Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
So a few months ago I started dating. I love my girlfriend with all my heart, but something has been bothering me a bit. I can no longer easily do my day-to-day work. Whereas previously I would be productive at any time I want, now it's more of a "I can work whenever she wants to work". It's hard to balance and even harder to actually get to it.
Previously I would stay with her during the day, and then wake up in the night to do all the household chores, learn her language and if I can get to it, even improve some of my shitty code. Needless to say, she didn't like that I didn't sleep with her and it's not exactly healthy either - I barely slept at all.
How do you balance work/relationship without throwing sleep time in the mix? Both work and girlfriend are at home for me.11
I just installed Opera Mini on my PSP. That alone isn't very exciting on its own, although I am stoked that my website does in fact render on a device from 2009. With the helpful guidance of a laptop from 2004 that's doing the hotspot duties for this thing.
No, what really got me stoked is that Opera still supports these old platforms, and how small they managed to make it. The .jar file for Opera Mini 4.5 is ~800kB large. There's a .jad file as well but it's negligible in size and seems to be a signature of sorts.
Let that sink in for a moment. This entire web browser is 800kB. Firefox meanwhile consistently consumes 800 MEGABYTES.. in MEMORY. So then, I went to think for a moment, how on earth did they manage to cram an entire functioning web browser in 800kB? Hell, what makes up a web browser anyway?
The answer to that question I got to is as follows. You need an engine to render the web page you receive. You need a UI to make the browser look nice. And finally you need a certificate store to know which TLS certificates to trust. And while probably difficult to make, I think it should be possible to do in 800k. Seriously, think about it. How would you go *make* a web browser? Because I've already done that in the past.
Earlier I heard that you need graphics, audio, wasm, yada yada backends too.. no. Give your head a shake. Graphics are the responsibility of the graphics driver. A web browser shouldn't dabble with those at all. Audio, you connect to PulseAudio (in Linux at least) and you're done. Hell I don't even care about ALSA or OSS here. You just connect to the stuff that does that job for you. And WebAssembly.. God I could rant about that shit all day. How about making it a native application? Not like actual Assembly is used for BIOS and low-level drivers. And that we already have a better language for the more portable stuff called C.
Seriously, think about it. Opera - a reputable browser vendor - managed to do it in 800kB on a 12 year old device. Don't go full wank on your framework shit on the comments. And don't you fucking dare to tell me that there's more to it. They did it for crying out loud. Now you take a look at your shitpile for JS code and refactor that shit already. Thank you.21
For the last week or so I've been writing a userbot for Telegram. Completely from scratch, plus Telethon to not reinvent the wheel entirely. I'm coming from the codebase of an existing userbot.
That userbot is written by a good friend of mine, who makes 6 figures, and whom I respect greatly. However the code is a steaming pile of shit. Now that is not his fault, he largely inherited that code too, tried to fix it, failed, gave up.
I am reimplementing it entirely. I'm only looking at the modules, trying to understand them, and copying over the necessary bits and changing them where necessary. But I've come across some nasty shit.
Userbots often edit existing messages from real Telegram clients. They're kind of like a login to your account, but with a program rather than a regular client. You send a message from a real client, it sees it and does whatever it needs to, and edits your message to give you feedback. Which is great.
However, there's no need to do simple string edits by importing "re". So why do you? Because you're an idiot, that's why. The old bot is based on Paperplane, which in turn is based on Telethon. Why do I see function calls to Telethon in some places and Paperplane in others? Because you're an idiot, that's why. Why does the dig module fail to even give correct answers? Because you know nothing about the DNS, that's why. And you didn't learn about RRs before implementing it.
And don't you tell me that this code is shit, and this bot is slow only when I run it on a fucking Pentium. I run this shit on an i7 and CPU isn't even the issue - memory, disk and such are. If you had any clue whatsoever about efficiency, you would've known because it's blatantly obvious. There's a reason why my machines rarely go past 5% CPU utilization. It's the fastest component in the entire fucking system.
When users come and say.. hmm this application of yours, it consumes a lot of memory. It takes a long time to do X and Y and I don't quite understand why, it seems illogical. Then maybe you should go look at your code, like you would look at yourself in the mirror. And then you fucking go fix it so that I don't have to. You're an engineer just like I am. And I am not even a dev proper - I'm a sysadmin by trade. Why should I have to fix your shit for you?1
Yesterday I bought myself a PSP to relive some of my childhood memories, run custom firmware on it and so on. Unfortunately however, the battery on this one is seriously puffed up, and I need one in order to update the firmware from 5.50 CFW (the seller actually modded it too!) to 6.61 OFW (to then install CFW from there again).
I figured that I might as well have a kick at disassembling the battery for good measure, to take out its controller and power it from my lab bench power supply. I set it to 3.70V, double-checked the connections.. nothing. I raised the voltage to 4V, still nothing.
There is absolutely nothing wrong with the controller from looking at it. The magic smoke is still in there, all I did was removing the housing and snipping off the battery. I measured the cell voltage and it was only some residues at 0.01V. Might be internally shorted or something, normally even dead cells settle back at 3.7V unless you keep them shorted externally.
After seeing this so many times now with controllers, I'm starting to get a feeling that manufacturers actually program these things to look at the battery voltage, and when it reaches 0V, to just make the controller kill itself. Doesn't matter if the controller's electronics are still good, just fucking kill it.
If true, that is very, VERY nasty. It would also explain why batteries in laptops especially all have different form factors, despite having used regular 18650's internally for a very long time. It would explain why they're built like tanks. It would explain why manufacturers really don't want people in there. Yes there are safety issues and you're literally diffusing a bomb. Since recently we've also got space optimization.. anything for half a mm of thickness, amirite? But doing it this way is fucking disgusting. There is absolutely no reason for the controller to kill itself when the cell dies. Yet it seems like it does.
PS: I've posted the original picture on https://ghnou.su/pics/... now if you're interested. I noticed in my previous rant that devRant really squishes these down.12
I have this little hobby project going on for a while now, and I thought it's worth sharing. Now at first blush this might seem like just another screenshot with neofetch.. but this thing has quite the story to tell. This laptop is no less than 17 years old.
So, a Compaq nx7010, a business laptop from 2004. It has had plenty of software and hardware mods alike. Let's start with the software.
It's running run-off-the-mill Debian 9, with a custom kernel. The reason why it's running that version of Debian is because of bugs in the network driver (ipw2200) in Debian 10, causing it to disconnect after a day or so. Less of an issue in Debian 9, and seemingly fixed by upgrading the kernel to a custom one. And the kernel is actually one of the things where you can save heaps of space when you do it yourself. The kernel package itself is 8.4MB for this one. The headers are 7.4MB. The stock kernels on the other hand (4.19 at downstream revisions 9, 10 and 13) took up a whole GB of space combined. That is how much I've been able to remove, even from headless systems. The stock kernels are incredibly bloated for what they are.
Other than that, most of the data storage is done through NFS over WiFi, which is actually faster than what is inside this laptop (a CF card which I will get to later).
Now let's talk hardware. And at age 17, you can imagine that it has seen quite a bit of maintenance there. The easiest mod is probably the flash mod. These old laptops use IDE for storage rather than SATA. Now the nice thing about IDE is that it actually lives on to this very day, in CF cards. The pinout is exactly the same. So you can use passive IDE-CF adapters and plug in a CF card. Easy!
The next thing I want to talk about is the battery. And um.. why that one is a bad idea to mod. Finding replacements for such old hardware.. good luck with that. So your other option is something called recelling, where you disassemble the battery and, well, replace the cells. The problem is that those battery packs are built like tanks and the disassembly will likely result in a broken battery housing (which you'll still need). Also the controllers inside those battery packs are either too smart or too stupid to play nicely with new cells. On that laptop at least, the new cells still had a perceived capacity of the old ones, while obviously the voltage on the cells themselves didn't change at all. The laptop thought the batteries were done for, despite still being chock full of juice. Then I tried to recalibrate them in the BIOS and fried the battery controller. Do not try to recell the battery, unless you have a spare already. The controllers and battery housings are complete and utter dogshit.
Next up is the display backlight. Originally this laptop used to use a CCFL backlight, which is a tiny tube that is driven at around 2000 volts. To its controller go either 7, 6, 4 or 3 wires, which are all related and I will get to. Signs of it dying are redshift, and eventually it going out until you close the lid and open it up again. The reason for it is that the voltage required to keep that CCFL "excited" rises over time, beyond what the controller can do.
So, 7-pin configuration is 2x VCC (12V), 2x enable (on or off), 1x adjust (analog brightness), and 2x ground. 6-pin gets rid of 1 enable line. Those are the configurations you'll find in CCFL. Then came LED lighting which required much less power to run. So the 4-pin configuration gets rid of a VCC and a ground line. And finally you have the 3-pin configuration which gets rid of the adjust line, and you can just short it to the enable line.
There are some other mods but I'm running out of characters. Why am I telling you all this? The reason is that this laptop doesn't feel any different to use than the ThinkPad x220 and IdeaPad Y700 I have on my desk (with 6c12t, 32G of RAM, ~1TB of SSDs and 2TB HDDs). A hefty setup compared to a very dated one, yet they feel the same. It can do web browsing, I can chat on Telegram with it, and I can do programming on it. So, if you're looking for a hobby project, maybe some kind of restrictions on your hardware to spark that creativity that makes code better, I can highly recommend it. I think I'm almost done with this project, and it was heaps of fun :D13
I used to be a sysadmin and to some extent I still am. But I absolutely fucking hated the software I had to work with, despite server software having a focus on stability and rigid testing instead of new features *cough* bugs.
After ranting about the "do I really have to do everything myself?!" for long enough, I went ahead and did it. Problem is, the list of stuff to do is years upon years long. Off the top of my head, there's this Android application called DAVx5. It's a CalDAV / CardDAV client. Both of those are extensions to WebDAV which in turn is an extension of HTTP. Should be simple enough. Should be! I paid for that godforsaken piece of software, but don't you dare to delete a calendar entry. Don't you dare to update it in one place and expect it to push that change to another device. And despite "server errors" (the client is fucked, face it you piece of trash app!), just keep on trying, trying and trying some more. Error handling be damned! Notifications be damned! One week that piece of shit lasted for, on 2 Android phones. The Radicale server, that's still running. Both phones however are now out of sync and both of them are complaining about "400 I fucked up my request".
So yeah. I started writing my own implementations out of pure spite. Because I hated the industry so fucking much. And surprisingly, my software does tend to be lightweight and usually reasonably stable. I wonder why! Maybe it's because I care. Maybe people should care more often about their trade, rather than those filthy 6 figures. There's a reason why you're being paid that much. Writing a steaming pile of dogshit shouldn't be one of them.5
A few years ago I would whine, complain and rant about shitty software, which I knew could be so much better than it was. But I didn't yet write software of my own.
Now I complain about shitty libraries, API's and users. Not much has changed really. And every time I write code, I curse myself, and whoever made this trashpile I have to work with. I curse the user to the moon and beyond for using the program wrong. Funny thing is, exactly the thing I was complaining about (input validation, see earlier rant) is also exactly what no more than 5 minutes after release, a user fucked up with. The bot just does not respond at this point. But fuck these braindead retards for users.
In a few years I expect myself to be complaining about shitty compilers and buffer overflows, segmentation violations, bad coding style (don't make your program a fucking colander kthx), and so on.
Next decade I expect myself to be complaining about physics itself, and why the universe is governed by the laws it's governed by. Whoever this God is, he's a fucking retard. Funny thing is, the signs for it are already there. Electron theory! If only those electrons were positrons, then the math would check out properly. Instead of negative electrons traveling from negative to positive, we'd have positive positrons traveling from positive to negative. At least from what I understand so far, this is still a decade away after all.
The point I'm trying to make is that nothing changes, only my understanding of the world around me does, as I tumble further and further down the rabbit hole. Sometimes I wish I had taken the blue pill... Either complain about others' software or perhaps not give a shit at all. Become one of those filthy users I now despise.1
For several years now, I have been writing programs for myself. I have been publishing the source code for them, but none of them ever got much traction. Then I wrote a program that existing users on social media could just interact with without installation (because even that is too much apparently).
When I wrote the programs for myself with others secondary, I had logic problems to solve and dealt with fucked up API's. Now I still have that problem, but I also have to deal with user retardation. They are not using the program in the way I wrote it to be used, at all. They are not passing arguments where there should be, they are running commands that are still under development and therefore (rightfully IMO) available to only me. I am the one being blamed, why doesn't this thing work?
I'd like to rephrase their question to me. Why are you user not using the goddamn program properly? Why should I need to make half the goddamn code account for users' sheer level of retardation?
Yes, users are retarded. And it's not a battle we can win. Earlier I heard this saying that "every time you make your tools more foolproof, the universe invents a better fool".7
During the last couple of days, I got to hear quite a horrible story...
So we start at the beginning, where I have a dev-related chat with some other strangers on the internet. One of them was working on a custom protocol implementation with an API to go with it, written in Python. There were plans to migrate the codebase to another language like Rust in the long term. So the project seemed to be going well.
Another guy and the main subject of this chimed in on various of our messages, and long story short - he uses Express.js for everything he does, and he doesn't know jack shit on what he's talking about. Yet he still does.
Later we got the delight to hear that he had beaten up his mother, and that she's now in the hospital because of it, with broken arms, hands, fingers and severe bleeding. Yet he has the audacity to complain about his sore throat, caused by all his shouting. He refuses to seek any help, or to take medicines he's been given. This has been going on for several days now.
As much as I hate to even think about it, these too are "developers". I too have skeletons in my closet, but goddamn.. that these people even exist. The very idea that you may be talking to them every day. It disgusts me.17
!dev && rant
Looking for a song's lyrics... A very complicated task apparently. Blinding Lights by The Weeknd for whoever's interested.
Firefox: just one small thing to keep going, sorry we just updated our CA certs again. Screw you, close the browser. I will not restart it for you but I will tell you that I would. When you restart the browser, you will lose whatever search you were just doing. Sucks for you bastard! Enjoy the update.
Next one, AZ Lyrics: Yeah sorry your IP is from a hosting provider, but we will not tell you that is the reason. You've just been denied access to the site. See you next time! Everyone using a VPS to make a VPN connection with is obviously an abuser after all.
Finally found the lyrics on lyrics.com after a long journey that was way more complicated than it should've been. It's a good song.
Oh and Firefox consumed well over a GB for just a single tab of course...
I want Gopher, BBS, IRC and the likes back.4
I uh.. I may or may not have just spent the last hour or so disassembling my headphones, only to find that there's batteries inside and the earcups just clip off.
Always do the easiest thing first...8
I was just thinking about disabling something, already forgot what it was that I was gonna disable though.. doesn't matter. And I realized that if I wanted to play my "disabled card", I could totally get Americans to ban that word entirely.
Cancel culture you say? Those cancel buttons are offensive to me! Get them out of my face reeee!
Command line? You're telling this thing what to do?! sudo make sandwich, so sexist!!!
Police reforms are so overrated. Let's ban words like master/slave or blacklist/whitelist or blind playthrough instead. And put our knees on another black person, shoot another in their sleep, and let said police officers get away with it. Yee haw!
And storm the Capitol apparently. It's been a while now but Europe looked across the pond in complete and utter surprise and disbelief. You call yourselves a free nation America?
Oh yeah, and ban words globally, in globally used software. I must've forgotten.. yeah, the world is nothing but America, oil fields, parking space and third world shitholes. Good thinking there.
With enough effort you can make anything offensive. And it goes to show that offense is not given but taken.
Fun fact btw: the United States is ranked 121 in the Global Peace Index (http://statisticstimes.com/ranking/...) - and that doesn't even include the Capitol's insurrection yet. Belgium is ranked 17. Tell me more about how I'm racist Americans. Tell me about it when your president literally called Belgium a hellhole over the amount of immigrants he saw in Brussels.14
Last night I had a very strange dream. I should point out in advance, all of this is fictional and none of it really happened.
I was looking at an answer I posted on Stack Exchange.. for the sake of argument, let's say it was Super User. I remember the question being about volume limiting, which is actually an issue I and many other iOS 14.2/14.3 users have been facing in the last few months. Apparently it has been partially addressed in 14.4.
In the real world I fixed the issue by jailbreaking the phone and unloading the healthd service, while in the dream that was the answer I had documented on Super User. In reality I have documented it in several other places, but not there.
Fast-forward a couple of days in the dream where the answer was posted, and I was now looking at a reply. I don't remember the exact details of it, but apparently in the answer I had posted something about my network.. a screenshot from the iPhone? And the comment on it basically said something along the lines of "your answer is shit, and you probably have a very basic internet connection with default settings". I was really upset by that, as my network is actually quite advanced (on account of being a sysadmin).
Then I woke up and realized that it was all just a dream...4
iPhones are ridiculously picky when it comes to finding a mate- um charger. And knowing why doesn't really make it any easier to understand why. If anything it baffles me more.
So, let's start with appliances that are not phones. Think Bluetooth headsets, keyboards, earbuds, whatever. Those are simple devices. They see 5V on the VCC line and 0V on ground, and they will charge at whatever current they are meant to. Usually it will not exceed 200mA, and the USB 2.0 spec allows for up to 500mA from any USB outlet. So that's perfectly reasonable to be done without any fuss whatsoever.
Phones on the other hand are smarter.. some might say too smart for their own good. In this case I will only cover Android phones, because while they are smarter than they perhaps should be, they are still reasonable.
So if you connect an Android phone to the same 5V VCC and 0V ground, while leaving the data lines floating, the phone will charge at 500mA. This is exactly to be within USB 2.0 spec, as mentioned earlier. Without the data lines, the phone has no way to tell whether it *can* pull more, without *actually* trying to pull more (potentially frying a charger that's not rated for it). Now in an Android phone you can tell it to pull more, in a fairly straightforward way. You just short the data lines together, and the phone will recognize this as a simple charger that it can pull 1A from. Note that shorting data lines is not a bad thing, we do it all the time. It is just another term for making a connection between 2 points. Android does this right. Also note that shorted data lines cannot be used to send data. They are inherently pulled to the same voltage level, probably 0V but not sure.
And then the iPhones come in, Thinking Different. The iPhones require you to pull the data lines to some very specific voltage levels. And of course it's terribly documented because iSheep just trying to use their Apple original white nugget charger overseas and shit like that. I do not know which voltage levels they are (please let me know!), but it is certainly not a regular short. Now you connect the iPhone to, say, a laptop or something to charge. An Android phone would just charge while keeping data transmission disabled (because they can be left floating or shorted). This is for security reasons mostly, preventing e.g. a malicious computer from messing with it. An iPhone needs to be unlocked to just charge the damn thing. I'm fairly sure that that's because the data lines need to be pulled up, which could in theory enable a malicious computer to still get some information in or out of it. USB data transmission works at at least 200mV difference between the data lines. It could be more than that. So you need to unlock it.
Apple, how about you just short your goddamn data lines too like everyone else? And while you're at it, get rid of this Lightning connector. I get it, micro USB was too hard for your users. I guess they are blind pigs after all. But USB-C solved all of that and more. The only difference I can think of is that the Lightning connector can be a single board with pads on either side on the connector, while in USB-C that could be at the socket end (socket being less common to be replaced). And at the end of the day, that really doesn't matter with all the other things that will break first.
Think Different. Think Retarded. Such tiny batteries and you can't even fucking charge them properly.6
Just mirrored sudo to my own Gitea instance yesterday (https://git.ghnou.su/mir/sudo). Turns out that this chonkster is 200MB compressed (LZ4 on ZFS). I am baffled by it... All it needs to do is reading a configuration file describing what users can be elevated, to which user and which commands they can run. Perhaps doas wasn't a bad idea after all?
Oh and it got a privilege escalation vulnerability just yesterday (https://security-tracker.debian.org/...), which is why I got interested in it. Update your sudo packages if you haven't already.11
I'm looking at old code that I wrote around half a year ago, and noticed that my coding style changed over time (relying more on arguments to pass messages between commands and functions, rather than sourcing the result of a command). I feel like this old code isn't truly mine anymore. It's thousands upon thousands of lines of code though... Given that, would you rewrite it or just move along with the existing design? I mean in my opinion the current code really sucks.4
I just tried to sign up to Instagram. I made a big mistake.
First up with Facebook related stuff is data. Data, data and more data. Initially when you sign up (with a new account, not login with Facebook) you're asked your real name, email address and phone number. And finally the username you'd like to have on the service. I gave them a phone number that I actually own, that is in my iPhone, my daily driver right now (and yes I have 3 Androids which all run custom ROMs, hold your keyboards). The email address is a usual for me, instagram at my domain. I am a postmaster after all, and my mail server is a catch-all one. For a setup like that, this is perfectly reasonable. And here it's no different, devrant at my domain. On Facebook even, I use fb at my domain. I'm sure you're starting to see a pattern here. And on Facebook the username, real name and email domain are actually the same.
So I signed up, with - as far as I'm aware - perfectly valid data. I submitted the data and was told that someone at Instagram will review the data within 24 hours. That's already pretty dystopian to me. It is now how you block bots. It is not how Facebook does it either, at least since last time I checked. But whatever. You'd imagine that regardless of the result, they'd let you know. Cool, you're in, or sorry, you're rejected and here's why. Nope.
Fast-forward to today when I recalled that I wanted to sign up to Instagram to see my girlfriend's pictures. So I opened Chromium again that I already use only for the rancid Facebook shit.. and it was rejected. Apparently the mere act of signing up is a Terms of Service violation. I have read them. I do not know which section I have violated with the heinous act of signing up. But I do have a hunch.
Many times now have I been told by ignorant organizations that I would be "stealing" their intellectual property, or business assets or whatever, just because I sent them an email from their name on my domain. It is fucking retarded. That is MY domain, not yours. Learn how email works before you go educate a postmaster. Always funny to tell them how that works. But I think that in this case, that is what happened.
So I appealed it, using a random link to something on Instagram's help section from a third-party blog. You know it's good when the third-party random blog is better. But I found the form and filled it in. Same shit all over again for info, prefilling be damned I guess. Minor convenience though, whatever.
I get sent an email in German, because apparently browsing through a VPS in Germany acting as a VPN means you're German. Whatever... After translating it, I found that it asks me to upload a picture of myself, holding a paper in my hands, on which I would have a confirmation code, my username, and my email address.. all hand-written. It must not be too dark, it must be clear, it must be in JPEG.. look, I just wanted to fucking sign up.
I sent them an email back asking them to fix all of this. While I was writing it and this rant, I thought to myself that they can shove that piece of paper up their ass. In fact I would gladly do it for them.
Long story short, do not use Instagram. And one final thing I have gripes with every time. You are not being told all the data you'll have to present from the get-go. You're not being told the process. Initially I thought it'd just be email, phone, username, and real name. Once signed up (instantly, not within 24 hours!) I would start setting up my account and adding a profile picture. The right way to ask for a picture of me! And just do it at my own pace, as I please.
And for God's sake, tackle abuse when it actually happens. You'll find out who's a bot and who isn't by their usage patterns soon enough. Do not do any of this at sign-up. Or hell, use a CAPTCHA or whatever, I don't fucking care. There's so many millions of ways to skin this cat.
Facebook and especially Instagram. Both of them are fucking retarded.8
After my previous rant (https://devrant.com/rants/3836329) I wondered what it would take to build a very basic web browser. So I went ahead and wrote (read: kanged) one. You can find its source code at https://git.ghnou.su/ghnou/browser. The code is a single file and is 57 lines long, 29 if you disregard the copyright notice.
This is obviously satire, but it goes to show how easy it can be. Of course people would just import a library if they could. All the hard work has already been done after all.8
Chrome, Firefox, and yes even you Opera, Falkon, Midori and Luakit. We need to talk, and all readers should grab a seat and prepare for some reality checks when their favorite web browsers are in this list.
I've tried literally all of them, in search for a lightweight (read: not ridiculously bloated) web browser. None of them fit the bill.
Yes Midori, you get a couple of bonus points for being the most lightweight. Luakit however.. as much as I like vim in my terminal, I do not want it in a graphical application. Not to mention that just like all the others you just use webkit2gtk, and therefore are just as bloated as all the others. Lightweight my ass! But programmable with Lua, woo! Not like Selenium, Chrome headless, ... does that for any browser. And that's it for the unique features as far as I'm concerned. One is slow, single-threaded and lightweight-ish (Midori) and another has vim keybindings in an application that shouldn't (Luakit).
Pretty much all of them use webkit2gtk as their engine, and pretty much all of them launch a separate process for each tab. People say this is more secure, but I have serious doubts about that. You're still running all these processes as the same user, and they all have full access to the X server they run under (this is also a criticism against user separation on a single X session in general). The only thing it protects against is a website crashing the browser, where only that tab and its process would go down. Which.. you know.. should a webpage even be able to do that?
But what annoys me the most is the sheer amount of memory that all of these take. With all due respect all of you browsers, I am not quite prepared to give 8 fucking gigabytes - half the memory in this whole box! - just for a dozen or so tabs. I shouldn't have to move my web browser to another lesser used 16GB box, just to prevent this one from going into fucking swap from a dozen tabs. And before someone has a go at the add-ons, there's 4 installed and that's it. None of them are even close to this complete and utter memory clusterfuck. It's the process separation. Each process consumes half a GB of memory, and there's around a dozen of them in a usual browsing session. THAT is the real problem. And I want to get rid of it.
Browsers are at their pinnacle of fucked up in my opinion, literally to the point where I'm seriously considering elinks. Being a sysadmin, I already live my daily life in terminals anyway. As such I also do have resources. But because of that I also associate every process with its cost to run it, in terms of resources required. Web browsers are easily at the top of the list.
I want to put 8GB into perspective. You can store nearly 2 entire DVD movies in that memory. However media players used to play them (such as SMPlayer) obviously don't do that. They use 60-80MB on average to play the whole movie. They also require far less processing power than YouTube in a web browser does, even when you download that exact same video with youtube-dl (either streamed within the media player or externally). That is what an application should be.
Imagine your text editor being as bloated as a web browser. Imagine it being prone to crashing tabs like a web browser. Imagine it being so ridiculously slow to get anything done in your productivity suite. But it's just the usual with web browsers, isn't it? Maybe Gopher wasn't such a bad idea after all... Oh and give me another update where I have to restart the browser when I commit the heinous act of opening another tab, just because you had to update your fucking CA certs again. Yes please!27
Recently in a project of mine people started to raise tons of issues and suggesting fixes "just slap this module on it", "just do this", "just do that". And no respect for the project whatsoever. Code contributions? Don't even think about it.
The users raising these do not know what language the project is written in, they do not know whether it supports modules at all (let alone that particular one), and they have no idea whatsoever what the code is like, or how this suggestion 99% of the time would not at all integrate with the overall structure of the project. And aside from all that, don't fucking tell me what to do with my project!
My question is, how do you deal with these people? All I can think of is "wontfix™️" or even "cantfix™️" in some cases. Given that this is an endless slew of users, anything long-term?1
Right.. I spent the hours leading up to the year change by adding a YouTube to MP3 downloader into my Telegram bot. After a bit of fiddling it turned out okay, and the commit for it was mentioned to the last for the year 2020.
I mentioned this in one of my chats, and users came in with more issues. Told them it's the last commit for the year and I'll keep myself to it. I did adjust the code a bit though to fix those issues, awaiting a commit after midnight.
Midnight passes and 2020 turns into 2021.
I commit the new features, and quickly implemented another one I already thought of as well, but needed its own commit.
Quickly afterwards it turns out that the /mp3 feature actually breaks the bot somewhat, especially on long tracks. Users add a slew of 10h songs into what essentially became a long queue of single-threaded bot action (or rather lack thereof).
I made the /mp3 command accessible to myself only like I did with some other administrative commands already. Still no dice, the bot rejected the commands but executed part of the /mp3 command anyway.
I look a bit further into the code and it turns out that while I was restructuring some functions, I forgot to make the admin() function exit the script after it sends the rejection onwards. This was a serious security issue and meant that all authentication was void. Fortunately the chat did not realize this - one of the commands that became available as a result was literally a terminal on the bot's system.
I fix the issue in 7 commits after midnight total, 3 of which were related to /mp3 and admin(). We're now 1 hour after midnight.
Happy New Year everyone... :')6
Good question, what wasn't bad about 2020?
As far as good things go.. well, COVID-19 actually. Back in February the lockdown began in Belgium, and while many people got bored out of their minds, I actually became a lot more productive. So many projects started back then, and I got a lot better at programming because of it. Now I can confidently write most bash stuff without ever looking anything up. And the code is maintainable, on account of putting everything into functions. You can literally navigate the code just by looking at it. On older code I always had issues with that.
I'm very glad that essential travel even back then wasn't really restricted. Because my bank is retarded about online banking, I have to go to the bank every so often to check my balance. At the time I tended to do that late in the evening, when nobody else was outside and I had the entire town to myself. That was one of the travels considered essential. So I kept doing it and made that my biweekly walk. I really enjoyed that. Gets your mind off things.
Bad things would be the utter stupidity that the general public had shown me during that pandemic. Burning down 5G antennas and not even getting the right ones, toilet paper, 5G death beams in street lamps?! They even sent death threats to telco workers over sensationalist bullshit from what IIRC was just a random Twitch streamer. Those people should just fucking kill themselves, choke yourselves in that pile of toilet paper you got yourself and then called yourself financially challenged. You braindead fucking retards!
Another dev-related thing is the normalization of SJW terminology. Now even "blind playthrough" gets your ass banned on Twitch. I saw a tweet about a Twitch employee (I think) proudly saying that they implemented it. Most upvoted comment on it was from a blind person, asking why they did this and not made the Twitch app more friendly to use for blind users. They too thought this was bullshit. Yet it still got added in, and more and more people are starting to think that "this is fine". Hell even that "this is necessary".
What annoys me the most is that this mostly comes from the US, where around that time they laid their knee on George Floyd, and didn't fix their legal system at all. As a European it baffles me since we have many immigrants here (the Drumpf even called Belgium a hellhole over it) and we just don't give a shit about whether or not they are "truly Belgian". We just let them live their daily lives like everyone else. Imagine just not giving a shit. Imagine not bothering them, not with racism, not with reverse racism, not with anything. Just let them do their thing and that's it. Yet despite Belgium being one of the most inclusive countries in the fucking world, I still got called a racist many times for asking.. why did you implement this? Why this, and not tackling the problem at its actual and pretty fucking obvious core?
So all in all I can only hope that 2021 will get a little bit better. But that's the same thing I said in 2019, and it didn't quite come true.14
So I just spent the last few hours trying to get an intro of given Wikipedia articles into my Telegram bot. It turns out that Wikipedia does have an API! But unfortunately it's born as a retard.
First I looked at https://www.mediawiki.org/wiki/API and almost thought that that was a Wikipedia article about API's. I almost skipped right over it on the search results (and it turns out that I should've). Upon opening and reading that, I found a shitload of endpoints that frankly I didn't give a shit about. Come on Wikipedia, just give me the fucking data to read out.
Ctrl-F in that page and I find a tiny little link to https://mediawiki.org/wiki/... which is basically what I needed. There's an example that.. gets the data in XML form. Because JSON is clearly too much to ask for. Are you fucking braindead Wikipedia? If my application was able to parse XML/HTML/whatevers, that would be called a browser. With all due respect but I'm not gonna embed a fucking web browser in a bot. I'll leave that to the Electron "devs" that prefer raping my RAM instead.
OK so after that I found on third-party documentation (always a good sign when that's more useful, isn't it) that it does support JSON. Retardpedia just doesn't use it by default. In fact in the example query that was a parameter that wasn't even in there. Not including something crucial like that surely is a good way to let people know the feature is there. Massive kudos to you Wikipedia.. but not really. But a parameter that was in there - for fucking CORS - that was in there by default and broke the whole goddamn thing unless I REMOVED it. Yeah because CORS is so useful in a goddamn fucking API.
So I finally get to a functioning JSON response, now all that's left is parsing it. Again, I only care about the content on the page. So I curl the endpoint and trim off the bits I don't need with jq... I was left with this monstrosity.
curl "https://en.wikipedia.org/w/api.php/...=*" | jq -r '.query.pages.revisions.slots.main.content'
Just how far can you nest your JSON Wikipedia? Are you trying to find the limits of jq or something here?!
And THEN.. as an icing on the cake, the result doesn't quite look like JSON, nor does it really look like XML, but it has elements of both. I had no idea what to make of this, especially before I had a chance to look at the exact structured output of that command above (if you just pipe into jq without arguments it's much less readable).
Then a friend of mine mentioned Wikitext. Turns out that Wikipedia's API is not only retarded, even the goddamn output is. What the fuck is Wikitext even? It's the Apple of wikis apparently. Only Wikipedia uses it.
And apparently I'm not the only one who found Wikipedia's API.. irritating to say the least. See e.g. https://utcc.utoronto.ca/~cks/...
Needless to say, my bot will not be getting Wikipedia integration at this point. I've seen enough. How about you make your API not retarded first Wikipedia? And hopefully this rant saves someone else the time required to wade through this clusterfuck.12
24th, Christmas: BIND slaves decide to suddenly stop accepting zone transfers from the master. Half a day of raging and I still couldn't figure out why. dig axfr works fine, but the slaves refuse a zone update according to tcpdump logs.
25th, 2nd day: A server decides to go down and take half my network with it. Turns out that a Python script managed to crash the goddamn kernel.
Thank you very much technology for making the Christmas days just a little bit better ❤️
At least I didn't have anything to do during either days, because of the COVID-19 pandemic. And to be fair, I did manage to make a Telegram bot with fancy webhooks and whatnot in 5MB of memory and 18MB of storage. Maybe I should just write the whole thing and make another sacred temple where shitty code gets beaten the fuck out of the system. Terry must've been onto something...5
No need to think small when you have eternity to work with. Right now I am building a network operating system, something I've started around 2 years ago. I expect to have an installable and more or less usable system in maybe a few more years.
When I would have an eternity to work with, I'd first look to make our planet redundant. It's insane to imagine that we only have this blue marble to work with, while we have a fireball of hell as a neighbor in our cosmic neighborhood. What even happened there? I'd like to find out. Granted Musk is already figuring out Mars, and he has the money for it while I don't. I don't like the man all that much (too much marketing wank) but hey, at least he's got us covered there.
Maybe one day we could live forever. Maybe we could map and upload our minds. Maybe we could replace our entire body with synthetic components when the frail meat-based components inevitably fail. Perhaps it could even happen in our lifetime, at the pace technology is progressing at. If and when that happens, sign me up!2
Last Monday I bought an iPhone as a little music player, and just to see how iOS works or doesn't work.. which arguments against Apple are valid, which aren't etc. And at a price point of €60 for a secondhand SE I figured, why not. And needless to say I've jailbroken it shortly after.
Initially setting up the iPhone when coming from fairly unrestricted Android ended up being quite a chore. I just wanted to use this thing as a music player, so how would you do it..?
Well you first have to set up the phone, iCloud account and whatnot, yada yada... Asks for an email address and flat out rejects your email address if it's got "apple" in it, catch-all email servers be damned I guess. So I chose ishit at my domain instead, much better. Address information for billing.. just bullshit that, give it some nulls. Phone number.. well I guess I could just give it a secondary SIM card's number.
So now the phone has been set up, more or less. To get music on it was quite a maze solving experience in its own right. There's some stuff about it on the Debian and Arch Wikis but it's fairly outdated. From the iPhone itself you can install VLC and use its app directory, which I'll get back to later. Then from e.g. Safari, download any music file.. which it downloads to iCloud.. Think Different I guess. Go to your iCloud and pull it into the iPhone for real this time. Now you can share the file to your VLC app, at which point it initializes a database for that particular app.
The databases / app storage can be considered equivalent to the /data directories for applications in Android, minus /sdcard. There is little to no shared storage between apps, most stuff works through sharing from one app to another.
Now you can connect the iPhone to your computer and see a mount point for your pictures, and one for your documents. In that documents mount point, there are directories for each app, which you can just drag files into. For some reason the AFC protocol just hangs up when you try to delete files from your computer however... Think Different?
Anyway, the music has been put on it. Such features, what a nugget! It's less bad than I thought, but still pretty fucked up.
At that point I was fairly dejected and that didn't get better with an update from iOS 14.1 to iOS 14.3. Turns out that Apple in its nannying galore now turns down the volume to 50% every half an hour or so, "for hearing safety" and "EU regulations" that don't exist. Saying that I was fuming and wanting to smack this piece of shit into the wall would be an understatement. And even among the iSheep, I found very few people that thought this is fine. Though despite all that, there were still some. I have no idea what it would take to make those people finally reconsider.. maybe Tim Cook himself shoving an iPhone up their ass, or maybe they'd be honored that Tim Cook noticed them even then... But I digress.
And then, then it really started to take off because I finally ended up jailbreaking the thing. Many people think that it's only third-party apps, but that is far from true. It is equivalent to rooting, and you do get access to a Unix root account by doing it. The way you do it is usually a bootkit, which in a desktop's ring model would be a negative ring. The access level is extremely high.
So you can root it, great. What use is that in a locked down system where there's nothing available..? Aha, that's where the next thing comes in, 2 actually. Cydia has an OpenSSH server in it, and it just binds to port 22 and supports all of OpenSSH's known goodness. All of it, I'm using ed25519 keys and a CA to log into my phone! Fuck yea boi, what a nugget! This is better than Android even! And it doesn't end there.. there's a second thing it has up its sleeve. This thing has an apt package manager in it, which is easily equivalent to what Termux offers, at the system level! You can install not just common CLI applications, but even graphical apps from Cydia over the network!
Without a jailbreak, I would say that iOS is pretty fucking terrible and if you care about modding, you shouldn't use it. But jailbroken, fufu.. this thing trades many blows with Android in the modding scene. I've said it before, but what a nugget!8
So I just had a bit of a shower thought. Suppose you could get the linguists to break a language down and define all the rules that make up that language as if it were a protocol - exceptions included. If you get an arbitrary string of text, could you match against those rules, then break that down to the information it contains, and use that information against a new rule set to construct a new valid sentence containing the same information. Would you just have made the ultimate translator?16
So I just saw a post on Facebook about a "Serverless Function as a Service on Kubernetes". Could someone give me eye bleach please?
I really can't wait after Scoped Storage and how goddamn slow it is, to have a "glorified microservice" take 5 minutes to spin up a container, just to do something silly like printing a hello world. In the post it was apparently showing a QR code.. that's it. A fucking QR code, because remember it's just a function.
A whole fucking operating system that goes up and back down, just to run a goddamn fucking function!!!9
So I bought a gaming laptop a while back, and Cyberpunk 2077 binaries got leaked a few days ago... So I wanted to play it, kinda. It looks really good from the screenshots. Friend asks me "what CPU / GPU do you have"?
My gaming laptop is a Y700 so an i7-6700HQ and a GTX 960M. Turns out that even at low settings this thing probably won't pull even 30 FPS.
So even with a gaming laptop, you don't get to do any gaming. 10/10 would buy again! I'll enjoy Super Mario because imagine caring about gameplay rather than stunning graphics that you need tomorrow's hardware for, and buy it yesterday! And have it already obsolete today.
Long story short, I kinda hate the gaming scene. I'm not a gamer either by any means. Even this laptop just runs Linux and I bought it mostly because some of its hardware is better than my x220's. Are gamers expected to spring the money for the latest and greatest nugget every other month? When such a CPU and GPU alone would already cost most people's entire monthly wage?
What's the point of having a game that nobody can play? Even my friends' desktop hardware which is quite a bit better still - it only pulls 45 FPS according to him. Seriously, what's the point?13
Let's talk a bit about CA-based SSH and TOFU, because this is really why I hate the guts out of how SSH works by default (TOFU) and why I'm amazed that so few people even know about certificate-based SSH.
So for a while now I've been ogling CA-based SSH to solve the issues with key distribution and replacement. Because SSH does 2-way verification, this is relevant to both the host key (which changes on e.g. reinstallation) and user keys (ever replaced one? Yeah that's the problem).
So in my own network I've signed all my devices' host keys a few days ago (user keys will come later). And it works great! Except... Because I wanted to "do it right straight away" I signed only the ED25519 keys on each host, because IMO that's what all the keys should be using. My user keys use it, and among others the host keys use it too. But not by default, which brings me back to this error message.
If you look closely you'd find that the host key did not actually change. That host hasn't been replaced. What has been replaced however is the key this client got initially (i.e. TOFU at work) and the key it's being presented now. The key it's comparing against is ECDSA, which is one of the host key types you'd find in /etc/ssh. But RSA is the default for user keys so God knows why that one is being served... Anyway, the SSH servers apparently prefer signed keys, so what is being served now is an ED25519 key. And TOFU breaks and generates this atrocity of a warning.
This is peak TOFU at its worst really, and with the CA now replacing it I can't help but think that this is TOFU's last scream into the void, a climax of how terrible it is. Use CA's everyone, it's so much better than this default dumpster fire doing its thing.
PS: yes I know how to solve it. Remove .ssh/known_hosts and put the CA as a known host there instead. This is just to illustrate a point.
Also if you're interested in learning about CA-based SSH, check out https://ibug.io/blog/2019/... and https://dmuth.org/ssh-at-scale-cas-... - these really helped me out when I started deploying the CA-based authentication model.19