Be advised: this thread is not for serious in-depth discussion of weighty topics (we have a link for that), this thread is not for anything Culture War related. This thread is for Fun. You got jokes? Share 'em. You got silly questions? Ask 'em.
- 127
- 2
Jump in the discussion.
No email address required.
Notes -
Well, I've been switching back and forth between Windows 10 and Linux Mint for a few weeks now. Windows for work, and Linux for pleasure. I stopped trying to have steam share a steam library between both OS's. For one, Linux and Windows kept fighting over whether the linux or windows versions of the games should be installed. Second, I saw a lot of posts about how Linux eventually corrupts NTFS drives if you try to use them for anything other than simple data storage. So that's a thing I guess.
I've been playing Doom 2016 in Linux thanks to Proton, and it's pretty OK. Every now and again pulling up the menu tanks the framerate, but not consistently. Outside of that it runs fantastic. Because I'm a fucking nerd, I got some simple C programming with SDL set up, as well as a Rust dev environment because I decided I need to learn that. I hate it. It disagrees with all my sensibilities about "talking computer", and thus far I find it's constructs around "borrowing" references silly and contrived, especially in light of being able to assign unsafe sections of code that ignore it's memory safety rules. I guess it assumes you'll be responsible with that, but it feels like a half measure to me, and no replacement for actual skill. All the same, since I mostly work on government contracts, a day may come where it's a requirement.
Anyways, Linux seems like a super viable alternative to Windows these days thanks to Proton. If my work didn't require windows, I'd try to shift over to it entirely. But since a local instance of IIS is essential in my day to day work, that's incredibly unlikely.
lol, I'll put this in hardcore WoW terms: many imagine skill as being able to stylishly finesse your way out of thorny situations; anyone who's ever succeeded at this game mode knows the real skill is not getting yourself into bad situations in the first place. For example, Xaryu -- professional WoW streamer and many-time rank-1 PVP gladiator -- died in the harpy cave in an extremely stylish way. In his next run, did he learn how to super-skill the harpy cave even betterer? Well, yes, in the truly high-IQ way: he decided going in there was a terrible decision in the first place and he wouldn't do so this time. He hit 60 on that character.
This is the difference between a C++ developer mindset and a Rust developer mindset. It is the humility to accept that you are, in fact, not skilled enough to get it right all the time, so you should stop playing with fire in the first place.
I think that argument just isn't supported by the evidence of 40 years of computers more or less working just fine. People are skilled enough to just get it right enough of the time. I think arguments otherwise are just Rust fanatics pretending the history of computer can be broken up into Pre-Rust and Post-Rust eras.
The problem is that suddenly, thanks to the internet, literally every single line of code needs to become a hardened attack surface. "Exploits" didn't matter in a pre-internet age, and I also question how much Rust will really address them. I doubt at the end of the day a Windows written increasingly in Rust will prove more secure than a Windows written in C. I think Rust is necessitated more by the falling skill level of corporate programmers than anything else, and I also doubt it will remediate that problem. If anything treating Rust as a panacea for a lack of skill will only make the problems worse. Less buffer overflow exploits perhaps, still plenty of attack surface for malicious actors to abuse.
All that is an aside though to my dislike of Rust, which I'm only learning for professional reasons. I said it disagrees with my sensibilities about "talking computer", and let me elaborate on that.
I want to bit-fuck the hardware I paid for however I wish. I want to bend over my mechanical slave and force it to do my bidding without a single complaint. I have friends who gravitate towards LISP or Go, I gravitate towards assembly. I want to be at the metal with a big spiked club, with the CPU to afraid to talk back. Because I don't tolerate backtalk from my machines.
Just looking at the last 40 days of computers is enough to support "less" rather than "more". My favorite from quickly skimming reports from the last month or two would probably be Rsync contains six vulnerabilities: "When combined, the first two vulnerabilities (heap buffer overflow and information leak) allow a client to execute arbitrary code on a device that has an Rsync server running. The client requires only anonymous read-access to the server, such as public mirrors. Additionally, attackers can take control of a malicious server and read/write arbitrary files of any connected client. Sensitive data, such as SSH keys, can be extracted, and malicious code can be executed by overwriting files such as .bashrc or .popt"
The vulnerabilities are "present within versions 3.3.0 and below" of software that has been heavily used for nearly 30 years now. I'll agree with you that this is "thanks to the internet", but can we really call it "suddenly" now that the internet is four decades old, especially for cases like this where the software was specifically written to make use of the internet? I'm sympathetic with (and a perpetrator of) mistakes of the form "Joe writes a program that reads a file, and expects it to be used by very clever people reading only files that they and their personally-known friends/coworkers created, but then it becomes more popular and now every nescient email user who double-clicks strange attachments is one JoesInstaller away from putting a backdoor on their computer." But for web browsers, mass-market software, servers listening for arbitrary TCP connections, etc., surely there's a better solution to e.g. heap buffer overflows than expecting every software author to finally Git Gud.
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link