she/they
Oh no I wasn't talking about your tone at all, sorry about my poor phrasing there. I meant the tone of Timothy Roscoe which rubbed me the wrong way.
I might be a bit overly sensitive since it reminded me of how science cranks like to talk about their "discoveries" - You know, how people like Avi Loeb or Eric Weinstein will go on Joe Rogan and complain how nobody in academia is taking them seriously. Obviously that's not at all what Roscoe is doing but it sounded a tiny bit like that to my ears, at least before the Q&A section (which I hadn't watched before writing my comment).
I was mostly just trying to convince myself this morning I wasn't insane. I had thought it was the standard terminology.
No you are actually correct, "bare metal" does in fact mean "without an OS". It just got co-opted to mean... other things additionally, and in the case of servers specifically the new usage ended up crowding out the original one. Hence the original misunderstanding.
There was a really interesting talk at USENIX a few years ago (Usenix 21 keynote with Timothy Roscoe, I just looked it up) that was basically saying that a modern OS like linux, isn't even accessing hardware and is just an OS in a system of OSs on a computer.
This was indeed a very interesting talk. Not sure if the accusatory tone (Edit: Of the speaker!) was warranted but I'm not really the target audience so who am I to judge.
One aspect that he only mentioned in passing is that hardware manufacturers seem to be very happy to entertain Linux's (and Windows') assumptions about memory, just like they seem to be very happy to entertain assumptions about execution order. Nobody wants to make hardware that requires a weird bespoke operating system because of its bespoke microarchitecture (except perhaps for Apple, though I'm not confident they're really innovating in this regard). Maybe I lack perspective but I don't really see a nice way out of this either, since nobody wants to buy hardware that requires weird bespoke operating systems either (except once again Apple). And I don't see how an operating system could be widely supported across many different SoC designs without accumulating a similar complexity to modern Linux.
We should definitely be feeling mildly uncomfortable about this entire thing though.
Yeah I understand that's what you meant, but it's not what people think when they hear "bare-metal server" (anymore... not saying you're wrong!) or what the commenter I was responding to was talking about.
I'm not sure anyone is really deploying servers without an OS, even though I'm sure the concept has a lot of merit. Unfortunately there's a strong trend of putting the absolute minimum possible effort into deployment at the expense of basically everything (which is how you end up with really stupid ideas like "serverless computing").
Most TVs are probably already compliant because using them requires creating a Google or Apple account, which already want your age information (and the California bill explicitly allows using existing data like this IIRC). That's good for avoiding disruption, but not so good from a privacy perspective.
The other advantage of a bare metal server is that the computing resources are guaranteed to actually be there when you need them. VM Providers are known to overbook their actual hardware, so if other customers happen to use more compute than anticipated then your VMs mysteriously won't have the performance you paid for.
There's also a computational cost to virtualization itself, so you can add slightly more performance to a single server before you have to use a distributed system, but I doubt that's significant for more than a handful of businesses.
Theoretically you could create an appliance with just a Linux kernel, Cage and Firefox (plus dependencies) and boot that with
init=/bin/cage firefox. This is how most information and advertisement displays and other kiosk systems (think of stuff like the McDonalds order machines) are made.It would be difficult to argue that this isn't an operating system though, because typical definitions are very broad. In particular, you will always need "a program that manages a computer’s resources", and you also need "the allocation of those resources among other programs" because websites are programs (in reality a browsers will liberally fork itself to take advantage of kernel process isolation, but even if it didn't the in-process threads would still qualify).
Vendors of kiosk systems probably have better chances arguing that their devices aren't general purpose than that they don't use an operating system. However if your "kiosk" system is advertising on the basis that you can do general purpose computing within a browser then your chances of arguing that you're somehow not selling a "general purpose computing device" aren't going to be very good.
- JumpRemoved
Current Reality
Her endorsement of the stupid Krauss book is the most damning thing she did objectively, but she went off the rails earlier than that with her transphobic videos. She presents "science without the gobbledygook" except when it's trans people, then she pulls out random junk studies that make her feel justified in her disgust reaction, apparently. Of course now she openly aligns with Physics cranks like Eric Weinstein and the American right wing so there's absolutely no doubt left about what she's doing even if you ignore her non-Physics videos.
The Krauss book is funny in a morbid way too, it keeps talking about how Biden will do this or that but released in the middle of Trump's unprecedented budget cuts for everything even vaguely resembling a scientific institution. Oh and most of the other guest writers for the book are former Professors who were fired for sexually harrassing their students, that must be this "Cancel Culture" thing Hossenfelder is talking about.
Edit: s/Trump administration/American right wing/ because she may have backpedaled on Trump specifically, I don't watch her content anymore for all the obvious reasons.
I tried a
git log --grep=claudebut it doesn't net much, basically just this PR (which in fairness does look vibecoded).Maybe there's some development branch in the repository that has a commit authored by Claude but if so it's not on main.
The site works for me. This is the actual news:
Last week, the Fedora Infrastructure Team lifted the IP range block on IP addresses in Syria. This action restores download access to Fedora Linux deliverables, such as ISOs. It also restores access from Syria to Fedora Linux RPM repositories, the Fedora Account System, and Fedora build systems. Users can now access the various applications and services that make up the Fedora Project.
This discourse post has more details. Essentially: Nixpkgs is an 83 GiB repository with 20,000 forks that incurs a ton of API usage from CI and bots. It turns out this caused some scaling issues. It's unclear to me if other forges would have run into exactly the same issues but if the repo can cause replication failures at GitHub it can almost certainly cause problem at Codeberg.
Edit: For comparison, the Gentoo repository is 20 GiB and has 2.2k forks (on GitHub). The largest repository on Codeberg is 30 GiB, but that's just a blocklist data mirror with no CI.
Edit 2: Also, since I'm reading through Gentoo's mail archives for this they also seem to be at least slightly worried:
So far I don't think we really deliberated on [using Codeberg for the sync-friendly mirror]. The key point here is that unlike GitHub, Codeberg is running on community funding, and we don't want to abuse their resources with the huge syncing repo.
Note that Nixpkgs doesn't have a syncing mirror. Majority of Nix users pull directly from
github.com/NixOS/nixpkgs.I would expect Git forges (and other configuration control adjacent software) to be the easiest services to federate. Git is already decentralized, and the usual concerns regarding encryption and privacy are essentially irrelevant since everything is meant to be public anyways.
If you ask me it's strange that the federated social media (which leaks PII everywhere) and federated messaging (which is a security nightmare) have taken off but decentralized Git forges don't exist. My best guess is that the people who care are already using mailing lists?
This is a great article. I just want to highlight this insane behavior in particular (slightly dramatized):
sh
set -e safeDelete() { false # Surely we don't reach this, right? echo "rm $@ goes brr..." } if safeDelete all of my files; then : # do more stuff fiFrankly if you actually need robustness (which is not always), you should be using a real programming language with exceptions or result types or both (i.e. not C). UNIX processes are just not really up to the task.
- JumpDeleted
Permanently Deleted
I think this is the right take on this.
All of this is fundamentally rooted in legal compliance things and the only reason you can see any western open source organizations not following suit is because their "violation" has flown under the radar so far. While going European-based helps with a lot of other US bullshit, in this case it doesn't because the sanction situation is largely the same across most of the world. You could go with one of those Chinese or Russian (maybe Indian?) distributions I suppose, but those come with their own problems.
Even if you're prepared to make your own Linux distribution - If you're in the US, Europe, or much of the rest of the world, you're in the same legal situation as all the existing projects and risk criminal persecution for violating sanctions. Well, in theory at least, I haven't heard of many arrests or convictions actually happening because of open source software. If you want to gamble on it never actually happening then sure, go ahead.
As humans we like our agency, which makes it tempting to think of <any world problem> as something that can be solved by making mildly inconvenient lifestyle decisions, but unfortunately that's just not how things work at this scale. Solving this issue requires lifting the sanctions, which requires a successful left wing (or at least left leaning) political movement to happen in a large chunk of the world. It's perfectly fine to also make that lifestyle decision, but it's important to keep the bigger picture in mind.
Clarification edit: At the same thing, it's also important to see that the problem is happening, so signal boosting blog posts like this absolutely has value despite all of this.
- JumpDeleted
Permanently Deleted
Hooray to underspecified file formats.
From
patch(1):patch tries to skip any leading garbage, apply the diff, and then skip any trailing garbage. Thus you could feed an email message containing a diff listing to patch, and it should work.
From
git-am(1):The patch is expected to be inline, directly following the message. Any line that is of the form:
- three-dashes and end-of-line, or
- a line that begins with "diff -", or
- a line that begins with "Index: "
is taken as the beginning of a patch, and the commit log message is terminated before the first occurrence of such a line.
Ideally
git-amshould use a better file format, but I suppose the more realistic lesson now is to never have inline diffs in Commit messages. Only one out of four. Showtime, Totem and Light Video all use GStreamer.
I thought that was a solved problem on Linux. Is it the reluctance to use binary blobs?
Yes. For the same reason you also don't get firmware updates on Guix. Or Firefox.
I feel like it's actually not that hard... if you can tell what advice is bad and shouldn't be followed. Which I realize is a major catch-22 for new users.
My honest advice on Neovim (for everyone) is to do this:
environment.systemPackages = [ pkgs.neovim ];- Configure Neovim as you usually would (hand-written
init.lua, Lazyvim installer, whatever) - Ignore/Disable Meson and use shell.nix to get language servers and formatters instead (alternatively: enable nix-ld for Meson or Mise)
- Completely ignore all the wrapper garbage like
programs.neovim, nixvim, nvf, nixCats, and all the others
The last one is important. You can try all you want to make the garbage work and it eventually will, at least kinda, but IMHO the very idea of what they're trying to do is bad, ultimately making them a colossal waste of time.
I have less strong but overall similar feelings regarding Home Manager, those newly hyped wrapper managers and libraries, the "Dendritic Pattern", etc. The NixOS community loves coming up with novel ways to shoot themselves in the foot.
It does, that's the
home.fileescape hatch I mentioned. But then you end up paying 10-30 seconds eval for a "config" that looks like this:nix
{ home.file.".bashrc".source = ./bashrc; home.file.".bash_profile".source = ./bash_profile; xdg.configFile.nvim.source = ./nvim; xdg.configFile.sway.source = ./sway; # ... }I suppose there are fringe use cases where Nix attrset merging behaviour is useful, but in the average case I just don't see much value here.
Yeah that's a KDE classic. I think I had one KDE version a few years back that had no issues with my dock but it broke on a kernel update. Maybe it's not entirely fair to blame KDE but I never had the same issues on GNOME, Sway or Niri...
I'm admittedly not especially familiar with how law is practiced in the US but in my opinion trying to skirt the letter of the law while blatantly violating its intention is usually a bad idea. The more you piss off prosecutors and judges the more effort they will put into finding something to prosecute you over, and it also makes them more likely to push for the harshest fines/convictions that are legally possible.
Of course unfortunately a lot of the time the law is just bullshit, and this particular bill appears to have at least a few issues, but still...
For completeness sake, Cage isn't the only way to do this. Gamescope is another popular "kiosk compositor", notably used by the Steam Deck (in the "Deck mode"). And of course the same thing is possible with X window managers as well, Openbox seems to be a popular choice for X11 kiosks.