he's going from Iceland to us-west (Oregon). surely his RTT is dominated by the length of the cable, not any useful work.
my closest AWS DC is in Frankfurt with HTTP ping below 40ms. if i consider 100ms for actual work, the overhead for serverless is 46%. still impressive, i would have expected >100% there.
this reads a bit like a parody of the all-inclusive movement. the first half of the article chronicles how she took offence where none was offered, and instead of "my bad", there's a whole 'nother half of it talking about "improving the way people give each other feedback".
as others have suggested, (part of) the issue is with the nature of the site itself. we can talk about elitism, seniors shitting on "noobs", whatever. the truth is, there's all walks of people on SO. there's a continuous barrage of bare-naked prompts for "do my homework for me", there's a continuous barrage of "(i don't even know which side is up, but) what's wrong with this gymnastics equipment i'm using?" questions. if you're any kind of regular in that kind of environment, you'll eventuaatlly get exhausted. the only way they can improve the site for "beginners", however ill-defined that term is, covering both the blatant homework cheaters and honest learners, is to limit engagement by force. "you seem burnt out, you can't post comments or answers for a week. come back when you're in a better mood." that seems like a sure-fire way to drive away their knowledge pool and ultimately their revenue stream. another way is to rate-limit the crappy input, but that doesn't seem to be what the article is hinting at at all.
for all the bitching about how toxic SO is, this is not my personal experience. however, that doesn't mean i think the format of the site has merit. IMO, if you want to fix the experience for honest neophytes, you need to enable dialogue. a newbie asks a ill-posed question, a senior points out the misconceptions, asks for clarifications. the newbie comes back with more information, improved followup. senior is finally in position to provide a red-meat answer.
i just described a mailing list, and that's a format you cannot sell with the kind of margin SO has been raking in. they could ditch their programmers and employ a bunch of writers to collate the wisdom of various product-specific mailing lists into an encyclopedia, but they're not interested. i understand that, it'd be a hell of a pivot. but if they push on catering to the lowest common denominator, they're doomed.
> I had about a half days' worth of work typed up into the browser's text field and when I clicked "submit", all of my work vanished and Firefox only showed a page stating that the certificate was invalid and that nothing could be done about it.
that's not a valid argument against HSTS! the browser behaviour with regard to your data is outrageous, and shouldn't be tolerated. and i'm saying this as a longtime firefox user. the browser just sucks, big time.
"luckily", as a vim junkie, i can't stand the textarea at all, and do anything that requires more effort than, say, this comment, in vim, then copy/paste over when i'm done. still, we should have gotten $VISUAL embedding fifteen years ago: what's happened, Mozilla? lining up your Pockets the whole time?
> there are numerous ways that could've oopsed in.
that's why i said "dishonesty at the org level". i don't think there's any one particular person in mozilla at the prenda law-level of crookedness, but what exactly is their company culture around privacy that they end up casually slipping a surveillance tool into a web page that's ostensibly against surveillance?
> There are sites that just block requests from the EU, there's a difficult-to-measure chilling effect on small businesses
food safety regulations have a chilling effect on businesses that would try and sell arsenic-laced food.
dumping poisonous byproducts of a manufacturing process in a river will also net you a stomping by the society, another instance of a chilling effect of regulations.
i'm happy with these chilling effects, they relieve me of the need for constant vigilance. they enable our society to function. we do not need to fear for our mental of physical health and (private) lives all the time, we can focus on higher-order things instead.
that's so tone-deaf from mozilla... hello? anyone behind the driving wheel there? what are your priorities? trying to win the game of hypocrisy? seriously, this is a great display of dishonesty at the org level.
i thought this was obvious to everybody: public clouds want to lock you in, so they make it very cheap and easy to get data in, but charge stupendous amounts for getting your data out.
it would have to ignore underscores as well. does your grep have that functionality bundled under a convenient flag? does your browser's ctrl-f have it for eg. github?
well, these two things (strongSpaces couldn't have been "undocumented": i knew about it from a cursory glance at the language a few years ago, never wrote more than a hello world in it) made me shy away from the language. i mean, it's niche and all, that does not help, but those two things did decide which way the scales went.
re [0]: whether FUBAR and f_u_b_a_r mean the same thing or not is a matter of semantics, not syntax (it's in the name: "meaning").
re [1]: i use zsh where setopt errexit and setopt e_rR_EX_it mean the same thing, and it's really annoying. all it does is complicate search in man pages and code, i'd say this feature has negative value. e_rR_EX_it is extreme, but consider that zshoptions(1) documents ERR_EXIT while bash(1) lists errexit. i never know which to search for, and i end up mixing various spellings in zsh code. now shell options are a tiny slice of my shell scripts, but doing this for all identifiers? ugh!
i think the arguments in [1] are weak, unsubstantiated, and admissions of negative value.
that's a gross mischaracterization of the situation.
copyright doesn't mean "i get paid", it means "i get to withhold" (see all the out-of-print books, abandonware, etc).
GPL does not mean "you have to contribute back your changes" at all: "The GPL does not require you to release your modified version, or any part of it. You are free to make modifications and use them privately, without ever releasing them." https://www.gnu.org/licenses/gpl-faq.en.html#GPLRequireSourc...
one is about taking access away (for whatever goal), the other is about taking that option away (for the benefit of users).
GPL "abuses" copyright to prevent conveyors from closing off software from its users. make the provisions of GPL the law, and copyright of software can go.
so you install dstat in /usr/bin/dstat + /usr/share/dstat (because you are root), and an attacker creates /home/eve/bin/dstat with /home/eve/share/dstat/evil.py. why would you run /home/eve/bin/dstat? if eve can get you to run dstat from here ~/bin, why wouldn't she just have ~/bin/dstat with completely different contents?
edit after your reply: if you install in /tmp, you'll end up with /tmp/bin/dstat and /tmp/share/dstat. you're concerned that an attacker could smuggle something into /tmp/share/dstat, but /tmp/bin/dstat is of no worry? what exactly is the threat here?
> access control of `../share` in an unknown part of the filesystem is a matter for some concern. Given that the binary can be put basically anywhere, it would seem to be perilously close to CWD.
another edit since i cannot reply to you: do you have any examples of the "threat model [which] includes that you can't trust every part of the filesystem you're working from"? something concrete, specific. a particular install prefix that would let you create $prefix/bin/dstat but $prefix/share/dstat would be dangerous.
my closest AWS DC is in Frankfurt with HTTP ping below 40ms. if i consider 100ms for actual work, the overhead for serverless is 46%. still impressive, i would have expected >100% there.