prof

@prof@infosec.pub

This is a remote user, information on this page may be incomplete. View at Source ↗

Engineer and coder that likes memes.

⁨Comment⁩ on ⁨Obsidian is now free for work - Obsidian⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
As I’ve said. Nextcloud is a great example of FOSS working out for a business, haha.
⁨Comment⁩ on ⁨Obsidian is now free for work - Obsidian⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I guess we just have to agree to disagree then. Which is fine.

Your points are valid and thank you for detailing them for me. If I was in their shoes making others able to steal my IP, even if they’re not allowed due to licensing and having to deal with constant scrutiny of the source code are k.o.-criteria, which hinder the project and lead to potential revenue loss.
⁨Comment⁩ on ⁨Obsidian is now free for work - Obsidian⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Well said.
⁨Comment⁩ on ⁨Obsidian is now free for work - Obsidian⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Then that’s a moot point I guess, haha.

Still a great way to pay for Obsidian to support the development though.
⁨Comment⁩ on ⁨Obsidian is now free for work - Obsidian⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
It’s not just about syncing files. It’s also the fact I can edit stuff on my tablet and see the changes in almost real time on my laptop with Obsidian Sync. I believe most other solutions wouldn’t play nice with such a workflow.
⁨Comment⁩ on ⁨Obsidian is now free for work - Obsidian⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
That’s a bit naive imho. Remaining closed source is a form of IP protection and that’s really ok for what Obsidian is (a markdown editor). There’s just not any benefit for them other than appreciation from FOSS enthusiasts. Also maintaining an open source repository causes a higher workload and they lose a lot of freedom.

If privacy is your concern you don’t need source code anyway. It’s quite easy to sandbox an application like that and analyse network traffic and such. Also Obsidian is built using Electron. That means with enough motivation one could quite easily reverse engineer most of the app. Most of the applications behaviour can also be observed via the integrated dev console, which lets you view source code.

In short I don’t really see the need, unless I want to build or maintain it myself. And I think the negatives far outweigh the positives from the perspective of Obsidians team.
⁨Comment⁩ on ⁨Obsidian is now free for work - Obsidian⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I don’t necessarily like a few takes in the comments here.

Vibes wise the Obsidian team seems to be great and they don’t seem to have shown any reason why I should distrust them. I love FOSS but gifting others my work doesn’t put food on my table, so in that sense they need to have a lucrative business model which they seem to have established.

I could use SyncThing, Git or other solutions to do synchronisation between my devices but I choose to buy their Sync offer, since I want to support them (they also have EU servers, which need to be GDPR compliant by law afaik).

The closest comparison I could make is NextCloud. NextCloud open sources their software, but they sell convenience. Sure, you could self host it, but paying them to do so for you may be more attractive. In comparison Obsidian is not really complicated to set up or maintain. It’s literally just a MD-editor. So the only convenient thing to sell is synchronisation if you don’t want to put a price tag on the software.

If they open source all their code, some tech wizard will implement a self hosted obsidian sync server with the same convenience as theirs in a day, and the company will lose their revenue stream.

We’ve all been burned by tech bros in one way or another, but I think it’s ok for people to profit off of their IP. And they seem to be doing so with a positive vision. Feel free to let me eat my words if they ever go rogue, but that’s my 2 cents.
⁨Comment⁩ on ⁨Tutle⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Lol, that’s Neuro and Videl 😄
⁨Comment⁩ on ⁨More than a quarter of new code at Google is generated by AI.⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
Agreed. It’s really shit for new code, but if I’m writing glue code stuff or repetitive code it saves a lot of time spent on typing.
⁨Comment⁩ on ⁨Bees is fish.⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
It’s so christians can eat bees during fasting. duh.
⁨Comment⁩ on ⁨Gothic, Risen, and Elex Dev "Piranha Bytes" Reportedly the Latest Embracer Studio to Shut Down⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
Seems like we’re in the same boat, haha.

I also have a big backlog, and there are far more interesting options than their stuff.
⁨Comment⁩ on ⁨Gothic, Risen, and Elex Dev "Piranha Bytes" Reportedly the Latest Embracer Studio to Shut Down⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
Wasn’t Piranha Bytes not profitable for quite some time?

Their games certainly had a community of fans, but I don’t think those are enough to keep a whole studio afloat.

Just thinking out loud, I did not look at any numbers, but in my head what’s done them in is not producing games that feel good to play. I loved Gothic 3 and Arcania at the time, but I’d choose any other 3rd person RPG that actually has snappy controls over the more modern stuff like Elex and I feel like that’s the mainstream opinion going around.
⁨Comment⁩ on ⁨Fake job interviews target developers with new Python backdoor⁩ ⁨⁨10⁩ ⁨months⁩ ago⁩:
Thanks for the response. Seems like I can’t assume other CS degrees are comparable.

We definitely have a strong focus on security in my degree, but I still believe that awareness of what you’re running on your machine and potential dangers of those programs fall into the category of common sense. Mishandling secrets, having bad authentication or not knowing how to setup SSL is definitely experience stuff though.
⁨Comment⁩ on ⁨Fake job interviews target developers with new Python backdoor⁩ ⁨⁨10⁩ ⁨months⁩ ago⁩:
Neither young or naive. Just assuming others share my experience.
⁨Comment⁩ on ⁨Fake job interviews target developers with new Python backdoor⁩ ⁨⁨10⁩ ⁨months⁩ ago⁩:
Makes sense, I feel bad for the guys that were happy for a chance and got screwed over.
⁨Comment⁩ on ⁨Fake job interviews target developers with new Python backdoor⁩ ⁨⁨10⁩ ⁨months⁩ ago⁩:
That’s a bad take. Unless you get your knowledge purely from shady tutorials or have a fast track bootcamp education, it’s unlikely you never touch on security basics.

I’m a software design undergrad and had to take IT Sec classes. Other profs also touched on how to safely handle dependencies and such.

While IT Security is its own specialisation, blindly trusting source code others provide you with is something a good programmer shouldn’t do.

If you need a metaphor: Just because a woodworker specialises in tables, doesn’t mean they can’t build a chair.
⁨Comment⁩ on ⁨Fake job interviews target developers with new Python backdoor⁩ ⁨⁨10⁩ ⁨months⁩ ago⁩:
It’s sad that this works. You’d think especially software professionals would be the most vigilant about running unknown code.
⁨Comment⁩ on ⁨Mandelbrot⁩ ⁨⁨10⁩ ⁨months⁩ ago⁩:
There’s a cool rabbit hole you can dive into when it comes to coastline lengths of some countries. Specifically the UK.

Depending on who measured the coastline and with which method the results can be wildly different because there’s always some form of simplification required. See this video for example: Link
⁨Comment⁩ on ⁨easter is a horrorshow⁩ ⁨⁨11⁩ ⁨months⁩ ago⁩:
So stupid. Everyone knows we use bunny eggs for easter.
⁨Comment⁩ on ⁨Last Epoch 1.0.3 patch notes include lower stash tab costs and more⁩ ⁨⁨11⁩ ⁨months⁩ ago⁩:
It’s weird. There seem to be a lot of games that offer native Linux clients but they tend to not be maintained that well. Quite a shame really.
⁨Comment⁩ on ⁨I had to design a simple general purpose language for university, so I tried creating "ZoomerScript" with Jetbrains MPS⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
It doesn’t compile or transpile in actuality. It generates Java based on an abstract syntax tree. The concrete syntax is not considered in Java generation by MPS.
⁨Comment⁩ on ⁨I had to design a simple general purpose language for university, so I tried creating "ZoomerScript" with Jetbrains MPS⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
Because it was easier to use Java primitives than implement the constants myself.
⁨Comment⁩ on ⁨I had to design a simple general purpose language for university, so I tried creating "ZoomerScript" with Jetbrains MPS⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
MPS uses projectional editing. Which means for the user that everything you do is free from concrete syntax, and you basically edit a graphical representation of that abstract syntax tree directly, while it looks like you’re in a textual editor.

So I define abstract nodes that may have certain relationships with each other and then give them a representation in the editor (which is what you see in the screenshot). These nodes may also have generators assigned to them, which use map/reduce operations to generate whatever source code I desire. It usually includes its own bit of code, and triggers code generation of its children as well.

I hope that was somehow clear 😄
⁨Comment⁩ on ⁨I had to design a simple general purpose language for university, so I tried creating "ZoomerScript" with Jetbrains MPS⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
Great idea if I have to extend it
⁨Comment⁩ on ⁨I had to design a simple general purpose language for university, so I tried creating "ZoomerScript" with Jetbrains MPS⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
I like the way you think! 😂
⁨Comment⁩ on ⁨I had to design a simple general purpose language for university, so I tried creating "ZoomerScript" with Jetbrains MPS⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
Yes, it pretty much just wraps the expression in a “System.out.println(<expression>);”
⁨Comment⁩ on ⁨I had to design a simple general purpose language for university, so I tried creating "ZoomerScript" with Jetbrains MPS⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
Fortunately I generate Java source code from it. However MPS generates both source and byte code when you build the solution. For some reason I can’t get the byte code to run though, but the source code does, so I don’t care too much.
⁨Comment⁩ on ⁨I had to design a simple general purpose language for university, so I tried creating "ZoomerScript" with Jetbrains MPS⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
Very cool, I’d be interested in your publications once you’re done. I like metaprogramming, but once you realise you might have needed it, you’re already knee deep in fresh legacy code.
⁨Comment⁩ on ⁨I had to design a simple general purpose language for university, so I tried creating "ZoomerScript" with Jetbrains MPS⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
Valuable input! I actually am an undergrad student. There are a lot of frameworks out there that support writing languages, with MPS being one of them.

If I’d start from scratch again and had a little more time, I’d frankly try writing an interpreter myself, instead of trying to conform to weird framework syntax, which I won’t be able to reuse in any other context.

Saying syntax design is fiddly is an understatement. I focused very hard on getting an abstract syntax somehow finished before working on generation in my first iteration. Then I had so much technical debt, that I couldn’t get anything to work and had to rewrite a lot. So I scrapped it all and started again, starting with top level concepts including generation and only implementing some lower level ones, once everything around it worked properly.
⁨Comment⁩ on ⁨I had to design a simple general purpose language for university, so I tried creating "ZoomerScript" with Jetbrains MPS⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
You’re correct, but it doesn’t really matter for demo purposes. In an actual use case (whatever that would be for this language) you would of course want to use some kind of variable or expression there instead of a constant.