Tried few times, nothing beats TextMate ergonomics. It's just a small things like the cursor will be in a place where it should be after autocompletions or closing brackets will align where they belongs to, but it makes huge difference for me

Pebble Time is still my favourite smartwatch design ever, I really hope the new one will have similar design (and yes, more like 1st one) but just bezel-to-bezel screen

Hetzner suspended the account of a non-profit org I voluntarily supported, without explaining the reason or giving us possibility to take our data out. The issue was resolved only after bringing it to the public space. Even there they tried to pretend we are not actually their customers first

Right -- regrettable. And also a very rare anecdote.

What’s wrong with most comments?

If you’re in front of keyboard, and someone is saying what to type. Does this makes you an author of this code? Definitely no.

If you’re in front of keyboard, someone is saying what to type and you creatively rework what you hear. Does this makes you an author of this code? Like, you know, ChatGPT can make an existing code better, but this doesn’t mean ChatGPT wrote it. So mostly no

See, the programming job is not about typing characters to the code editor. It’s even not about choosing between different idioms or applying common algorithms or patterns. It’s about solving problems. That’s where like 90% of efforts going

You might say OP is not a true OSS developer because of solving own problems. But most OSS contributors are solving their problems, what a surprise. This is why OSS still exists.

You might say OP is a glory hunter. But in fact, he spent few days solving the problem and then the authorship was just stolen by rewriting the solution. It’s normal to demand a proper authorship of the work you’ve done

It doesn't matter how much time was spent. Maybe maintainer could have solved it in hours/minutes if a bug report was filed. What ultimately remains is that the maintainer is responsible for the code, which often times is a much larger burden than submitting a fix.

Take what credit you received, appreciate the learning experience and move on.

A bug report for this issue had already been filed, and years had passed without it being fixed.

“We produce an extremely expensive hardware and bill millions for consulting and support but don’t want to spend a single dollar to update a firmware, so now, dear OSS developer, it’s your responsibility to keep my solutions functional for the half of your career years”

Did I read this correctly?

> Did I read this correctly?

No.

Firmware upgrade is a risk that has no mitigations for certain kinds of systems. No amount of money will solve this problem. No sum of money will convince a sensible patient to upgrade firmware on their pacemaker or anything like that.

But even for less critical systems -- what's the problem with wanting to pay less? This is like one of the primary economical drivers...

You also for some reason think that software upgrades are some sort of a natural phenomena which others have to adjust to, and it just happens on predictable interval, and if you miss your cycle you have to pay. Which is obviously ridiculous. A result of industry conditioning you to expect this to work a certain way, w/o questioning the reason for it to work this way.

What should drive software upgrades is in the large part the longevity of hardware. The author claims that the longevity of hardware has improved, even though industry didn't particularly invest into it. It's upsetting to have to generate a lot of e-waste just because we (as an industry) set our sights on a particular release schedule designed to maximize profits for those who provide releases and minimize them for those who consume them.

It’s not about pacemakers at all here for the same exact reason you described: if you’re not able to update firmware, you’re able to update underlying OS as well

The problem here is when you sell LTS solutions for $10M thinking you can pay $1000 for keeping your solution afloat for two decades.

It doesn’t work this way. Operation systems as well as frameworks and runtimes, are constantly changing, because the industry is constantly moving forward. The only way to keep up is to constantly (and regularly) update YOUR software too (and plan the budgets accordingly). It’s your responsibility to fulfil your obligation.

After all, you can still run an up to date Linux (or better NetBSD) on a very old hardware, the problem is that you didn’t update your software regularly to just keep up with changing API/ABI, means didn’t invested too much on a longevity of your product

> Operation systems as well as frameworks and runtimes, are constantly changing

No. They aren't. It's not a natural phenomena out of our control. We decide when to change them. Presently, we make bad decisions. We should learn to make better decisions.

And you are incorrect when you think that pacemaker and similar equipment isn't the problem -- it totally is. Imagine that after ten years the hospital that installed a pacemaker needs to do a checkup or some other maintenance work on it with external equipment. But they were forced to upgrade the external equipment because there weren't any with LTS long enough to allow them to use a certified and vetted copy of. And now they have no way to connect to the older equipment they distributed to patients, equipment they have no means of upgrading, but also no means of dealing with, because they had to upgrade their own system.

The mentioned Baikal company is a supplier for russian army. The guy behind the patch every morning go to the work, knowing his job will help to launch the missiles to the Ukrainian cities killing children. Other IT companies participate as well: Yandex is a part of state propaganda machine, Kaspersky is working with FSB and military, etc. All their workers know what they are working on.

Just a part of the story: https://twitter.com/EliotHiggins/status/1584607815968395264 — this is all just a regular "Smart IT people"

What is happening here is whitewashing a genocide machine many of russians are part of

But what about other armies and their suppliers? They don't kill children/innocents too?

I guess the whole point seems to be that people (companies) "does not take similar measures against other countries who wage wars which have caused way more deaths and displacement of individuals".

Can you name any war which caused the "way more deaths and displacement of individuals" since WW2? Can you name a country which commit genocide on a state level? Can you name a country which committed at least half of war crimes committed during last 1.5 years? Have you seen at least one world leader or government official who openly declare the target of eliminating some nation's existence?

You ask a lot controvertial things that have nothing to do with what I said, and appealing to feelings. Why?

Also, your questions are apparently laid in a way so everything has to fit in order to not accept a commit, or requiring to know exactly how many war crimes have been commited to answer about "the half". Asking many questions like that is a known tactic I don't appreciate.

I'm not talking about numbers, or "which is worst". I'm talking about a guy going to work knowing that his work can kill innocents (yes, even working in/for the US too), and having his patches accepted, as a contractor (or in the supply chain) for some army.

Not everything is good/bad, right/wrong. It's a very ingenuous way to look at the world, and there are a lot of conflicts going on right now (for example https://www.cfr.org/global-conflict-tracker/). Are you tracking all of them? For the last 10 or 20 years too?

There is a huge difference between "[potentially] can kill innocents" and "deliberately kill civilians every day".

There is a lot of conflicts have been in the last 70 years indeed, but author (and your cite) says: "does not take similar measures against other countries who wage wars which have caused way more deaths and displacement of individuals" and I'm pointing that this is a false statement, because not author nor you can't name any one

The author is russian, have no more questions here

> The mentioned Baikal company is a supplier for russian army. The guy behind the patch every morning go to the work, knowing his job will help to launch the missiles to the Ukrainian cities killing children.

Given that the bombardment of east Ukraine preceded the 24.02.22 (by a few years), I hope you have the same standard for Ukrainians then.

> What is happening here is whitewashing a genocide machine many of russians are part of

"genocide" by Ukrainians is okay tho? Because you're very specific here that it only applies to Russians here while ignoring (and therefore whitewashing) Ukrainian acts of war that precede 24.02.22 against their own population.

I'm from east Ukraine. Don't even try to tell me

> "genocide" by Ukrainians is okay tho? Because you're very specific here that it only applies to Russians here while ignoring (and therefore whitewashing) Ukrainian acts of war that precede 24.02.22 against their own population.

There was no genocide by Ukrainians in Donbass, this Russian propaganda has been a persistent narrative that has any had a single word of truth to it.

365 civilians had died in the Donbas conflict between 2016-2022.

8,400 civilians have died in the war in Ukraine in ~1.5 years bits been happening.

> There was no genocide by Ukrainians in Donbass, this Russian propaganda has been a persistent narrative that has any had a single word of truth to it.

I used double-quotes, mostly because both sides claim a genocide. It's clear that both are at war. A dirty fact of war is that civilians are going to die in the war and both sides are going to lie about every aspect of the war. That is not different this time and we ("the west") are not a neutral observer.

This war feels forced especially with the western interference in the coup-d'état that led to the banishment of Yanukovych. The western narratives surrounding it make no sense at all, but we can probably agree that an elected government was replaced by a movement funded by EU and helped by the US.

We ("the west") forgot the value of peace I think or respectively what war entails.

You must be ignorant as hell. Russia opens a front? Really? Few millions people was forcefully deported. Children are separated from their parents. Filtration camps on occupied territories. Mass executions of civilians in Bucha, Borodyanka, Vorzel and other cities. Child rapes. Everyday’s indiscriminate shelling of civilian infrastructure with a rocket artillery. Latest shelling of the largest nuclear plant in Europe.

Nothing different? Really?

Author stated: “And there isn't much left to account for, just the case, the motherboard, and the cooling. None of those come close to explaining away all the additional cost”

Okay: - Xeon W compatible motherboard: ~$700-750 - E-ATX case with a good airflow: ~$200-300 - Quiet cpu fan (not server one): ~$70 - Keyboard/Mouse: ~$50-100 - OS: $199

After some simple calculation we may see a little bit increased estimated price about $3000 which is not so impressive as $1739 right?

This is a “budget” setup compared to Apple’s “luxury” components like highly extensible custom motherboard with T2, Thunderbolt 3 etc., large, beautiful aluminum case with an excelent airflow and so on.

Had Apple a leeway space to lower the price? Of course yes, but it’s definitely not $4200, i’d say like $500-1000. Should Apple do this? No. I see no reason for price drop, while competitors like Dell and Asus offers more expensive and less featured workstations.

"Hello! I'm russian remote code execution vulnerability, please run me and ignore system security warning. Also, you may want to delete your Documents and Settings folder, just press Del button and then Continue"

As a security researcher who tends to focus a bit on user interaction and phishing vectors you are 100% correct, but also representing part of the problem. Too often we discount vulnerabilities which users have to click-through to execute. Unfortunately users do ignore system security warnings. Unfortunately when given a dialog where they can choose security over doing their job, they'll do their job.

I've actually presented user interaction vulnerabilities to development teams in an interactive environment where I describe the vulnerability. I show them where it's at, I show them the dialogs they must be cautious about and even with all of this education they still fall for my attack running on their network. As an industry we've got to stop discounting vulnerabilities as not serious because they require user interaction which involves clicking through security warnings.

> As an industry we've got to stop discounting vulnerabilities as not serious because they require user interaction which involves clicking through security warnings.

Maybe give it an actual name. Something like Vibkac: Vulnerability is between keyboard and chair.

I agree, but this is not an RCE

What if I looked through an open window in my apartment and saw someone waving this in front of me? Certainly something needs to be done here as well.

It was 7 years ago. We have all new patrol police, new government services, etc. Of course corruption still here, but things are changing. Hope you will visit this year's PyCon to ensure

Let me add that I loved Kiev during my visit. The taxi incident was the only encounter of corruption on my entire trip.

It should be known that the US isn't immune to this graft either (e.g., my aunt passed her driving test in Chicago via a conveniently placed $20 bill).