---------                     -------
     33099907                     4 files
    
    

    Inspecting one of those "index" files, I find it is a rather old executible:

    $ file /tmp/index
    /tmp/index: ELF 32-bit LSB executable, Intel 80386, version 1 (GNU/Linux), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 2.6.18, BuildID[sha1]=5147ab7517c353e744eb5e335ce9927504ee1a9c, not stripped
    

    For reference, RHEL 5 shipped with a 2.6.18 kernel when it came out in March 2007.

    Near as I can tell, it's a C++ program. Look at those compiled in strings that have characteristic gcc mangling of C++ function names:

    $ strings /tmp/index | head -40000 | tail -1
    _ZN2v88internal8compiler21JSOperatorGlobalCache26GreaterThanOrEqualOperatorILNS0_20CompareOperationHintE8EED2Ev
    $ strings /tmp/index | grep -c ^_
    86178
    

    (The function names are in there because this is "not stripped".)

    And this is super curious because the program of the package is a node.js project, and has no C or C++ source, nor does the README in the zip mention this unsuffixed index file or C or C++.

    This huge pack file apparently has multiple different versions of a zip'ed artifact, and has somehow found ways to diff them and save the differences. This sort of thing is a big strike against keeping all history with a project forever: people accidentally checking in huge binaries.

    8 votes
  19. Comment on What's in a git repo? in ~comp

    Elijah
    Link Parent
    I use git regularly. I know all the learn in five minutes stuff. I've been using revision control software since Linux was a twinkle in Linus' eye. I can do sophisticated things with Perforce, but...

    I use git regularly. I know all the learn in five minutes stuff. I've been using revision control software since Linux was a twinkle in Linus' eye. I can do sophisticated things with Perforce, but git uses a quite different model that I am not that comfortable with. And I have not learned much of the internals of git.

    I mean I'm fine with every repo having local history, which is so much different than Perforce, and harks back to pre-distributed revision control systems like RCS in my mind. But it irks me that git checkout swaps files out from under me. Ugh. I would much rather have parallel trees for branches, although I know that's not in vogue any more.

    5 votes
  20. Comment on Daily Tildes discussion - title editing in ~tildes.official

    Elijah
    Link
    Discourse (forum software) has trust based system, which in the default configuration, allows any user to eventually earn a trust level where they can edit any title of any post. It works, with...

    Discourse (forum software) has trust based system, which in the default configuration, allows any user to eventually earn a trust level where they can edit any title of any post. It works, with caveats: not everyone who gets this power realizes they have it; there needs to be a system in place for dealing with abuse of this power.

    The trust system in Discourse works like this:

    • Newbies are highly restricted. This is to limit the damage spammers can do.
    • Basic users can do everything, but have some limits on how much they can do a day. It is very easy to advance to Basic.
    • Members are people who have been visiting for over two weeks. They have fewer limits.
    • Regulars are people who have visited a lot and read a lot, you lose "regular" and revert to "member" if you don't read a good percentage of everything from the last 100 days.
      ** Regulars have title and re-categorization rights for basically all topics.
      ** A history of all edits is kept, and most edits (ie unless specifically hidden by a mod) are open to public inspection.
      ** The creator of a post is notified of all edits someone else makes.
    • Leader is the highest trust level, which is essentially mini-mod. This is by manual promotion only, not automatic.
      ** Leader can not see moderation flags or do things like ban users.
      ** Leaders can edit posts and close topics.

    It's not a trust model that I think is 100% right for Tildes goal, but it is a close fit.

    Edit: Here's Discourse explaining trust levels:
    https://meta.discourse.org/t/what-do-user-trust-levels-do/4924

    16 votes