Open Source Software Community - it's about ethics in Code of Conducts

[AmpleApricots]

[...]

Oh boy, you again. Who let you out of the linux thread.

 

[Slav Power]

Oh boy, you again. Who let you out of the linux thread.

Said the guy that wrote an entire paragraph that should've been posted exactly there to have a big ol' brawl about which distro is the best instead of posting it in the Community Watch thread.

 

[Betonhaus]

Your issue is that you're incapable of looking at something from someone else's point of view and you can only look at something from your own. As an analogy, the average user doesn't have to know what the Windows registry is, what's the difference between HKCU and HKLM is, what's SysWOW64, what's svchost.exe and how to manage services and so on. All they care about is that their computer runs what they need to run and that it won't croak. Similarly, the average user couldn't give two shits about whether or not his distro runs systemd or OpenRC, whether it's using X11 or Wayland, whether it's using KDE or GNOME and so on.

Because unlike you, the average user isn't a die hard nerd that gets a kick out of learning every single component that goes into their operating system. They just expect their shit to work for years without having to do shit about keeping it working. That's why Mint is the perfect choice for them and why you keep struggling with it. You'd be better off with Artix or Gentoo where you assemble your entire system by hand without the evil Poetteringware, but here's the shocker: that's you, and you aren't the target market for distros like Mint. No one forces you to use Mint, nor should you force anyone to not use Mint just because you hate it for being too opaque for your tastes.

I think it's just a matter that he treats being told about Linux Mint exactly like when a jew is wished a Merry Christmas.

 

[Kola]

https://itsfoss.com/news/tor-rust-rewrite-progress/

The Tor Project is Making a Switch to Rust, Ditches C​

Arti, the Rust rewrite of Tor, brings circuit isolation and onion service improvements in its 1.8.0 release.

The Tor Project has been busy with the rustification of their offering for quite some time now.

If you have used Tor Browser, you know what it does. Anonymous browsing through encrypted relay chains. The network itself has been running since the early 2000s. All of it is built on C.

But that C codebase is an issue. It is known to have buffer overflows, use-after-free bugs, and memory corruption vulnerabilities. That is why they introduced Arti, a Rust rewrite of Tor that tackles these flaws by leveraging the memory safety of the programming language.

 

[Computer Guardian]

https://itsfoss.com/news/tor-rust-rewrite-progress/

The dark web's going to get a whole lot slower, and somehow there will have some absurd zero-days because they're too lazy to code.

 

[The Real Slim Shady]

Of course they switch, it's a fed project lmao.

 

[Consigliere]

Your issue is that you're incapable of looking at something from someone else's point of view

Contrarian opinion to total fosstard mindset, deploying hat stickers

 

[Betonhaus]

To bad Null can't fork Tor and make KiwiNet

 

[Kosher Dill]

seems something is fucked with libxml2 or the rust faggots are attempting to move in.

I don't think anything nefarious is going on here, it was just one guy (barely) maintaining it and that one guy apparently got sick of Doing It For Free and quit.

 

[YautjaWeeb]

Of course they switch, it's a fed project lmao.

I was about to say Rust felt kind of astroturfed, now we know why. Not a single sovereign programmer would ever touch it.

 

[Cherenkovblue]

To bad Null can't fork Tor and make KiwiNet

He could, but there's no point in doing so as it would be a network of one. Even if a handful of true and honest fans were to set up KiwiNet nodes that would be a drop in the bucket compared to the sheer number of Tor nodes.

There are definitely changes to KF's underlying architecture that could be made to make it more resilient, but if you want Dear Sneeder to do that, well, you know whose palm you need to grease accordingly.

 

[Jotch]

It harms both parties to split TOR in half.

 

[306h4Ge5eJUJ]

https://itsfoss.com/news/tor-rust-rewrite-progress/

Can't wait for them to get hit by a supplychain attack because they use 372 crates and cargo is npm 2.0. For a project like Tor, I'd think that's a bigger concern than memory safety.

 

[YautjaWeeb]

Join the memory safe 41%

 

[Outer Space Traveller]

https://itsfoss.com/news/tor-rust-rewrite-progress/

I know the website has nothing to do with the news, but in this case: "itsfoss? More like 'its a total loss, for those who like to use tor."

With all seriousness, I sometimes wonder if the fall of Rome (and other empires of history, due to degenerates becoming retarded) went exactly like this apart from apathy. People became so incompetent or at least pretty bad on the battlefield compared to their enemies that they just said "fuck it". This is being applied all over the infrastructure we see.

 

[Kola]

The dark web's going to get a whole lot slower, and somehow there will have some absurd zero-days because they're too lazy to code.

I don't get it, where are you getting this from?

 

[Cuckoman]

Can't wait for them to get hit by a supplychain attack because they use 372 crates and cargo is npm 2.0. For a project like Tor, I'd think that's a bigger concern than memory safety.

Yes, but also,
tor is essentially just a connection-tracking glorified proxy/vpn.
Exactly how complex is it to manage the lifetime of memory allocations or review and audit it for memory safety for such an application?

When it comes to the rust faggots, it is as if memory safety, i.e. basically lifetime and boundary tracking is this incredibly difficult and complex task that is impossible tor mere humans to manage.
It is like they re-write fucking 'ls' in rust. Exactly how much fucking memory management happens inside 'ls' and exactly how hard is it to audit?

EDIT to add:
I mean, sure, it is an important issue but so are many other areas that are difficult to manage for inexperienced, or plain bad, programmers.
I see inexperienced/bad programmers struggle a lot more with things like multi-threading and locking/synchronization. Heck, a lot of them can never be made to even understand what a critical region is. And lets not even mention async designs.

So, what is thesolution? A new language where multithreading is explicitely banned? Because it solves the issues with concurrency and thread-safety?
A single thread is by definition 100% thread-safe. Why is no one thinking about thread-safety?
Lets create a language that is 100% thread-safe (i.e. makes it impossible to use threading) and a whole class of errors will go away.

 

[Betonhaus]

Yes, but also,
tor is essentially just a connection-tracking glorified proxy/vpn.
Exactly how complex is it to manage the lifetime of memory allocations or review and audit it for memory safety for such an application?

When it comes to the rust faggots, it is as if memory safety, i.e. basically lifetime and boundary tracking is this incredibly difficult and complex task that is impossible tor mere humans to manage.
It is like they re-write fucking 'ls' in rust. Exactly how much fucking memory management happens insie 'ls' and exactly how fuckign hard is it to audit once and for all?

i doubt it's actually significantly worse then the tor browser itself, which is based on a very out of date version of Firefox with a bunch of poorly made plugins slapped on top of it.

 

[Kapitan Bomba]

So, what is thesolution? A new language where multithreading is explicitely banned? Because it solves the issues with concurrency and thread-safety?
A single thread is by definition 100% thread-safe. Why is no one thinking about thread-safety?
Lets create a language that is 100% thread-safe (i.e. makes it impossible to use threading) and a whole class of errors will go away.

They're way ahead of you on that. Javascript is everywhere.

 

[jeff7989]

Looks like Sonic-DE, forked KDE aimed at preserving X11 support forked a couple more parts and is rebranding components. It's getting more serious, maybe. I'll wait a couple weeks for the situation to stabilize before testing.