• 0 Posts
  • 37 Comments
Joined 1 year ago
cake
Cake day: July 3rd, 2023

help-circle


  • Her platform had plenty that progressives agree with! Progressives need to not act like toddlers when they don’t get everything they want; we’re only going to move to the left gradually. They need to stop asking everyone to treat them like the prettiest girl in school and instead start understanding that politics isn’t all or nothing. We almost got Bernie, gradually. We could have potentially gotten someone like him if we didn’t let Trump catapult US politics so far right in just 8 years. (Yes I know the the Republicans have been moving in this direction since Reagan, but the acceleration in the past decade is crazy)

    I don’t buy that any progressives looked at both platforms and avoided voting in good faith. That’s absolutely ridiculous. It makes no logical sense at all. Anyone who did that is simply not progressive. That’s not a no true Scotsman argument either; it’s just bananas that anyone who agrees with progressive ideas would let Trump win.

    Think about what you’re saying. If a politician doesn’t bend over backwards for progressives we should let fascism win? What the fuck? People love saying Republicans are voting against their own interests. Well, progressives who don’t vote are also voting against their own interests by abstaining.


  • Harris shouldn’t have needed to reach out to progressives. We have two parties in the US. We have one vote only. Progressives had a choice to say “let’s let Trump win and move the country significantly further right” or “I like most of Harris’s policies and something is better than nothing”. The choice for progressives was crystal clear. Let’s not pretend otherwise. The progressives that didn’t vote let everyone down, including themselves. Their argument is completely invalid when you look at the real world in front of us.

    If anyone calls themself a progressive and didn’t vote in this election, I have news for them: you’re not a progressive.



  • Better than Trump wasn’t her platform. I will die on this hill because I’m so sick of this. Look at her platform. What is too far right about her platform? Tell me specifically.

    No her platform and campaign weren’t the biggest problem. The way you’re talking and everyone is parroting that was. The “everything or nothing” people were. The left sows its own apathy.

    And, regardless of all of that, regardless of the fact that her platform was actually good, the idea that you only get to look at her platform in a vacuum is a complete joke. The idealism of the left is fucking us all. This isn’t a theoretical exercise. You realize Trump wants to pull out of NATO? That the right wants to outlaw life saving medical procedures? You realize real people are going to actually, without hyperbole, die because of this election?

    We’re in a fight against a Christian fascist state right now. Miss me with this bullshit. I would have been 100% motivated to vote for a turkey sandwich. This is all such a joke and this narrative is infuriating. The left is constantly acting like a bunch of toddlers kicking and screaming because they got the wrong ice cream flavor while the right marches towards the end of everything I thought we believed in.






  • As long as it’s installed on a device you control it’s pretty easy to sniff TLS traffic from an Android application, even if they’re pinning certs. I do this all the time for work. Frida makes it extremely easy, even giving you the ability to edit boringssl if something important is happening in native code. I’ve had to do this a couple times.

    If you don’t have root you’ll have to recompile the application though which could matter if you need the signature to not change, but that isn’t a common requirement.

    It’d be nice to have a better way to test though; I’ve wanted to check out Waydroid. Some coworkers just use an emulator which works great if it doesn’t need specific hardware.







  • This doesn’t seem to be a Rust problem, but a modern development trend appearing in a Rust tool shipped with Cargo. The issue appears to be the way things are versioned and (reading between the lines maybe?) vendoring and/or lockfiles. Lockfiles exist in a lot of modern languages and package managers: Go has go.sum, Rust has Cargo which has Cargo.lock, Python has pip which gives a few different ways to pin versions, JavaScript has npm and yarn with lock files. I’m sure there are tons of others. I’m actually surprised this doesn’t happen all the time with newer projects. Maybe it does actually and this instance just gains traction because people get to say “look Rust bad Debian doesn’t like it”.

    This seems like a big issue if you want your code to be packaged by Debian, and it doesn’t seem easy to resolve if you also want to use the modern packaging tools. I’m not actually sure how they resolve this? There are real benefits to pinning versions, but there are also real benefits to Debian’s model (of controlling all the dependencies themselves, to some extent Debian is a lockfile implemented on the OS level). Seems like a tough problem and seems like it’ll end up with a lot of newer tools just not being available in Debian (by that I mean just not packaged by Debian, they’ll likely all run fine on Debian).


  • I agree and think that should be helpful, but I hesitate to say how much easier that actually makes writing sound unsafe code. I’d think most experienced C developers also implicitly know when they’re doing unsafe things, with or without an unsafe block in the language – although I think the explicit unsafe should likely help code reviewers and tired developers.

    It is possible to write highly unsafe code in Rust while each individual unsafe block appears sound. As a simple example: https://play.rust-lang.org/?version=stable&mode=debug&edition=2021&gist=6a1428d9cae5b9343b464709573648b4 [1] Run that on Debug and Release builds. Notice the output is different? Don’t take that example as some sort of difficult case, you wouldn’t write this code, but the concepts in it are a bit worrisome. That code is a silly example, but each individual unsafe block appears sound when trying to reason only within the block. There is unsafe behavior happening outside of the unsafe blocks (the do_some_things function should raise eyebrows), and the function we ultimately end up in has no idea something unsafe has happened.

    Unsafe code in Rust is not easy, and to some extent it breaks abstractions (maybe pointers in general break abstractions to some extent?). noaliases in that playground code rightly assumes you can’t have a &ref and &mut ref to the same thing, that’s undefined behavior in Rust. Yet to understand the cause of that bug you have to look at all function calls on the way, just as you would have to in C, and one of the biggest issues in the code exists outside of an unsafe block.

    [1]: If you don’t want to click that link or it breaks, here is the code:

    fn uhoh() {
        let val = 9;
        let val_ptr: *const usize = &val;
        do_some_things(val_ptr);
        println!("{}", val);
    }
    
    fn do_some_things(val: *const usize) {
        let valref = unsafe { val.as_ref().unwrap() };
        let mut_ptr: *mut usize = val as *mut usize;
        do_some_other_things(mut_ptr, valref);
    }
    
    fn do_some_other_things(val: *mut usize, normalref: &usize) {
        let mutref = unsafe { val.as_mut().unwrap() };
        noaliases(normalref, mutref);
    }
    
    fn noaliases(input: &usize, output: &mut usize) {
        if *input < 10 {
            *output = 15;
        }
        if *input > 10 {
            *output = 5;
        }
    }
    
    fn main() {
        uhoh();
    }
    

  • No intention of validating that behavior, it’s uncalled for and childish, but I think there is another bit of “nontechnical nonsense” on the opposite side of this silly religious war: the RIIR crowd. Longstanding C projects (sometimes even projects written in dynamic languages…?) get people that know very little about the project, or at least have never contributed, asking for it to be rewritten or refactored in Rust, and that’s likely just as tiring as the defensive C people when you want to include Rust in the kernel.

    People need to chill out on both sides of this weird religious war. A programming language is just a tool: its merits in a given situation should be discussed logically.