ptman boosted
ptman boosted
A nice evening read. Not sure I'd recommend reading before going in to work, though.

https://twitter.com/mcfunley/status/1194713711337852928 @mcfunley: Mute me for a bit if you don’t like long diatribes about startup debacles but this reminds me of a story (1/n) https://twitter.com/kellan/status/1194633626161299465

@mcfunley: So the first version of Etsy (2005) was PHP talking to Postgres, written by someone learning PHP as he was doing it, which was all fine. Postgres was kind of an idiosyncratic choice for the time, but it didn’t matter yet and anyway that’s a different story.

@mcfunley: I started in the long shadow of “v2,” a catastrophic attempt to rewrite it, adding a Python middle layer. They had asked a Twisted consultant what to do, and the Twisted consultant said they needed a Twisted middle layer (go figure).

@mcfunley: The initial release of this resulted in two full weeks of downtime, and an infamous incident where one of the investors had to drive to Secaucus to physically remove the other engineering founder from the cage.

@mcfunley: He had been there for days I guess and was threatening to drop the master database, for which there were no backups. Nobody learned anything from this.

@mcfunley: Anyway, people were understandably really mad at this middle layer, but nobody agreed on the reason to be mad. And nobody was in charge, so there were several concurrent attempts to destroy it in competition with each other.

@mcfunley: The team thinking it would rewrite the whole site in Django morphed into a team thinking it would rewrite Django first, and then rewrite the site in the result. There was one guy trying to rewrite the site in Java.

@mcfunley: Either of these scenarios may have been worse than what transpired, which was that the team trying to rewrite the middle layer with a drop-in replacement won the political struggle and ate all of the other teams.

@mcfunley: The theory of the drop-in team was that the existing middle layer was bad because although it used Twisted, it still used a threadpool. (Twisted is a reactor loop like nodejs, but in Python.) For Twisted acolytes, this situation was heretical.

@mcfunley: So the drop-in team was trying to recreate the same middle layer, but using the reactor loop faithfully. And the theory was that’d solve all of the problems with the existing middle layer bringing the site down constantly.

@mcfunley: The middle layer didn’t really do anything. It was consultant-provided speed holes which (it was believed) would make things faster by (counterintuitively) adding network hops. https://pic.twitter.com/NHviSrLLPI

@mcfunley: The middle layer just received RPC and invoked postgres stored procedures. Which, if you have a superficial understanding of things, seems like the kind of boilerplate you can replace with an abstraction.

@mcfunley: So the drop-in team wrote a declarative framework for making these RPC endpoints. Then they proceeded to discover that here in reality every single existing endpoint did things differently. https://twitter.com/kellan/status/1194633772253106176

@mcfunley: To ensure bug-for-bug compatibility, they made me and several other people write detailed a detailed test suite for six months. As predicted in Kellan’s tweet above, the job of writing the server was separated from the dirty work of implementing the “business logic.”

@mcfunley: “Business logic” being a term of art which means “your bullshit”, in contrast to “my code,” which is beautiful.

@mcfunley: (By the way this was all SO much better than the financial industry job I had before this.)

@mcfunley: When we finished, what we had was a Twisted-pure version of the middle layer. Plus a declarative framework which just added lines of code, since declaratively specifying a thousand special cases requires more code than not having the framework at all.

@mcfunley: This is a generalizable part of the experience for me—if I could choose a superpower it’d be to appear like Candyman behind any developer saying “it should be easy to make a declarative framework for this.”

@mcfunley: The drop-in was also written in callback style with Deferreds, so although logically it was identical to the first version, it was roughly triple the line count and much harder to grok and debug.

@mcfunley: If you forgot to return a Deferred, you were shit out of luck since the language obviously couldn’t help you with it.

@mcfunley: But eventually after months and months we released this thing on one page, and it burst into flames within milliseconds.

@mcfunley: I don’t know what the state of the art is with debugging and profiling nodejs these days. But whatever that story is, I assure you that understanding what a Python reactor loop was doing while it was melting down in 2007 was the bronze age by comparison.

@mcfunley: I saved this screenshot of helplessly waving kcachegrind at it and hoping for a miracle https://pic.twitter.com/L1IZqSazgv

@mcfunley: It was at this point that the Twisted consultants were brought back

@mcfunley: They said that although Twisted was good at overall throughput, outlying requests could experience severe latency. Which was a problem for the drop-in, because the way the PHP frontend used it was hundreds/thousands of times per web request.

@mcfunley: “Yeah sorry folks it’s not good for this.”

@mcfunley: So over the course of a few weeks we frantically rewrote the drop-in replacement to use a threadpool instead, exactly like the original heretical one.

@mcfunley: Leaving us with literally the same code as the thing it was dropped in to replace, plus a ridiculous declarative framework, plus some tests. It was around this time that everyone got fired (but not me).

@mcfunley: One way to look at this is that an entire engineering and ops team lost their jobs because a group of people thought that threads were Wrong.

@mcfunley: By the time the drop-in replacement was being systematically eradicated by the drop-in replacement engineering team, this entire saga had been forgotten because it was simply too out there to be believable. https://www.youtube.com/watch?v=eenrfm50mXw

@mcfunley: As a younger person I had no power to avert any of this, but I managed to not get fired because through this whole thing I was talking shit about it. Which was not necessarily the lesson I needed to walk away with, but here we are. /end

ptman boosted
ptman boosted

Proof of work is such a dumb way to secure a system.

"You must waste this much compute time to participate."

How about literally anything else? Maybe something that doesn’t waste an enormous amount of energy doing nothing useful?

ptman boosted

Nonsense, it makes me feel great, smarter, more aggressive. I feel I could… Like I could… Like I could…
TAKE ON THE WORLD!

ptman boosted

PYYNTÖ: tee päivän hyvä teko ja paina "Jaa" nappia tälle linkille. Vaikka et normaalisti niin tekisi.

Tykkääminen ei riitä. Allekirjoittaminenkaan ei riitä. Jaa tämä kavereillesi myös koska nyt on kiire saada tätä eteenpäin! Jos jaksat, pyydä kavereitasi jakamaan myös!

https://www.kansalaisaloite.fi/fi/aloite/4252

Kiitos <3

#suomi #finland #ilmasto

ptman boosted
Melting glaciers reveal five new islands in the #Arctic | The Guardian

https://www.theguardian.com/environment/2019/oct/22/melting-glaciers-reveal-five-new-islands-in-the-arctic

#climatebreakdown #GlobalWarming

ptman boosted
Asukaslukuun suhteutettuna suomalaisten lentomatkoista kertyy koko maailmassa toiseksi eniten hiilidioksidipäästöjä | Yle

https://yle.fi/uutiset/3-11029820

#suomi #finland #ilmasto https://www.lentovero.fi/

ptman boosted

Note: if you boosted and got angry about the earlier article shaming their failures, you should be boosting and being supportive of the redemption, too. Human nature makes outrage sexy and redemption boring.

ptman boosted
ptman boosted
ptman boosted
ptman boosted

We have an AMA on /r/privacy happening right now for all your privacy related questions - head over to reddit.com/r/privacy/comments/ and get involved :)

ptman boosted

RT @RiotChat@twitter.com

New ✨ privacy 🕶 controls 🔧 for Riot Web landing in 1.4.0, with mobile updates landing soon! Read all about it here: medium.com/@RiotChat/New-Priva

🐦🔗: twitter.com/RiotChat/status/11

ptman boosted

Riot/Web 1.4.0 and Synapse 1.4.0rc1 are here with massive improvements to data privacy, including making identity servers strictly opt-in only; selectable integration managers; garbage collecting redactions & much much more. Read all about it: matrix.org/blog/2019/09/27/pri

ptman boosted

Let's talk about HTML5 live streaming. There are two competing technologies for it: DASH and HLS. They are terrible.

When both were implemented, there already existed several established, simple, standardized, and broadly supported options for live streaming video. Browsers wanted none of it.

Instead, Apple came up with HLS. It splits your video and audio into separate streams and then cuts them up into N second chunks (usually 5-30 seconds). Then it uses JavaScript to poll a playlist file for the list of upcoming segments, then munges them into a non-live <video> and <audio> element in real time.

This garbage is patent encumbered.

Therefore, Google made basically the exact same thing except they used XML, fucking XML, for the manifest.

This is what's happening behind the scenes of all live video you watch on the internet. This is also in no small part responsible for livestreaming video murdering any low-powered devices you try to play it on. Because JavaScript is king and standards are for losers.

ptman boosted

The second in our series of four #GSOC reports is available now. Read cnly's report on their work on Dendrite over the summer matrix.org/blog/2019/09/10/den

ptman boosted
Firefox for Android has decided to disable its own navigation buttons on all pages, and the system back button now always exits back to home screen. A browser in which you can only navigate forward by clicking new links. As cheerfully optimistic as this sounds, I am quite disappointed.
ptman boosted
Here's a simple security privacy thing which I think should be possible, but the rockstars have not aligned.

Was setting up Uber on a new phone (for reasons). I need to enter a credit card. Every app now has a feature where I can take a picture of the card, but this requires camera access. Can be revoked, but requires digging through settings. But all the app needs is a number. Why no option for letting the app read a number through the camera?

A lot of privacy concerns could be alleviated by only providing processed data, not sensor access. Mobile OS service architecture seems built for this as well.
Show more
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)