> The members of the pedophile club are way richer, more influential and have a vastly greater quality of life than you.
Pedophile's "quality of life" is a contradiction in terms. Neither pedophilia nor lust for power are compatible with anything that looks like truth or happiness... and no amount of money can change that. Even more, money can't cure an ego problem.
Totally by accident, a few days ago the richest man in the world whined about the inability of money to deliver happiness... from the horse's mouth.
This isn't necessarily a language problem, though, more of a "culture" problem, I think.
I write in Clojure and I take great pains to avoid introducing dependencies. Contrary to the popular mantra, I will sometimes implement functionality instead of using a library, when the functionality is simple, or when the intersection area with the application is large (e.g. the library doesn't bring as many benefits as just using a "black box"). I will work to reduce my dependencies, and I will also carefully check if a library isn't just simple "glue code" (for example, for underlying Java functionality).
This approach can be used with any language, it just needs to be pervasive in the culture.
> This isn't necessarily a language problem, though, more of a "culture" problem, I think.
Author here. We could make it a language problem by having the language sandbox dependencies by default. Seems like an easy win to me. Technical solutions are almost always easier to implement than social solutions.
Is it really so controversial to want to be able to limit the access that utility crates like humansize or serde have to make arbitrary syscalls on my computer?
Seems to me like we could get pretty far with just compile-time checks - and that would have no impact whatsoever on the compiled code (or its performance).
By default, yes. But it probably makes sense to let people whitelist specific crates in their dependency tree. Crates like std and tokio, or blas libraries that make heavy use of simd. Stuff like that.
I think this is made easier with Clojure macro capacity. In general, if you have powerfull metaprogramming tools, you trade dependency complexity with peace of mind (I still have flashbacks of C++ templates when i talk about metaprogramming :/. Does this qualify for PTSD?).
I think this is a common practice in every country. If the tax payer is at fault, the tax payer pays. If the treasury is at fault, the tax payer still pays.
Hoping that journalists pick up on cases like these and spread the word wide enough is... optimistic, to say the least.
A much better solution is to build incentives into the legal system, like tgsovlerkhgsel suggested. The problem isn't that bad actors abuse the system, the problem is that the system allows bad actors to abuse it.
It is too bad it is up to the founders themselves to offer liquidity to employees. Founders are financially incentivized to not offer anything, so you're counting on their sense of justice and morals to overcome their sense of personal gain. This should be regulated.
(Yes, this is a political opinion. No, I am not American.)
Have we come full circle? Docker was made to create a stable environment for an executable to be run in. Now we're making executables out of the stable environment... should we run that executable in a docker image too?
Wouldn't be surprised if Unity is developing their own multimedia engine they want to sell. Shitty practices like this is what makes me want to get into politics.
This was my first thought. They can then sell some poorly-executed knockoff, ignoring that a partnership with actual experts would have been the best for their customers.
