<samueldr>
DigitalKiwi: you can shift click a range to better show context :)
<DigitalKiwi>
but yeah i'm a die hard vim user so evil mode and doom-emacs is my goto for when i want more than vim (which i still use for the vast majority of tasks) so i use emacs for like...haskell :P
<DigitalKiwi>
samueldr: it's not working for me am i doing it wrong
<samueldr>
DigitalKiwi: first click not shifted, second click shifted?
<samueldr>
just tested and if you kept shift down it indeed doesn't work
<DigitalKiwi>
yes i tried that
<DigitalKiwi>
firefox?
<samueldr>
firefox and chrome
<samueldr>
weird
<DigitalKiwi>
works in chrome
MichaelRaskin has quit [Quit: MichaelRaskin]
<cole-h>
elvishjerricco: I use doom-emacs because it integrates really well with evil (vim-ish bindings)
<cole-h>
It is pretty dang good
cole-h has quit [Quit: Goodbye]
parsley936 has joined #nixos-chat
Gaelan has joined #nixos-chat
FRidh has joined #nixos-chat
__monty__ has joined #nixos-chat
parsley936 has quit [Remote host closed the connection]
parsley936 has joined #nixos-chat
<eyJhb>
Damn NVidia GeForce NOW works well
<eyJhb>
Would be nice with it on Linux
kiwiirc has joined #nixos-chat
<eyJhb>
I might end up with a "tmpfs" FS like gchristensen has. tmpfs uses my precious ram
<kiwiirc>
i have a system with ram to spare and it's lonely
<__monty__>
eyJhb meant a non-tmpfs setup I think. Afair gchristensen uses disk-backed tmp which is reset to a snapshot on every boot?
<philipp[m]>
I think it's just a tmpfs and a recreation of all the folders needed on boot. At least that's what I did one time.
<philipp[m]>
And then I had all the stuff I wanted to keep on separate volumes. Thing is: Didn't really use much additional ram with that setup because temporary data tended to be not much.
<gchristensen>
my system uses a ZFS dataset for /, and it gets rolled back to an empty snapshot on every boot
<kiwiirc>
how's zfs on linux/nix? i only know it from freebsd (where i'm coming from)
<gchristensen>
pretty great
<kiwiirc>
i've heard that. seems like a good time to make the switch
<kiwiirc>
also systemd having cool down time
<philipp[m]>
Freebsd is actually switching their implementation to the linux one.
<gchristensen>
yeah, ZoL's repo is now the main openzfs repo
<kiwiirc>
linux eating the world and systemd eating linux, but what's eating systemd?
<kiwiirc>
nix?
<gchristensen>
systemd is eating Nix :)
<kiwiirc>
i was afraid of that when i was thinking about it last night heh
<aanderse>
:)
<kiwiirc>
do you think eventually systemd will grow to the point that nixos will be redundant?
<philipp[m]>
systemd-packagemanagerd?
<gchristensen>
not really, but systemd is covering a lot of ground in terms of declarative system configuration -- and NixOS could be a bit of a thin wrapper on that. but, systemd doesn't have Nix and Nix is a bit of a crown jewel
<aanderse>
kiwiirc: while many things in systemd are declarative a number of those things are less than reproducible
<gchristensen>
aanderse++
<{^_^}>
aanderse was put on Santa's "nice" list
<kiwiirc>
maybe a nixlang 2 based on something like dhall could be the inflection point where nix and systemd merge?
<aanderse>
kiwiirc: i hope that doesn't happen... because then no other distro would have any reason to exist ;-) lol
<kiwiirc>
i'm sure there would be, they'd just all be nixlang 2 config sets or smth
<philipp[m]>
Weeell... lts?
<kiwiirc>
then linux would become a complete OS not just a kernel. could be wild
<kiwiirc>
actually makes me kinda hard
<FRidh>
Ughh packaging a python package here...suddenly it says it wants to download bazel...yikes. There goes my day...
<philipp[m]>
nix+linux?
<bkv>
kiwiirc: you want a nix merged with systemd? God, that's nightmare fuel for me
<bkv>
I want a systemd-free nix
<bkv>
But I have no time to make one, anymore
<jtojnar>
aiming for software singularity
<kiwiirc>
not saying i want that just saying i can see that path and think that's pretty much reality
<kiwiirc>
ya
<kiwiirc>
im perfectly happy using init scripts in fbsd but systemd is what linux chose for better or worse
<kiwiirc>
and since it's cancer that never stops growing, only makes sense it'll take over config mgmt and nix is the perfect prior art to use
<kiwiirc>
maybe like i said with a nixlang 2 a bit more strict like dhall
<jtojnar>
or maybe Singularity will arrive sooner
<philipp[m]>
We'll just rewrite a few hardware drivers in elisp and use emacsOS.
<adisbladi>
NinjaTrappeur: Just use emacs lisp to output drv files ^_^
adisbladi is now known as adisbladis
<NinjaTrappeur>
:D
<philipp[m]>
Did I just derail the announcement of the new release manager? Oh, well...
rajivr has quit [Quit: Connection closed for inactivity]
waleee-cl has joined #nixos-chat
<etu>
NinjaTrappeur: You know, nix is somewhat not too unlike elisp in some regards
<__monty__>
philipp[m]: Nah, this is -chat so we're using our collective silence as a slap on worldofpeace's wrist for trying to seduce us off topic.
<worldofpeace>
oh, hun, oh, oh hunny. You would all love if I could seduce you off topic
<worldofpeace>
it's just
<worldofpeace>
I'm feeling soo greedy u kno rn
<__monty__>
Don't bogart the funions, worldofpeace
<worldofpeace>
soon... simply soon. also, __monty__ I legit had to consult reddit to understand that 😸
<__monty__>
: o I managed to r/OotL worldofpeace? 💪💯🥇
<__monty__>
Though I guess using dated references isn't playing fair.
<philipp[m]>
It's an older reference, Sir, but it checks out.
<worldofpeace>
I like how __monty__ thinks I could be soo effortlessly defeated
<__monty__>
Oh I don't see this as a defeat. It's a perpetual back-and-forth, like two birds of paradise trying to assemble the prettiest stage to dance on.
<philipp[m]>
I' feeling very proud of myself that I finally set up a code signing key and got github to recognise it and match my email to my account in commits.
<worldofpeace>
how performative, that's my gig
<philipp[m]>
In the end it hurt like 20% than I expected.
<bkv>
my god, csharp and lsp in emacs are a mess
<bkv>
please tell me one of you other people has got a csharp/lsp setup that works that i can copy
<bkv>
cause this is agonising
<philipp[m]>
That sounds like trying to have a nice Dinner with Steve Ballmer and RMS.
drakonis has joined #nixos-chat
abathur has joined #nixos-chat
<bkv>
it's about as pleasant
<bkv>
the thing is i'm not even sure what part is broken
<bkv>
it could be anything from omnisharp itself to lsp to emacs-28
<__monty__>
philipp[m]: I've been having second thoughts about signing my commits.
<philipp[m]>
Why? Not satisfied? It's not perfect but it's better than not doing it, right?
<gchristensen>
I'm also considering not doing it
<__monty__>
Doubts about the use. It seems to come down to the vanity of the github badge. There's a better argument for signing release tags but commits doesn't seem to add anything.
<bkv>
it's almost useless imo, but it's a good habit to get into to get more familiar with gpg
abathur has quit [Ping timeout: 240 seconds]
cole-h has joined #nixos-chat
<__monty__>
But all the gpg UI bits are hidden. Unless you mean setting up keys and updating the validity on a yearly basis?
<bkv>
well, more just the idea of it, tbh
<Valodim>
without a clear policy attached to it, signing commits is indeed useless
<gchristensen>
it is almost the entire reason I have a gpg key
<Valodim>
perhaps one day there'll be a policy :)
abathur has joined #nixos-chat
<abathur>
I've circled around it a couple times, most recently when thinking about submitting a small change to a project that required signed commits
<abathur>
but once I figured out I could just do the change in the GH interface and it'd sign for me, I went back to not wanting to think about it anymore
<samueldr>
might not be generally relevant, but I like keeping tabs with the announcements from the big players in mobile and operating systems
<__monty__>
samueldr: Give us a shout when the ARM stuff starts?
<gchristensen>
thanks, samueldr
<samueldr>
__monty__: will probably forget
<samueldr>
IF there is anything about ARM :)
<__monty__>
-_-
<samueldr>
like the last few WWDCs
<abathur>
one thing that struck me as weird/useless is that it seems like all commits will still trend towards becoming unverified over time as keys expire or get revoked
<__monty__>
Well that's unavoidable.
<__monty__>
But you can still verify those. If they were signed before the expiry you should accept the signature.
<{^_^}>
isaacs/github#1099 (by soullivaneuh, 2 years ago, open): Revoked and expired GPG subkeys should keep have verified tag on old signature
<gchristensen>
should they though
<gchristensen>
can you trust anything signed by a revoked key?
<abathur>
someone asserts in that thread that date can be spoofed, so it seems like certainly not
<samueldr>
I personally think signed commits for all commits don't add much value, so I'd trust it as much as a signed one
<__monty__>
Surely you must. If you couldn't then no gpg signature ever was trustworthy?
<samueldr>
what I'd trust is a commit release being signed, that the author of the release commits asserts the previous history is trustable
<__monty__>
Also, that'd introduce repudiation into gpg which is an explicit non-goal?
<gchristensen>
__monty__: all it says is someone in possetion of that key signed it
<gchristensen>
and who knows why you revoked it
<gchristensen>
maybe you revoked it because someone copied your key off your sysetm 10 years ago
<__monty__>
gchristensen: Yep, but digital signatures are supposed to have the same value as written signatures.
<gchristensen>
written signatures have value because there is a court of law you can take them to
<__monty__>
If you can never be sure the key used to sign won't be revoked they're useless?
<samueldr>
maybe they are?
<__monty__>
Signatures with the keys on your electronic ID here have the same legal status as written signatures.
<abathur>
I think this is roughly why, at least in this case (for long history) it felt a bit like security theater to me
* colemickens
had never thought about revocations like this before. Interesting convo to read.
<gchristensen>
digital signatures become especially valuable when you have unforgeable evidence that they came from a certified HSM
<abathur>
since it seems like the chain of history will always trend towards breaking, and you're always going to trend towards "accept the most-recent assertion"
<__monty__>
As I understand it revoking a key only invalidates signatures taken *after* that point. It's not a way to go back on your "promises."
<abathur>
in theory, but that assumes there's no way to forge an old date
<gchristensen>
__monty__: in what circumstance do you revoke a key, and also don't want to invalidate already-signed things?
<gchristensen>
I guess maybe you know it was stolen but also have a 100% guarantee that they never signed anything with it
<__monty__>
Are dates not included in the signature? That seems like too blatant a design flaw.
<gchristensen>
sure they are, but dates come from the signer
<__monty__>
gchristensen: What you want and how signatures have to work don't necessarily align.
<philipp[m]>
It would be nice if you could create a chain of signatures somehow, so that you don't just sign the commit but also at this point in time all the other signatures are valid.
<gchristensen>
__monty__: I'm not sure what it is you think I want
<__monty__>
A signature you can cancel at any time you want doesn't have any value to the other party?
<abathur>
if someone does have the key, and does know the backdate they're forging, they can of course create a signature that supposedly pre-dated revocation, yeah?
<gchristensen>
it does today
<gchristensen>
like, the signature is good basically for a short time, no? but a signature for 5 years ago is maybe not so valuable
<__monty__>
philipp[m]: Since commits are already a chain that's implied, no?
<philipp[m]>
Wasn't there a new vcs that is currently being developed and a bit hyped? I forgot the name. Would be interested in how they tried to solve that.
<gchristensen>
pijul?
<__monty__>
gchristensen: The "you" I used was more general, people using gpg signatures.
* colemickens
mumbles something about signatures on blockchains for timestamping
<philipp[m]>
Yes, I think that was it.
<__monty__>
And what I think the general "you" might want is to revoke any signature they want. Which is absolutely not a thing with written signatures, because it makes them useless.
<samueldr>
finally, the features of an apple newton on iPadOS
<gchristensen>
lol!
<samueldr>
I'm curious how it'll end up working in the real world
<__monty__>
Pretty exciting. Maybe in a couple years we'll finally get all the features they teased in the MOAD.
<samueldr>
get ready to eat up martha
<philipp[m]>
So I tried watching this keynote but I can only stand it about 30s at a time.
<philipp[m]>
I think I can be a member of any cult but nix.
<philipp[m]>
*can't
<samueldr>
oh, this is not my main focus, it's way too much self-congratulation on trivialities, and so slow
drakonis has quit [Quit: WeeChat 2.8]
<__monty__>
Nothing about ARM yet?
<samueldr>
nothing about macOS either yet
<samueldr>
so in a way everything's been about ARM platforms
<samueldr>
like the last device, literally an ARM platform
<samueldr>
with watchOS
<samueldr>
and now slides about privacy
<samueldr>
(with vague non-commital promises)
hoverbear has joined #nixos-chat
<joepie91>
anyone else having the issue where Firefox notifications suddenly aren't handled by the system notification thingem (KDE Plasma, in my case) anymore, and Firefox renders them by itself?
<cole-h>
Yeah. Usually happens when mako restarts (manually or it crashes or something) but not Firefox
<cole-h>
For me at least
<colemickens>
oh look gpg stopped working /again/
<samueldr>
macOS, __monty__ probably soon for ARM
<samueldr>
if it happens
<joepie91>
cole-h: hm. and it fixes itself upon restart?
<joepie91>
too many coles in here
<joepie91>
tabcompleting is hard
<joepie91>
:P
* colemickens
is cringing at this wwdc
<colemickens>
but then again this is my reaction to all big-tech "keynotes" now
<samueldr>
to me it feels even more fakerer the way they tried to make it natural and keynote-like
<samueldr>
wow
<samueldr>
did they unironically say they wanted more clarity, while removing borders from buttons?
<joepie91>
samueldr: I mean, consider the Apple Campus
<colemickens>
Some of this demo is baffling too.
<cole-h>
joepie91: I usually fix it by restarting Firefox. If that doesn't work, I relaunch my sway session.
<colemickens>
The filter on the mail demo, what the heck did it even do?
<cole-h>
If that doesn't work, I give up.
<joepie91>
which afaik has had at least several people literally quit Apple because of how horrible it is as a working environment
<samueldr>
everything is transparent as heck
<samueldr>
the stream makes this a muddied unreadable mess!
<joepie91>
but yeah, I continue to be amazed at how Apple manages to basically take over the news cycle and a ton of communities every time they basically broadcast a marketing pitch
<samueldr>
they do have a lot of power in many domains
<samueldr>
they can make or break a technology
<colemickens>
and the gaps between filled with complaints about their hw/sw, listing the proprietary software used to make the experience livable, talking about how to properly power the MBP without losing 25% of the CPU perf....
<samueldr>
before apple adopted NFC, NFC wasn't used anywhere
<colemickens>
ha, I did watch that last night. Someone linked it in a tongue-in-cheek conspiritorial thread about Apple sabotaging their Intel macs ahead of ARM macs.
<colemickens>
what's catalyst? I missed it? Is it cross mac/ios tech or what?
<joepie91>
so last week, paypal held part of my account funds because of abnormally high revenue (which was the case, a one-time payment through paypal instead of the usual payment method, from a client)
<joepie91>
it would have been held for 3 weeks
* colemickens
should probably just close this, I'm unlikely to use any of it
<__monty__>
Sabotage? They used a thermal pad and isolated it from the chassis. That's hardly sabotage, just design for brief lifetime.
<joepie91>
????
<joepie91>
and it is still in the schedule to be released in 3 weeks
<joepie91>
including the part that was "held"
<joepie91>
except when I did a bank withdrawal, it just... sent me all of the money
<joepie91>
I do not understand this company
<samueldr>
colemickens: basically, it's a framework to run iOS apps on macOS
<joepie91>
so now I'm wondering in what horrible way my account is going to break in 3 weeks..
<samueldr>
__monty__: the thermal isolation is to prevent the bottom from reaching 100°C
<samueldr>
which... means everything else maybe needs a redesign? :)
<__monty__>
Heh, apple's gonna try to get a slice of the adblock plus pie?
<samueldr>
I wasn't following
<samueldr>
how?
<samueldr>
"something more profound"
<samueldr>
either it's ARM, or it's troll
<Valodim>
historic
<__monty__>
Very tease.
<samueldr>
I hope they'll detail whether they will allow non-macOS to run on their sillycon
<__monty__>
CEO looks so much older than Jobs, not very apple.
waleee-cl has quit [Quit: Connection closed for inactivity]
<samueldr>
remember, they still haven't said ARM
<samueldr>
only custom sillycon over and over
<samueldr>
could very well be x86_64!
<__monty__>
This is very austin powers/CSI...
<samueldr>
(but let's say ARM is likely)
<__monty__>
Oh, sure. But they'll take lots of inspiration from ARM, no?
<joepie91>
(it's probably ARM)
<samueldr>
sure, but basically I was saying the tease is not over
<samueldr>
what if they have custom SPARC sillycon?
<__monty__>
: O Don't tittilate us so!
<samueldr>
mips, in my mac mini?
<__monty__>
"Much higher performance" is being slung around a lot...
<samueldr>
it's always the best macbook they build
<samueldr>
fastest mac yet
<samueldr>
when you're vertically competing only with yourself
<samueldr>
they *still* have not said ARM
<samueldr>
I wonder if it means they are distanciating themselves from ARM to allow non-standard extensions
<colemickens>
Good for them! no?
<__monty__>
They definitely want the "Apple Silicon" branding pushed.
<samueldr>
it just feels like empty words
drakonis_ has joined #nixos-chat
<drakonis_>
by the way, the mods of /r/nixos have been inactive for months
<cole-h>
,tell DigitalKiwi :)
<{^_^}>
cole-h: I'll pass that on to DigitalKiwi
<samueldr>
I still want to know whether users are in control of their computers or not
<samueldr>
drakonis_: yes, it's a known issue
<drakonis_>
so you might be able to claim it
<cole-h>
We've already claimed r/nix
<colemickens>
samueldr: I don't even get my hopes up about these things anymore.
<samueldr>
finally, confirmation it's ARM
<colemickens>
drakonis, or just redirect it to discourse, seems best for everyone
<__monty__>
samueldr: Looking at the changes Catalina brought, I'm gonna give you a resolute "No."
<samueldr>
__monty__: I assume so too
<ldlework>
/r/nix will become the official subreddit
<samueldr>
but it's going what kills so much about the apple hardware
<ldlework>
drakonis_: ^
<cole-h>
"Official"
<ldlework>
no
<ldlework>
actually official
<ldlework>
as per eelco
<samueldr>
cole-h/ldlework get in touch with domen too, iElectric on reddit, he was active on the /r/nixos subreddit
<ldlework>
for what?
<cole-h>
ldlework: Oh, I didn't realize that conversation had already happened. Cool!
<samueldr>
if he's interested on being on the mods team
<__monty__>
OMG, slide layers animated in 3D?!? That must be *some* graphics performance they have on that Apple™ Silicon®.
<andi->
impressive.
<drakonis_>
ldlework: i'm aware
<ldlework>
ok
<colemickens>
I feel the creeping feeling of that false hope of a ARM Mac running Linux.
<ldlework>
first time it's been publically mentioned so that's surprising :)
<drakonis_>
they've been telegraphing that for a while now
<samueldr>
colemickens: I don't have hope, I only want confirmation :)
<drakonis_>
its not exactly unexpected
<samueldr>
I mean, their T2-toting hardware was already problematic for Linux
<samueldr>
(if it isn't still)
<__monty__>
Have to give them props for simply calling Universal 2 and Rosetta 2 though. New Universal/Rosetta was definitely in the cards.
* colemickens
spies the gnome-shell taking 13% cpu
<drakonis_>
apple has tasted the apple of owning the whole stack on mobile
<samueldr>
colemickens: to be fair it's apparently active on the menu
<__monty__>
Wow, the textures in Tomb Raider have definitely looked better...
<drakonis_>
so they've extended it to macbooks
<samueldr>
I wonder what parallels is running
<samueldr>
ARM or x86_64?
<andi->
was it the first ever mention of Linux in an Apple Keynote?
<samueldr>
no
<andi->
Don't remember others
<samueldr>
maybe in recent years, but 90s they did
<samueldr>
IIRC m68k linux was announced during a WWDC
<andi->
16GB of memory = desktop specs ... /me looks at the 128GB on the desktop
<samueldr>
lol
<__monty__>
"A complement of mac IO ports." So, just thunderbolt?
<samueldr>
compared to what, 4GB for an iPad?
<andi->
one thunderbolt ports.
<andi->
s/s//
<samueldr>
as expected, no answer as to whether the user owns the device or not
<samueldr>
so it must mean that it's going to be as locked down as an iPhone/iPad
<Valodim>
if they can smoothly get ios apps to run that is honestly pretty impressive
<samueldr>
is it?
<samueldr>
because they apparently do
<andi->
they were already on their T2 chip IIRC on common macbooks
<Valodim>
you don't think it's impressive?
<samueldr>
andi-: yes, but that still booted an intel CPU
<samueldr>
andi-: and the T2 didn't remove the control entirely
<samueldr>
andi-: still had bootcamp
<samueldr>
Valodim: it's neat, but it's running on basically the same stack as an iPad
<samueldr>
Valodim: same CPU, same base operating system, they likely "only" fixed the window server
<andi->
still not sure (or even less) why you'd buy such a hardware "lease"
<samueldr>
if they had had the rosetta-using programs running on iPadOS *that* would be more impressive
<samueldr>
andi-: exactly
<ashkitten>
what's the deal with everyone talking about apple stuff today
<samueldr>
ashkitten: the WWDC keynote just ended
<andi->
apple keynote
<ashkitten>
does everyone suddenly care what apple does now?
<ashkitten>
i lost interest years ago
<andi->
I do out of interest in the entire industry but not because I'd purchase anything from them
<samueldr>
^
<samueldr>
nix still has darwin support, so it's also relevant to keep tabs
<ashkitten>
apple doesn't really do anything for the industry these days anyway
<samueldr>
they still set a tone for things to do
<ashkitten>
i guess
<__monty__>
ashkitten: ARM for desktop is slightly exciting. Maybe ARM will finally be taken seriously : )
<samueldr>
they maybe don't bring whole encompassing revolutionary changes
<elvishjerricco>
samueldr: I seriously doubt they just changed the window server of iPadOS for this transition. iPadOS doesn't support a massive number of macOS frameworks
<samueldr>
but they definitely sway opinions in sillycon valley
<samueldr>
elvishjerricco: that's not what I menat
<samueldr>
what I meant is that on *macOS* they made the last few changes required
<__monty__>
samueldr: Apple™ Silicon® valley, FTFY
<samueldr>
they already had catalyst going
<elvishjerricco>
I don't see a difference between macOS on ARM and macOS on Intel in terms of how locked down it'll be.
<ashkitten>
__monty__: i mean, there's a number of arm laptops nowadays. i'm more afraid of apple causing a trend of incredibly locked down arm laptops and desktops
<samueldr>
apple still has a lot of power to make or break techs because of their sway in silly con valley
<samueldr>
NFC was a joke before apple finally embraced it in an almost open manner
<samueldr>
because no one in silly con valley was interested in losing more than 50% of what they felt was the market because of their bubble
<samueldr>
which, in turn, made Android OEMs not as likely to integrate NFC in their devices
<samueldr>
because it's not like it was voiced heavily as being needed
<elvishjerricco>
Rosetta 2 seems pretty impressive though. Running x86 Shadow of the Tomb Raider through it looked pretty seamless, which is crazy.
<ashkitten>
sigh... i just wish companies like adobe would support linux with their applications
<cransom>
i assume that hackintoshes will become extinct.
<samueldr>
elvishjerricco: definitely a more impressive part
<elvishjerricco>
And I wonder if the virtualization stuff they talked about is a Rosetta thing, or if they actually added a virtualization feature to ARM.
<samueldr>
yeah, it's an open question
<samueldr>
what does "virtualization" means here
<samueldr>
x86_64 or ARM or both?
<elvishjerricco>
samueldr: They didn't clarify. They just showed Linux running in Parallels
<__monty__>
elvishjerricco: I suspect the gameplay was definitely groomed for that wow-factor. Even though the resolution and textures weren't very good. It was probably the most impressive part of the game that didn't cause stutter.
<andi->
neither, AARM = Appel ARM ;)
<cransom>
and while i do use apple hardware, i'm in that walled garden, seeing market share away from intel is something i'm ok with.
<samueldr>
elvishjerricco: yep, though parallels is likely to have had access to ARM DTKs
<samueldr>
cransom: or on the flip side, maybe it'll make developers tie loose ends for graphical iOS and now macOS on QEMU ARM
<samueldr>
cransom: iOS already can boot to a shell on QEMU ARM
<samueldr>
[citation needed]
<__monty__>
ashkitten: The existing ARM laptops aren't taken seriously, that's why I said "maybe... finally taken seriously."
<samueldr>
and corellium is a closed source proof that it is possible AFAIUI
<samueldr>
yeah, maybe finally there will be a push for ARM that's not for running on an ant
<elvishjerricco>
One exciting prospect for mac customers is that, given that they sell a $400 A13 phone, ARM macs could become a LOT cheaper.
<andi->
lol.
<samueldr>
as if
<andi->
sorry, I don't think they'll drop prices.
<cransom>
they *could*, but very likely will very much not.
<__monty__>
elvishjerricco: You're forgetting the "Privilege of running Apple Silicon"-tax.
<cransom>
apple tax has allllways been a thing.
<samueldr>
one thing to understand is they *are* a status symbol item
<andi->
Nobody else has apple silicon ;)
<samueldr>
andi-: sillycon
<andi->
ah yes
<DigitalKiwi>
$400? you can't even get wheels for that
<DigitalKiwi>
Apple Mac Pro Wheels Kit
<DigitalKiwi>
$699.00
<elvishjerricco>
:/
<gchristensen>
gotta say, if I had $699 to spend on wheels, I'd do it
<andi->
is there an upgrade kit to make the wheels faster?
<DigitalKiwi>
and the best part? they don't even keep your computer from moving on its own
<ashkitten>
honestly though if adobe had linux support that could be one of the last straws that lets people switch
<elvishjerricco>
I'd be more inclined to agree with you all if they didn't sell a $400 phone
<colemickens>
under-desk-mount > wheels
<DigitalKiwi>
oh i don't mean they don't sell a $400
<DigitalKiwi>
just that it's a hell of a deal!
<joepie91>
ashkitten: likely, yeah
<samueldr>
so I guess for "the years to come" (as vaguely stated) nix on darwin on intel is still a thing?
<samueldr>
I wonder if big sur will add more roadblock
<samueldr>
roadblocks*
waleee-cl has joined #nixos-chat
<samueldr>
to be more in line with whatever macOS on ARM will do for SIP and such
<elvishjerricco>
Yea I've pretty much given up on macOS as a serious development platform unless you literally only need XCode.
<cransom>
the amount of nix built software on darwin is much smaller. wonder if the subset of arm native darwin builds will be even smaller. though, maybe if it builds now, it'll be ok.
<colemickens>
wow. microsoft buried their news. they're shuttering mixer and partnering with FB? stunning.
<ashkitten>
why do people use macos? honest question
<energizer>
as opposed to windows?
<colemickens>
because HN threads are full of people sharing 10 year linux on desktop experiences as if they're current
<elvishjerricco>
ashkitten: It's nice. I honestly can't stand trying to use a linux desktop. They're all buggy, have weird quirks, audio/video problems, terrible key bindings usually and terrible UI.
<__monty__>
I agree OS X is a more pleasant experience than windows.
<ashkitten>
elvishjerricco: i've honestly never had any issue like that
<elvishjerricco>
macOS kinda just turns on and gets out of the way as a desktop environment
<cransom>
there's a good chunk of userbase where 'i write javascript and ruby, so i'm a creative and need a mac'
<elvishjerricco>
As a development environment... very much the opposite
<ashkitten>
elvishjerricco: when did you last use a linux desktop?
<elvishjerricco>
ashkitten: Every day
<ashkitten>
it's weird to hear about people having issues like that
<elvishjerricco>
It's not. It's a common set of complaints
<DigitalKiwi>
i use xmonad with plasma5 and it's not so bad
<ashkitten>
when i used gnome and kde and cinnamon i never had that kind of stuff
<energizer>
most people aren't looking to spend dozens of hours configuring their desktop
<ashkitten>
i have a whole set of other issues with sway and nixos but overall i like it
<ashkitten>
audio problems specifically i haven't seen in years
<elvishjerricco>
Audio problems have been my most frequent by far
<ashkitten>
like what?
<elvishjerricco>
Especially since I use different outputs at different times
<energizer>
i constantly have audio problems
<elvishjerricco>
Programs constantly choosing the wrong output
<elvishjerricco>
bluetooth headphones refusing to connect for no reason
<energizer>
zoom didn't work with my camera, so i had to buy a new one
<elvishjerricco>
bluetooth headphones using the wrong audio profile
<elvishjerricco>
Weird sound glitches at the start and end of playback
<ashkitten>
okay yeah bluetooth audio is janky i'll give you that
<elvishjerricco>
oh yea, video conferencing is super hit or miss
<ashkitten>
video conferencing? huh
<elvishjerricco>
Games are pretty buggy as well, whether native or Proton
<ashkitten>
i have a cheap logitech 1080p webcam and it works great
<colemickens>
bluetoothctl+pulsemixer have made my life 90% better (still get the wrong profile 1/20 times tho)
<elvishjerricco>
not that I game much...
<Valodim>
bluetooth audio works very well for me with bose headphones
<elvishjerricco>
Updating to 20.03 randomly caused basic desktop actions like scrolling to become super stuttery
<elvishjerricco>
And yea, I've checked it's using the right video driver
<ashkitten>
elvishjerricco: what wm? sounds like compositor issue
drakonis has joined #nixos-chat
<joepie91>
elvishjerricco: since 20.03, my pulseaudio and/or KDE has gained a "default audio device" box that seems to make all audio go to the correct device all the time now
<ashkitten>
if you're using compton it got changed to picom
<elvishjerricco>
ashkitten: XMonad + XFCE + picom; I have adapted the picom stuff
<elvishjerricco>
But I've tried with KDE as well; same stuff
<ashkitten>
hm
<ashkitten>
weird
<elvishjerricco>
Oh and that's another thing; compositors break screen lockers
<elvishjerricco>
So I've spent hours just trying to get a freakin screen locker working
<ashkitten>
never had that issue with xsecurelock
<energizer>
that's the thing, everybody has a "hm, weird" experience like once a week
<elvishjerricco>
Settled on just having it kill picom when the locker starts
<ashkitten>
xsecurelock bypasses the compositor
<elvishjerricco>
ashkitten: In 20.03, it'll give you a crazy background image saying something like "incompatible compositor" if you have picom running at the same time
<elvishjerricco>
ashkitten: And yea, I was using xsecurelock
<ashkitten>
anyway ime windows is definitely worse than linux, but i'm not trying to say linux is perfect or anything
<ashkitten>
or even good
<ashkitten>
honestly i hate linux, but i hate everything else more
<elvishjerricco>
Well my point is just that I have spent countless hours just trying to get a pleasant desktop experience, whereas macOS just boots and is pleasant automatically
<colemickens>
ashkitten++
<{^_^}>
ashkitten's karma got increased to 14
<elvishjerricco>
That's like, the only thing I like about macOS though :P
<elvishjerricco>
Well that and iMessage
<ashkitten>
yeah i can understand that
<elvishjerricco>
I used to appreciate that it was very unix-y, but that's quickly going out the window
<ashkitten>
macos is a very pleasant self-contained operating system that just works and also wants to eat your soul
<DigitalKiwi>
elvishjerricco: have you Signal?
<elvishjerricco>
DigitalKiwi: I do, but I kinda hate it
<elvishjerricco>
It's a bit more secure
<DigitalKiwi>
:(
<DigitalKiwi>
<3 signal
<DigitalKiwi>
and cross platform!
<DigitalKiwi>
not everyone has an iphone
<elvishjerricco>
By why the hell is it tied to a phone number? And why the hell does it have a master device?
<samueldr>
good luck running signal without a phone
<qyliss>
I've been using Dino extensively recently and it is the most pleasant desktop messaging experience I think I've ever had
<__monty__>
Signal is terrible for reasons all its own : )
<DigitalKiwi>
they're changing that
<samueldr>
still not done, so it's still an issue
<elvishjerricco>
DigitalKiwi: Well maybe I'll like it more when they do :P
<elvishjerricco>
Upgrading my phone required re-registering (and thus changing that trust number thing, ruining security)
<DigitalKiwi>
i still don't get the complaints about using a phone number to talk to...people on their phone
<DigitalKiwi>
like
<DigitalKiwi>
i have hundreds of contacts
<samueldr>
you're now bringing the whole telco industry into trust
<joepie91>
people don't just talk to people on their phone?"
<DigitalKiwi>
why do i need to get another?
<samueldr>
an industry that is PROVABLY untrustable
<DigitalKiwi>
another identifier*
<elvishjerricco>
DigitalKiwi: It's a convenient reference for contacts, but it shouldn't be the registration method
<joepie91>
they talk to people full stop, who may or may not be using a phone at any given time, or ever
<colemickens>
?? ruining security? the trust numbers are about confirming the exact device a person is using, no?
<samueldr>
and phone numbers are one bit of information closer to doxxing
<samueldr>
which makes signal unusable as a generic "get in touch" use
<elvishjerricco>
colemickens: No. The trust number is the same if you send your message from another device linked to the account
<samueldr>
and has a real world monetary cost to make a new one
<samueldr>
DigitalKiwi: back to square zero, you have to keep that additional number forever
<__monty__>
qyliss: Is Dino just XMPP or does it have OTR (or better)?
<samueldr>
which is not free for everywhere in the world
<samueldr>
and in many places it's not even anonymous or pseudonymous
<qyliss>
__monty__: It does OTR, GnuPG, and OMEMO
<qyliss>
You basically never want OTR or GnuPG
<samueldr>
so you have a strong link between your real world identity and signal identity
<energizer>
"<samueldr> and phone numbers are one bit of information closer to doxxing" imo using your real phone number is nearly equivalent to complete doxxing
<DigitalKiwi>
anyway this all comes back to nothing is perfect and will meet everyone's needs
<joepie91>
DigitalKiwi: "there exists a workaround for this shitty design decision" is not an argument against the design decision being shitty...
<gchristensen>
in the United States, knowing the name of somebody is enough to get basically everything you need to know if you are able to find the region they live in
<colemickens>
my understanding is that the desktop apps are basically thin clients to the phone, and not really recommended for cautious users
<samueldr>
except now it's not "nothing is perfect" but "there is this huge gaping flaw that's braindead"
<colemickens>
If you're going to link desktops to Signal, I don't see why one wouldn't just use Matrix and verified sessions.
<joepie91>
DigitalKiwi: oh come on, don't come rolling in with those sorts of nihilist arguments. requiring a phone number for registration was an intentional decision on Signal's part, and they could have chosen not to. waving away criticisms of that with "well nothing is perfect" is missing the point by a mile and a half.
<elvishjerricco>
colemickens: Your phone does not need to be on to use Signal desktop
<samueldr>
hey, what happens with signal if a country revamps their phone number system?
<elvishjerricco>
colemickens: Your desktop will get its own security keys that can be used to send messages as if it were your phone
DigitalKiwi has left #nixos-chat ["bye"]
<samueldr>
or splits a regional indicator?
<joepie91>
perfect things existing has absolutely no bearing whatsoever on this particular design decision being a boneheaded one
<colemickens>
elvishjerricco: oh very interesting, TIL, thanks.
<elvishjerricco>
colemickens: They can be revoked by the master device, of course
<__monty__>
DigitalKiwi: I think the reason so many people feel like they need to say something against Signal is because it's so often marketed as a secure messaging solution while ignoring all the problems with Signal and Open Whisper Systems. There's plenty of alternatives.
FRidh has quit [Ping timeout: 260 seconds]
<elvishjerricco>
But also, if you lose the master device......
<samueldr>
I'm still extremely pissed at how signal "signals" strongly to other signal users that you have linked your phone number to signal
<joepie91>
__monty__: they left.
<samueldr>
that's basically evil
<elvishjerricco>
samueldr: Yea, what's with that?
<samueldr>
no idea
FRidh has joined #nixos-chat
<samueldr>
probably a good idea thinking about ease of use
<samueldr>
but whew that's a bad privacy move
<energizer>
how does it help ease of use?
<samueldr>
I had people ask me "so now you're using signal?", which spooped me
<samueldr>
energizer: by reducing friction
<energizer>
what friction does it reduce?
<samueldr>
now you can automatically send signal messages instead of SMSes
<colemickens>
samueldr: same!
<ashkitten>
i want nixos on netbsd :(
<colemickens>
samueldr: kind of interesting that 5 of my friends all registered ~2 weeks ago...
<joepie91>
samueldr: Telegram (which is awful for many, many other reasons) does the same shit...
<joepie91>
really not okay
<samueldr>
it seems people can't wrap their head around that this is bad opsec to announce that you are now using a "private" messaging app in some places
<qyliss>
Even worse that they added public profiles
<qyliss>
And _really_ pressure you to fill those in
<elvishjerricco>
qyliss: Wut
<samueldr>
UGH
<qyliss>
This happened a couple of years ago before I stopped using Signal
<samueldr>
and I hate how when you criticize anything against signal it often happens a zealot basically goes into a circular "but its protocol is secure" argument, which, AFAIUI is right, but everything that's not the message exchange is badly designed
<qyliss>
I was pissed about it, but then shortly afterwards I basically fell off the internet for a while and when I came back I just decided not to use Signal any more
<qyliss>
So no idea if it still does it
<cole-h>
The announcing part? Still does.
<qyliss>
The public profile part
<qyliss>
And pressuring you to fill it in regularly when you open the app
<gchristensen>
I like signal for talking to anyone I'd give my phone number to
<samueldr>
^ if it didn't announce itself, I'd treat it as such
<worldofpeace>
qyliss: oooh Dino, I used to use Jabber/XMPP but I could never get anyone to use it ☹︎
<worldofpeace>
but that app is super nice
<qyliss>
worldofpeace: basically everyone I talk to privately I do on XMPP nowadays
<qyliss>
qyliss@qyliss.net! say hi!
* samueldr
remembers when every fresh new messaging service was XMPP based and inter-compatible for a short while
<worldofpeace>
cool, I should get that set up for myself again.
<qyliss>
There's lots of friendly public instances nowadays too, so nice and easy to introduce people to even if they don't want to run their own server
<qyliss>
_And_ if you own a domain, you can delegate that to somebody else's server, and then change it later if you want to host your own later
<Valodim>
....is github down?
<qyliss>
Which I know is a feature important to at least one person in here
<worldofpeace>
qyliss: any sources for instances?
<samueldr>
qyliss: me? :)
<cole-h>
qyliss: Is there a recommended public instance?
<colemickens>
Valodim: it's responsiveness has been... all over the place for me
<cole-h>
Oh hey
<qyliss>
I usually reccommend 404.city
<elvishjerricco>
samueldr: I think the signal protocol relies on your master device uploading a buffer of one-time-use public keys for people to use for messaging you. Certainly a secure design, but doesn't it break if you don't open the signal app on the master device for too long?
<worldofpeace>
(and worldofpeace trusts qyliss implicitly for this stuff 🤣)
<qyliss>
Haven't used it myself but know people who do, and it seems very competently done
<samueldr>
elvishjerricco: good question, maybe it does, but the privacy-side of the protocol is apparently soundly designed, that's what I gathered
<worldofpeace>
qyliss: site sure looks informative
<qyliss>
Yeah they have loads of nice documentation too
* cole-h
signs up
<qyliss>
Their English isn't all that good, but the information is
<cole-h>
I'm cole-h@404.city :^)
<qyliss>
For clients I recommend Dino on desktop and Conversations on Android. iOS basically has no good client, although ChatSecure is better than all the others.
FRidh has quit [Quit: Konversation terminated!]
<worldofpeace>
worldofpeace@404.city 🤣
<worldofpeace>
now to add a new label to mastodon
<worldofpeace>
darn I can only have 4
<joepie91>
elvishjerricco: Matrix uses a similar design, and at least there the answer is "yes"
<joepie91>
minus the "master device" limitation I think?
<ashkitten>
matrix is so good hnn
<ashkitten>
i've turned around completely on matrix
<colemickens>
ashkitten++
<{^_^}>
ashkitten's karma got increased to 15
<ashkitten>
i used to think it was a load of bs
<ashkitten>
i'm really excited for p2p
<colemickens>
I am nervous about over hyping it, but I am confident it is going to be A Thing for a long time
<joepie91>
I wouldn't overhype it yet, yeah. I also don't recommend it yet to the Average Person
<worldofpeace>
ashkitten++
<{^_^}>
ashkitten's karma got increased to 16
<ashkitten>
i don't want to overhype matrix but p2p and low-bandwidth protocol are 2 things i am looking forward to
<joepie91>
my interest in Matrix is for the same reason as my interest in NixOS; not because it is the best option for everyone right now, but because of the long-term potential
<colemickens>
The clients aren't quite there yet imo, but have made big strides
<worldofpeace>
I like it too, but omg the UI/UX is kinda hard to get around and using encryption atm isn't super esay
* colemickens
nods
<ashkitten>
worldofpeace: have you tried the new cross-signing e2ee flow?
<ashkitten>
it's way better
<joepie91>
worldofpeace: have you tried it since cross-signing was rolled out?
<joepie91>
a few weeks ago
<joepie91>
(not that that is perfect yet, there's especially some onboarding UX issues still, but it's muuuuch better than it was before)
<ashkitten>
have any of yall tried the p2p demo?
<worldofpeace>
spill the tea, is there a blog post or something?
<colemickens>
joepie91: I've been thinking about how that informs a lot of decisions I make, and not even limited to tech. I read something the other day about "all software" being throw away and it started some thoughts.
<ashkitten>
p2p will be so big if they get it right privacy-wise
<colemickens>
worldofpeace: I agree with joepie91, it's gotten much better recently. I've been switching devices and clients and the Riot UX is quite good about reminding me to verify unverified sessions (or remove them) and the UX for verifying new sessions is pretty automatic.
<joepie91>
colemickens: yep, that's basically my approach also. probably a bit more extreme than most; I almost *completely* ignore the current state of software, focusing nearly 100% on what it could optimally be
<joepie91>
(and, where possible, putting in the work to make it so)
<colemickens>
Still, I'm surprised oauth support took so long to get to matrix, and I'm sad there's not Discord-style QR login yet.
<ashkitten>
riot ux is way less shit than it used to be
<colemickens>
They really need that. The joy I get of QR-login with Discord is a lot.
<joepie91>
looking much more at inherent limitations and tradeoffs and the motivations and attitude behind a project etc.
<worldofpeace>
ashkitten: you have that right, it's improving quickly
<__monty__>
P2P matrix?
<joepie91>
colemickens: but yeah, on this track, one concrete recommendation I can make: probably the single most important aspect of a project is the attitude of the maintainers/operators, IMO - it's far more important than any technical quality or decisions
<colemickens>
joepie91: yup, feels very philosophical, touches on my feelings towards OSS in generals (and some earlier conversation about compromising freedom for UX, etc). I'd be curious if you've written about this or read anything you like on the topic.
<joepie91>
the attitude of those running a project is, IME, a super reliable predictor for where a project will go in the future
<colemickens>
**monty**: roughly they took Dendrite (the Go homeserver) and compiled it to WASM and run it in browser.
<joepie91>
colemickens: hm. don't think I've written much about this other than a bunch of disparate Twitter threads - I'm still thinking about how to best present this to people
<__monty__>
So, federation with an easier to run homeserver?
* colemickens
is happy we got to have a bit of Matrix love :)
<ashkitten>
not exactly, it's a homeserver inside the client
<joepie91>
colemickens: https://eev.ee/blog/2012/03/24/on-principle/ is loosely related, in the sense that correctness of an implementation is a reliable predictor for future bugs, much like maintainer attitude is a reliable predictor for future project direction
<cole-h>
Does the Matrix <-> IRC bridge support SASL auth?
<joepie91>
colemickens: and also I am applying this philosophy in practice in eg. JS, where I'm working on better foundational libraries/designs that actively take advantage of the strengths of JS (also where reliability is concerned), rather than just cloning the design of tools in other languages which leads to JS being used as a "worse Python"
* joepie91
is still trying to think of articles about this philosophy...
<joepie91>
since JS has a very similar thing where it's just not very good in the way it is used by most people today, but there's much more untapped potential
<joepie91>
meh, really can't think of any...
<adisbladis>
joepie91: This 1000x.
<adisbladis>
When I was working with JS a lot I felt that there is a pretty solid foundation with some insanity bolted on
drakonis_ has joined #nixos-chat
<joepie91>
colemickens: I guess I can kind of ad-hoc summarize my thoughts on the matter: IMO open-source has the potential to function as a public commons of solutions, as a sort of expert system where any given problem only needs to be solved once and then it is solved for everyone everywhere. but for that to work, the *implementations* of said solutions need to be sufficiently reliable and generally correct, even if it takes more
<joepie91>
time to get to that point - which is the antithesis of how software is *currently* treated, as a sort of disposable form of automation, even within open-source where it is common to hype up new things that *aren't even better* than the things they replace, and to basically treat tools and libraries as toys rather than reusable solutions
drakonis1 has joined #nixos-chat
<joepie91>
there are some unsolved problems getting in the way of a true solve-once ecosystem, mainly the interoperability barrier between languages (which is much more complex to solve than "write everything in C"), but we can get pretty close already through sensible use of libraries within a language
drakonis_ has quit [Read error: No route to host]
<joepie91>
at least reducing N in "solve the problem N times" from "N = the amount of projects" to "N = the amount of languages"
drakonis_ has joined #nixos-chat
drakonis has quit [Ping timeout: 272 seconds]
<joepie91>
there are also some socioeconomic problems here, in that realistically a lot of code is written to build a widget for a client in entirely too little time, and few people realize the long-term value of a public commons of solutions, and even fewer people can afford to work on it without going homeless
<colemickens>
that, and or a lot of OSS is put out by companies.
<adisbladis>
Fix software by eradicating capitalism
<colemickens>
^
<joepie91>
colemickens: sure, and often as a marketing tool rather than as a genuine contribution to a public commons
drakonis_ has quit [Read error: No route to host]
<joepie91>
adisbladis: yeah, I don't think the current capitalist socioeconomic systems are really equipped to handle the degree of complexity of problems that people try to solve with computers
<colemickens>
Watching OSS projects get put out for what is basically corporate clout, or hiring bait or something is weird when I am close enough to the tech to see that it's just bs for one reason or another that bottoms out on "not for tech, but for money".
drakonis1 has quit [Ping timeout: 240 seconds]
<joepie91>
yeup
<joepie91>
and more frustratingly, the amount of people who are close enough to the tech that they should be able to see that, but choose not to for one reason or another
drakonis has joined #nixos-chat
<joepie91>
adisbladis: but yeah, re: JS, I've been working a lot on building better foundations. two pieces of that puzzle so far have been https://www.npmjs.com/package/@validatem/core and https://www.npmjs.com/package/merge-by-template (both not stabilized entirely yet), and the remaining big pieces that I'm working on are a) a better streams spec, b) better error/cause tracking tooling, c) a sensible database query builder, plus
<joepie91>
some misc other stuff
<joepie91>
all of them designed heavily around composability and abstractions
<joepie91>
and all of them designed as modular, trivially-forkable, trivially-extensible things
drakonis_ has joined #nixos-chat
<joepie91>
ie. not monolithic things that take over your project :P
drakonis has quit [Ping timeout: 260 seconds]
<joepie91>
to rant a bit more about streams in particular: Node streams fucking suck. they are overly complex, unnecessarily fragile, badly documented, full of edge cases, don't support concurrency, don't handle errors sensibly, don't have well-defined abort mechanics, and just overall suck to work with, which is why everyone tries to avoid them like the plague and noone actually understands how they really work
<joepie91>
pull-streams are nice, but they don't solve all concerns (ex. concurrency), and they are based on Node-style callbacks, which are... not great. there's no real integration with promises
<__monty__>
joepie91: Is validatem similar to contract systems?
<joepie91>
all the other stream implementations are varying degrees of monolithic data transformation frameworks that are functionally proprietary ecosystems (in that they are super poorly interoperable), still often overcomplicated, not composable, hard to fork, etc.
<joepie91>
and all of them are implemented as utility grabbags, not as a streams spec
<joepie91>
all of this while JS in principle is exceptionally suited to streaming usecases!
<joepie91>
everything is async by default, it has promises, it has extremely lightweight objects, great composability/abstraction capabilities
<joepie91>
but... the foundation of a sensible streams spec is just completely missing, so noone actually uses these capabilities for streaming things, and instead they either use Node streams begrudgingly if they can't avoid filling up their RAM otherwise, or they make do with something like highland, or they stuff everything into an eventemitter which is marginally less awful to work with
<joepie91>
hence why one of my projects is to write a new (userland) streams spec that *is* highly interoperable, and actually a spec (not just a grabbag utility library), that integrates with promises first-class, supports multiple in-flight items, has well-defined abort/error behaviour, and takes advantage of the "everything is a value" design of JS
<joepie91>
__monty__: you'll have to be slightly more specific :P
<samueldr>
sometimes I feel one of the most lacking part of documentation is a simple glossary which points to things and say "this is named XXX"
<samueldr>
so now I have a "thing", which I don't know how to express either in a search or in a discussion
<joepie91>
samueldr: I actually integrate that into my documentation. in a lot of the stuff I build, you'll find patterns like "foo the bar (also called a 'baz')" or "do a baz (fooing the bar)" repeated a few times
<samueldr>
I try to, too
<joepie91>
I also apply that in tutoring/review sessions and found that model to work really well for people to remember it
<joepie91>
by just repeatedly associating the two
<samueldr>
but right now I'm frustrated by not being able to search or explain what "thing" is, which a simple search may possibly elucidate questions, or at least confirm suspicions
<joepie91>
__monty__: looks like a similar usecase, but a different design. validatem is designed around validating *incoming* data primarily (whether that is function arguments or form data or a JSON file or whatever), whereas Racket seems to apply it to exports?
evanjs has quit [Read error: Connection reset by peer]
evanjs has joined #nixos-chat
<cole-h>
colemickens: Ah, I think that must've come up in a previous search, but I forgot about it. Thanks for reminding me. I'll subscribe to the PR(s) and hope they move eventually :^)
<joepie91>
__monty__: in principle there's no reason why you couldn't build a wrapper that uses Validatem validators to verify the output of something, though
<pie_>
gottem^Wvalidatem
<joepie91>
pie_: here's a fun challenge: find all the puns in that name
<joepie91>
because there are multiple!
<ashkitten>
hmmmmmm redox-os is appealing again, but it seems like they haven't implemented capabilities yet
<joepie91>
(at least 3 that I am aware of)
<pie_>
ashkitten: wat
<__monty__>
joepie91: Contracts work on both inputs and outputs. You can require things like "the denominator must be greater than 0" and provide a guarantee that "the output will be a natural number."
<pie_>
ashkitten: isnt capabilities the whole point
<ashkitten>
?
<ashkitten>
you're probably thinking of fuchsia, google's capabilities-based microkernel os
<joepie91>
__monty__: right, so you can express the first thing with validatem. the second thing *could* be expressed with validatem, using aforementioned wrapper, but it would only really function as something that verifies the output; since it is a userland thing with no special language support, there is no way for *other* code to become aware of the guarantees that a given thing provides on its exports via validatem
<joepie91>
__monty__: all that Validatem really does is apply a pile of composed, possibly nested rules to a 'value' of some sort - whether that value is JSON parsed from a file, or a function's arguments, or whatever return value a function produces
<joepie91>
how you apply that in your code is entirely up to you
<joepie91>
pie_: found the puns yet? :P
<__monty__>
Validate them, valid datum?
<joepie91>
__monty__: you got 2 of the three :P
<joepie91>
of the three I am aware of, anyway
<joepie91>
the third is "validation thingem"
<joepie91>
I think this is officially my highest-pun library name so far
drakonis has joined #nixos-chat
<samueldr>
it's all downhill from here
<ashkitten>
i feel selfish but i'm annoyed that the headset i ordered still hasn't shipped
<colemickens>
the Android Password Store releases added support for ed25519 keys... and ... removed support for totp?
<ashkitten>
colemickens: yeah i know, i need to figure out what to do about that
<cole-h>
Did they? I thought hey just removed the filling of OTP
<samueldr>
somehow I feel relieved to having procrastinated looking into using that
<colemickens>
I don't undersatnd what that PR has to do with TOTP codes
<ashkitten>
idk either
<cole-h>
Well, the old debug version I'm using still has TOTP code displaying, so I suppose I'll continue using that
<cole-h>
🙃
<colemickens>
Wow, buried in 52 commits.
<colemickens>
It's not even really feasible to say "oh I'll just build a fork with the commit undone". :(
<colemickens>
There are breaking changes and then there are BREAKING CHANGES.
<colemickens>
RIP to everyone who winds up screwed in the wild because of this.
<cole-h>
Yeah, kinda really sucks.
<cole-h>
I'm happy enough with Aegis, but it was nice to only need 1 app for both passwords and OTP...
<colemickens>
Uh, does Aegis read from the same Git source as Password-Store?
<colemickens>
If not, the problem's not really about two apps, it's about two sources of truth.
<colemickens>
Man, FIDO2 adoption is just no where near widespread enough for this. I'm really disappointed.
drakonis_ has quit [Ping timeout: 240 seconds]
<joepie91>
that seems to defeat the point of OTP though
<cole-h>
Right -- it doesn't.
<colemickens>
well this is interesting. I apparently have "Password Store (legacy)" installed and there is no "Password Store" too.
<colemickens>
joepie91: I don't know, PIN + yubikey protected GPG key feels close enough to 2-factor. And I try to be good and use FIDO2 where I can.
<cole-h>
Just get pass-otp to merge into pass. That way they can no longer claim "This application tries to be 100% compatible with pass" until they re-implement OTP >:)
<joepie91>
colemickens: that's describing a totally different setup from the aforementioned password + OTP key material in a single password store though?
<colemickens>
joepie91: what I described is not exclusive to having pw+otp key in the store though?
<joepie91>
a yubikey is indeed a proper second factor
<colemickens>
(the gpg key is what encrypts the pass store)
<joepie91>
colemickens: I was referring to what cole-h said :P
<joepie91>
"I'm happy enough with Aegis, but it was nice to only need 1 app for both passwords and OTP..."
<__monty__>
Hmm, I looked at open password managers recently. Bitwarden (premium) can do the TOTP stuff too but to open it up you need 2FA. So you always need a separate app. Was Android Password Store the same?
<cole-h>
No. APS only needs your GPG key unlocked.
<ashkitten>
i'm probably gonna migrate to bitwarden tbh
<cole-h>
Meh, I'd prefer to keep my password stuff out of a centralized server like that. And back when I tried to self-host bitwarden, it required some form of payment for being able to use OTP, IIRC.
<__monty__>
TOTP is a premium feature yeah.
<__monty__>
And note you still need another TOTP app *sometimes.*
sdier[m] has joined #nixos-chat
<samueldr>
out with functional programming, in with fictional programming
<bkv>
:D
<abathur>
__monty__ when do you need another?
<abathur>
__monty__ oh, when you've set up the 2fa for bw itself?
<__monty__>
Yes, which means at least once from what I've read.
<abathur>
yeah, I'm leery of adding 2fa at that level; I suspect it increases the chance I'll accidentally get locked out more than it reduces the chance someone else will get in
<abathur>
I think 2fa is also less valuable at that layer since you can't reset the password by email
<__monty__>
abathur: Not sure why no reset by email makes 2FA less useful though?
<__monty__>
Sure, 2FA can protect you from people resetting your password.
<abathur>
reduces the surface area to knowing the password, from knowing the password or gaining access to the email
<__monty__>
But just because it doesn't do that in this case doesn't make it useless. Two factors are still two factors.
<abathur>
oh sure, I didn't say useless
<abathur>
just pointing out that there's a risk with many services that use 2fa that isn't in the picture here
<__monty__>
Wouldn't your password vault be exactly the place where a minor inconvenience is worth a minor increase in security (especially if you use a yubikey as second factor).
<abathur>
yes (as long as I don't perceive that second point of failure as more likely to result in me getting locked out than it is to keep someone else from getting in)
<abathur>
I'm a little clumsy; I lose, drop, and accidentally launder things frequently
drakonis_ has joined #nixos-chat
<gchristensen>
put all your eggs in one basket and protect it really well. maybe there is a way to register multiple 2fa tokens
<abathur>
I think my main attacker risks are getting phished, keylogged, or having the password beaten out of me, and experience suggests those are all vastly less likely than "I lost the yubikey and can't remember where I put the backup codes off the top of my head"
<gchristensen>
how about password stuffing
<abathur>
which isn't to say I wouldn't probably eventually find the backup codes, but it might take me a while
<samueldr>
imagine the backup codes being securely at your home, while you're on a trip!
<samueldr>
but you could always put them in your password store ;)
<samueldr>
(sorry, that's not helpful at all)
<__monty__>
gchristensen: Like a password turducken? Sounds delicious.
<abathur>
no re-use on the master password (and, in general, I'm down to zero reuse for internet services)
<abathur>
so unless it's bitwarden getting compromised when I provide credentials, which I guess is just the master form of getting phished, I don't perceive that as an issue
<gchristensen>
fair enough
<abathur>
probably more likely to mess up and type it in the wrong window? :)
<gchristensen>
a real danger :)
<abathur>
but hopefully I wouldn't be too lazy to rotate it, if I did
<cole-h>
Or even type it in the right window, but be streaming your display to the world via something like Zoom or jitsi... :P
<gchristensen>
onetime someone got unreasonably close to guessingy my password based on hearing me type it on a zoom call
<cole-h>
What
<abathur>
I perceive a keylogger as a risk, but one thing I actually like about a service is that, at least if I wise to the malware, I have some reasonable chance of moving to a clean device, logging in, and changing the password before it could feasibly be compromised
<__monty__>
gchristensen: Was it "passw0rd?"
<cole-h>
lol
<cole-h>
What if they were actually reading it off a reflection somewhere 👀
<__monty__>
This is a feature I like about diceware passphrases. Their sheer length means the inaccuracies of guesses pile up. Makes it hard even if you can look over a shoulder.
<samueldr>
big sur may be macOS 10.16 and macOS 11 at once
<gchristensen>
lol.
__monty__ has quit [Quit: leaving]
<cole-h>
__monty__++ Even though you left. I use diceware for my important stuff as well (e.g. when I won't have access to my computer or phone to get at my randomly generated passphrases)
<{^_^}>
__monty__'s karma got increased to 17
<gchristensen>
one thing about diceware is you need like 8 words
<cole-h>
True. But at least they're words. I memorize them in a few days of typing them semi-frequently.
<samueldr>
there is a reduced security mode on apple sillycon macs
* joepie91
has memorized a number of 8-12 character alpha/digit passwords just by typing them often
<cole-h>
"sillycon" lol samueldr++
<{^_^}>
samueldr's karma got increased to 238
<elvishjerricco>
samueldr: I thought that was the eventual plan for intel macs as well; to disallow custom kexts unless you configure your system to allow them
<elvishjerricco>
That's why they've been pushing userspace driver apis
<samueldr>
oh, that's definitively the plan
<samueldr>
but it's nice so see that on apple sillycon it may not be as locked down as on iDevices
<samueldr>
still, I don't have any hope of running non-macOS on that natively
<elvishjerricco>
It'll be interesting to see what route they go. If they plan to disallow booting anything else, I don't see why they wouldn't have done that on intel by now
<elvishjerricco>
It's not like it's not possible
<samueldr>
might be that they say "there's no reason, it's not like you can boot windows with bootcamp"
<samueldr>
and yes I am kinda obsessed with that
<samueldr>
for good reasons
<samueldr>
I'd hate to see a precedent for a computer platform where you can't run your own OS
<elvishjerricco>
They've at least acknowledged the ability to run linux on arm with the virtualization demo.
<samueldr>
it's already bad enough to see that on mobile
<elvishjerricco>
I think they're aware that the target audience of a mac is quite different than an ipad or iphone
<samueldr>
elvishjerricco: unclear what it even is, is it x86_64 emulation? aarch64 vm?
<elvishjerricco>
Definitely not emulation. Rosetta is basically a binary transpiler
<samueldr>
I know
<samueldr>
but the software is parallels
<samueldr>
and they showed docker
<samueldr>
while both could run ARM
<samueldr>
these make emptier promises
<elvishjerricco>
We'll just have to wait and see I guess
<samueldr>
exactly
<samueldr>
though I fear this is going to make it the new normal to not own the boot chain
<elvishjerricco>
Eh, there's just not really precedent of that on macs. I don't think the cpu architecture is a determining factor
<samueldr>
imagine the headaches of buying a new computer where you now have to add as a feature "can run an OS I decide"
<samueldr>
yes it is a determining factor, as it makes the pill easier to swallow as part of an architectural change
<samueldr>
"for your own security"
<elvishjerricco>
I don't see the relationship there
<samueldr>
it's *exactly* the moment to introduce the change
<elvishjerricco>
"For your own security" and "For a different cpu architecture" aren't related
<samueldr>
they make the change to disallow running non-macOS "for your security" in tandem with the change of architecture because "it's part of our new computer architecture"
<samueldr>
co-opting the change
<samueldr>
it's definitely not needed
<samueldr>
they could do it on intel
<samueldr>
they could not do it on apple silicon
<samueldr>
but as part of a big architectural change, it's an easier pill to swallow
<elvishjerricco>
They've had plenty of opportunities to do the same on Intel. When they introduced SIP, or the secure element, or secure boot
<elvishjerricco>
Any one of these could have made the same argument fairly effectively
<samueldr>
but on intel they support bootcamp
<elvishjerricco>
I'm thinking more about linux
<elvishjerricco>
With secure boot they can still allow MS keys
<samueldr>
and they've been slowly restricting the boot flow on newer models
<elvishjerricco>
Sort of... you can disable all the restrictions
<samueldr>
for now
<samueldr>
see, I don't want to be right
<samueldr>
but this is the best moment for them to make that change
<samueldr>
and creating an industry-wide precedent that it's okay to disallow end-users to control the operating system
<samueldr>
that last bit is not a goal of them
<samueldr>
but an effect
<samueldr>
they probably don't really care what others in the industry do for that
<elvishjerricco>
Ok sure, this would be the opportune moment. That doesn't mean they actually think it's a good idea. They'd lose a ton of developers that way; and without developers, all their platforms suffer
parsley936 has quit [Remote host closed the connection]
<elvishjerricco>
They've always made concessions to that fact
<elvishjerricco>
GateKeeper, for instance, has holes placed in it basically for developers' sake
<samueldr>
that's exactly what I'm curious to see
<samueldr>
and I actually believe it's not much of an issue "where you can't run windows so meh" for many developers in the end
<samueldr>
is linux working now on those macs where the SSD is mediated through the T2 cpu?
<samueldr>
sorry, is linux able to use that SSD :)
<elvishjerricco>
It is
<samueldr>
nice
<samueldr>
I didn't know if there was any effort into making Linux work on those newer devices
<elvishjerricco>
Yea apparently Apple just implemented NVMe slightly incorrectly, or at least weirdly
<samueldr>
that's what I gathered from incomplete bits of info
<elvishjerricco>
It turned out being like a 4 line diff in the kernel I think :P
<samueldr>
still, I'm really thinking it's 50/50 here what will happen, and it could start off a concerning trend :(
<elvishjerricco>
Luckily it seems like more open hardware, while still very niche, is at least somewhat on the rise
<elvishjerricco>
From very specific places, albeit
<samueldr>
yeah, though it's concerning that "running your own operating system" is a niche thing, even on your phone, or tablet
<samueldr>
for many reasons
<elvishjerricco>
Well, "Wanting to run your own operating system" is honestly kinda niche in the consumer space
<samueldr>
forget privacy and such, security is a better reason, and then... it's ecologically unsound to produce heaps of e-waste that has no software support after 2 years!
<samueldr>
elvishjerricco: it's "not"
<samueldr>
people don't realise that "reinstalling windows" is akin to that
<elvishjerricco>
(frankly software support is the other reason I like macOS; machines last for freakin ever)
<samueldr>
imagine if you were forced to get the windows iso from the vendor of your device, which has heaps of garbage into it
<samueldr>
and they drop updates after not long
<samueldr>
that's not happening in part because you can reinstall
<samueldr>
and, until windows 10, installing the next version of windows is a non-niche thing
<elvishjerricco>
I dunno if MS would allow that, to be fair :P
<elvishjerricco>
Vendors do have to license windows after all
<samueldr>
yeah
<samueldr>
the example was more of a simile to the state of android
<samueldr>
but it *is* a good example to show why it's not an issue right now
<samueldr>
you could just reinstall windows
<elvishjerricco>
Yea that's a big reason I won't buy an android
<samueldr>
there is no way to "just reinstall android"
<samueldr>
there is no way to "just install android" on your iOS device
<elvishjerricco>
My last phone lasted over four years
<samueldr>
and imo, it's terrible that you can't
<elvishjerricco>
and still has software support a year later technically
<elvishjerricco>
Yea I'd like to have more control over the iPhone boot chain
<elvishjerricco>
I likely wouldn't make any use of it, but it'd be fun to tinker with :P
<samueldr>
if the industry continues locking things down slowly, the frog won't realise it's not in control
<elvishjerricco>
The biggest problem is probably proprietary parts. No point in open hardware if there's no open software to use on it
<elvishjerricco>
Er, unlocked hardware
* c74d
still uses an Android phone that's going on seven years old
<elvishjerricco>
Open hardware would be a different story
<samueldr>
well, unlocked hardware gives the *possibility*
<samueldr>
if it's not unlockable you are robbed of even the possibility
<elvishjerricco>
Yea but I can imagine a vendor thinking "Why open the boot chain if literally no one will ever figure out how to boot something else on it?
<samueldr>
that's a terrible way of thinking!
<elvishjerricco>
Of course
<samueldr>
you literally show them how!
<samueldr>
in your own software!
<elvishjerricco>
But with open hardware it becomes way easier to criticize them for it
<elvishjerricco>
Because they no longer have that excuse
<samueldr>
sure, it's a scale
<samueldr>
and you probably want to go fully into open hardware, but pragmatically, right now it's not a solution
<samueldr>
so you have to go into unlockable hardware if you want to own the device
<elvishjerricco>
Not even necessarily open hardware, but at least consistent standards. Like, x86 desktops are basically legos. Everything goes together and the kernel makes it all work fairly easily.
<elvishjerricco>
The way every part of a phone works is likely to need vastly different software
<samueldr>
yep, another step in the chain
<samueldr>
you have [locked] [unlockable one-offs] [unlockable standardized] and [open hardware]
<samueldr>
some imght say there is [unlockable families] between one-offs and standardized, but it's better to think of them as one-offs anyway
<elvishjerricco>
Anyway I'm just saying I think a lot of vendors might see their computers more like any other proprietary appliance with proprietary firmware that isn't easily messed with. It's disagreeable, and unfortunate, but it's not insane.
<samueldr>
disagreeable, unfortunate, and user-hostile!
<samueldr>
but yes, there is no real reason for them to not treat them as throw-away things they just pump and dump
<elvishjerricco>
In the same sense that a nest thermostat isn't hackable is user-hostile, is the devil's advocate I'm playing here
<samueldr>
you're right, it is user hostile!
<samueldr>
I want the firmware for my washing machin
<samueldr>
I'd fix the horrible bugs
<samueldr>
(cellphone makers) they don't have to deal with the spicy pillows they stuck with glue into their slab of metal and glass, they don't have to deal with the e-waste they are producing where the main reason for discarding is *they* don't support the software anymore
<samueldr>
sorry, conflating two isssues
<samueldr>
but it's part of the bigger e-waste issue
<samueldr>
if there is no security updates after 2 years, and the glued-in battery is rated for not more than 1 year, they are literally producing e-waste
<samueldr>
but it's not in their interest for end-users to continue using their devices
<elvishjerricco>
As an aside, I do think people overestimate the benefits of OSS, for what it's worth. Like, I still obviously think it's the moral thing to do, but it's not like being OSS actually means outsiders will pick the code up and work on it.
<elvishjerricco>
*Plenty* of OSS turns to abandonware that no one does anything about
<samueldr>
I think you underestimate the value of having the *ability* to do it
<samueldr>
yes
<samueldr>
but I have the *ability* to look at how they work
<elvishjerricco>
No, I totally get that
<samueldr>
the value is not in eternal free support
<elvishjerricco>
It's one of the reasons I think it's the right thing to do
<samueldr>
that doesn't exist
<samueldr>
and shouldn't even be thought of
<samueldr>
the value comes into giving agency to the end-user to do what is best for themselves
<elvishjerricco>
But even with the ability to do it yourself, most programmers even still aren't likely to pick up something they'd like to fix
<samueldr>
exactly
<elvishjerricco>
Again, not disagreeing with the value
<elvishjerricco>
It's just not as relevant as it might seem
<samueldr>
but that's not overestimating, imo, and it is extremely relevant, because the other side of the coin is *removing* the possibility for the few that will
<elvishjerricco>
Relevance != importance
<elvishjerricco>
It's exceptionally important
<elvishjerricco>
Not necessarily so relevant
<samueldr>
I don't understand how it's not relevant
<elvishjerricco>
Because it doesn't come into play in almost any scenario
<elvishjerricco>
w.r.t. abandonware specifically
<elvishjerricco>
given that that's the context this conversation started from
<samueldr>
I'm not seeing it in the context of the conversation, but I think I agree on the fact that people think it automagically prevents the software itself from being unmaintained
<elvishjerricco>
My point is that I love that I have the ability to jump in and fix all my OSS tools. But I almost never do it. As important as it is to me, it's not particularly relevant to my life.
<samueldr>
ah, relevant to you, I see
<elvishjerricco>
And I think this is the case for most people, even programmers
<samueldr>
I won't go as far as to decide what others will or will not do
<elvishjerricco>
And it generalizes to the idea of "People think OSS fixes things but it actually only enables things to be fixed"
<samueldr>
because it's always biased by your own biases