I took over a bunch of his code at one of my previous jobs, and let's just say it kept me employed for a good long time.
It's been kind of difficult for me to reconcile considering that this is the dude who co-wrote frickin bash, but then I look at how weird of a language it is for shell-scripting and I totally understand.
Well, Brian is firmly in the LISP-style camp of programming which eschews static typing, promotes heavy use of macros, one-man-army style development, excessively interesting code. He also doesn't like automated testing, or any kind of tests. "Why would you plan for failure?"
It is not a scalable attitude to have in the modern software world.
Yes, at a prior job I tried to follow a bug in his metahtml interpreter many years ago, and the code bottomed out at an unfinished if condition. Actually an unstarted condition. It was just shipped that way. Very difficult to follow such a smart person's code I situations like that.
It depends on what you mean by scale, PG's Viaweb sold for $49 million and it was built completely around this approach. Lisp has a debugger that allows you to edit code while it is running, and allows you to continue half-finished evaluations with the fixed version, so what it means to "fail" in any given circumstance is altered by that meaning.
Why is the title not "An interview with Brian J. Fox, the creator of Bash"? These "I did Y" or "I made X" sound like typical reddit style attention seeking posts.
I don’t read it that way. Titles like “I did X” are interesting to me because then I know it’ll be a firsthand account. Whereas if it says just what it is it could be more likely that it is instead only talking about the same interview from another source that I had already seen.
Was surprised to not see Chet's name come up. When we were shipping WSL, I got the team in touch with Chet to give WSL a test run, with no major surprises (a couple edge case bugs, IIRC). I'm bummed I never met him in person while at Case, but always a fun little factoid that came in handy the one time.
The scope of the interview was Brian, and bash only came up rather than being the focus of of the interview. However it makes sense that bash was used as a hook for audiences like the HN crowd.
In other words I don’t think Ramey was being dissed in this case.
Unrelated to the article, but WSL is a true gem :) I spend many an evening writing Rust on my Ubuntu WSL setup, and no reboots necessary in the morning (Windows-intensive job). Thank you for your work on it.
I have honestly not listened to this interview yet, and I have only glanced at parts of the transcript; but, I am in charge of technology for Orchid--the product Brian is one of the other co-founders of and which he is apparently talking about extensively, that currently looks a lot like what people sometimes call (much to my chagrin ;P) a "decentralized VPN"--and so am watching here to potentially answer any questions (or provide clarifications and corrections).
I'll bite. I think some of the crowd on HN might be interested in selling bandwidth. It seems like that's not the focus for orchid at the moment (based on the lack of info on the website and the lack of github build instructions.) Is there a support channel for someone interested in trying out staking, running a node, selling bandwidth, etc.? Is there a roadmap for supporting people interested in that side of things?
FWIW, I'd be surprised if it were difficult for an interested developer to compile Orchid (as stated in the README: go type "make" in srv-shared and install any dependencies you are missing... same way I usually build anything ;P there is also a Docker build script for "docker build" as well as a way to wrap the makefile into Docker, which is mentioned in the README: run env/docker.sh).
If you aren't a developer: just download a pre-compiled build; the 0.9.33 build that came out a couple days ago works great. I also have GitHub Actions set up to do a complete build of all of our components every time we do a push, and so you're also able to go back 90 days or whatever they hold on to and download a server asset. This also means I know 100% that it compiles OK ;P.
As for actually succeeding in selling bandwidth, that is fully possible right now (and has been since the network launched)... but, very awkwardly, not to the (vast) majority of people who are currently running our client in its default configuration. You will need to get users to 1) purchase OXT and manually set up their account and 2) get them to change the default "curator".
This is due to a combination of factors, but the deepest one--as in the one that is serving to be most difficult to fix, both internal and external to the project, as well as the one that personally frustrates me the most (if you know who I am ;P)--is that our users mostly buy in using "in-app purchases", which has led to us implementing various restrictions on spending them.
The result, though, is that if you go through all of the trouble to get set up right now, you won't actually get to experience anyone paying for your bandwidth in practice, even though I solemnly swear that the system is legitimately decentralized in that nothing is actively preventing that from happening: the system launched in December 2019 and has been "fully functional" ever since.
I, thereby, am quite reticent to publish an easy-to-follow guide where step 5 is "now be disappointed in the result", as I don't even think that is a valuable use of time for the people who are trying to contribute to the system. The best things you can do to help are: 1) lobby against Apple/Google; 2) improve the state of play for wallets; and 3) get people to download/use the client.
(As for something like a "roadmap", I try to prevent anyone from telling people about the order/timing of work we are doing because the system should be considered functional "as is"; I think most projects that have "roadmaps" in this space use them to cause people in the ecosystem to speculatively purchase large quantities of what should really be a "utility token". I hope you understand.)
(That said, there is some public discussion of this specific task--to make it easier for people who have a copy of the server to run a node--related to an issue that I feel able to point you at: https://github.com/OrchidTechnologies/orchid/issues/103. I will, admittedly awkwardly, not comment on whether or not I intend to make a commit in the near future to address this deficiency.)
> our users mostly buy in using "in-app purchases", which has led to use implementing various restrictions on spending them.
Browsing through the code, it looks like Orchid's xdai contract is https://blockscout.com/xdai/mainnet/address/0x6dB8381b2B41b7... -- which shows in-app purchases of bandwidth being a bit less than $75,000 total for the last two years. Is that right, or am I missing something?
> I think most projects that have "roadmaps" in this space are using it to cause people in the ecosystem to speculatively purchase large quantities of what should really be a "utility token".
While I think the word "decentralized" has a lot of nuance that people often forget (as an example: federated systems are also "decentralized", though I'd argue they barely live up to the term), the core problem is an equivocation on the word "it": Orchid, with the prepaid access credits system we had to put in place to satisfy Apple/Google, essentially is "a network of networks", all of which share not only the protocol (that would be trite) but share the entire mechanism for staking and selection: there is no difference at the level of the staking system between what "network" you are on for this purpose... there is but one shared pool of servers.
The issue is that the money comes in different shapes and forms, and individual users have access to different forms of money and individual servers accept different forms of money... and due to restrictions put in place by Apple and Google, we were forced to go to great lengths to support the ability to pay for the service using "in-app purchases", which results in a very large number of users having money that has been constructed--on the blockchain--to only be able to be spent with a set of servers that we are legally required to collect personal information from, making it "permissioned" if you want to accept that money... which you don't have to, but you aren't going to make much money.
It thereby isn't that the software we have released is in any way centralized: it isn't. The directory of providers isn't either. It isn't that any of the "protocols" I designed for this are somehow decentralized vs. centralized (I'm not even sure what that would mean: it would be like claiming OpenVPN is decentralized but NordVPN isn't? at best that would be, as I said, "trite"). The status is more that you are opening up shop in a bazaar, but weirdly most of the customers aren't carrying around cash, but you aren't allowed to accept credit cards. There's nothing preventing you from selling to any of these people, though. There isn't some server I'm running that is holding the entire thing together like the keystone.
Where it just kind of burns me up, though, is that the vast majority of people in the crypto space are just looking for "an easy buck", and so what they are looking for are easy to follow instructions to "stake money and get rewards", and the reality is that I know that the current state of Orchid would make those people sad, and so I don't go out of my way to bother making a "guide" where step 5 is "you are now sad"; to me, this is part of "being honest about what we have". But like, it isn't hard to run the server: you just need to be pretty comfortable calling functions on Ethereum contracts with a wallet and be able to deal with a relative paucity of documentation... I think that maximally prevents deception.
There are other solutions right now that, in contrast, I would argue "aren't honest": they are actively getting people to run servers, for example, but they don't even have payments at all yet, and have said every month for over a year that they will have payments in place "soon"... or they have a system set up to pay for servers using "inflation" on some underlying investment asset, and then report an APY that is largely based on the value being held up by speculation. Orchid has had payments working--in a way that is absolutely decentralized and which works over a legitimate utility token... but at a small scale--ever since we launched in December of 2019. It is just that we were also forced to build a second set of users by companies like Apple and Google to support their App Store monopolies, and those systems massively out-compete our decentralized users :/.
I would sugest supporting other blockchains besides ETH since transaction fees are insane. I have just checked how much should I pay to just fund my new account. It’s about 60-70 USD fee + actual payment + there is some efficiency which I did not have time to figure out. This is huge. Maybe you can support Binance Smart Chain or some other networks where fee is like x1000 smaller then ETH and transactions come through faster.
Ironically, Binance Smart Chain was part of what caused us to fail to launch my "end game solution" for that a while back and put me back into a design cycle (the exit for which or progress on I will not comment on here): we noticed their endpoints don't support eth_getLogs in a useful way.
(To be fair to them, neither does Polygon/Matic anymore, and there it was seemingly a more fundamental limitation... and, honestly, if it were only Binance Smart Chain that were limited, I would not have really cared as that chain is extremely centralized in a way I would find scary for our users.)
That seems to be an issue. However $60 fee still is insane and kills product. I have seen pankacakeswap defi used IPFS for decentralized voting. They use private wallet keys to sign vote and write it to IPFS. Maybe you could use IPFS as decentralized storage for that first block or other older blocks like a cache?
(It isn't clear to me that it even makes sense to compare Tor and Orchid, as I don't think Tor tries to accomplish the same goal as Orchid, but I am going to take this comment at face value and accept the premise ;P.) FWIW, not only does Tor not need to take payments on iOS/Android devices, afaik Tor still doesn't have a working iOS port (as it uses too much memory to be a network extension).
If you just don't like money being involved, then you are leaving a lot of speed on the table (Tor clearly has a public good issue: they want you to use it... but not waste it, which is weird). (And like, they know this, and want to figure out how to add payments, but they are--I think intelligently--having issues figuring out how to support payments while keeping their goals intact.)
That all said... Tor is also only barely decentralized, if we are on that topic :( it has only like 9 directory servers, you certainly can't run your own to help/verify, and control of those servers is sufficient to pretty narrowly direct traffic. When asked "what would you do if someone threatened your family to alter the results from your server?", the Tor developer I talked to seriously seemed to have not considered that problem before? It was strange.
I've gone to great lengths to try to prevent anyone at Orchid from having that level of control, even when dealing with money purchased via in-app payments (so: no one come threaten my loved ones? it won't help you ;P).
I encourage you to look at orchid.com (or, better yet, the README file in the git repository) for information about Orchid instead of torproject.org ;P. Orchid is most often described as "a decentralized bandwidth marketplace", and now (apparently) as "a new model of VPN". I do not believe that the word "anonymity" is generally used to describe the effect of using Orchid (though I'm sure the term has probably been used in one or two places over the years inadvertently, as there is some overlap between it and the word "private", which better describes what Orchid is accomplishing; if you go back to like, early 2020 on archive.org, you can see orchid.com was nigh unto littered with the word "private"--calling it a "privacy network" for "private browsing"--but not "anonym(ity|ous)").
As for Onion Browser (which is notably a third-party app), I will clarify (as I'd assumed the points were taken together): Tor does not have "a working iOS port" capable of VPN-like service (what Tor sometimes calls "transparent proxy"), such as to use apps like Facebook, WhatsApp, or Instagram over Tor (as in, something useful to accomplish the goals of a user on mobile, as the world--and to be clear: this sucks--is no longer truly accessible via the web). This would require a Network Extension on iOS, which has very weird and somewhat frustrating resource limitations... and here I will note that I know well the developer of iCepa (mentioned in that blog post), and, due to life circumstances, he had to abandon that work many years ago (before it was able to be finished).
FWIW, I entirely appreciate that Tor isn't really designed to support "VPN-like service" (and, in fact, goes so far as to discourage the usage of their "transparent proxy" functionality): they do not consider that to be an appropriate way to implement "anonymity online"... which maybe helps make the difference between the projects clear? Brian (Fox!) had had a great explanation (this isn't an exact quote... I believe he worded it much better): Tor attempts to make you "anonymous" online (which really requires a browser); Orchid, in stark contrast, can help to make your communication "private", helping prevent third-parties (whether ISPs or governments) from interfering with your communication (which may or may not be "anonymous": that's kind of out of Orchid's control).
So, I will argue "very little": Orchid's decentralized node "directory" runs on Ethereum, but transactions are only very seldom made to modify it (it is more than just servers coming and going, but not much more); in the future, when Ethereum moves to proof of stake, I'd expect this to drop from "very little" to "almost none" (well, as "overhead").
The real blockchain transaction volume we do is for backing the payment system, and there I'll note that Orchid's payment layer is somewhat chain agnostic: I designed the payment protocol to support some level of negotiation on how the payments happen. Right now, many of the active users happen to use xDAI (which is not based on proof of work).
> I never thought that any piece of software I wrote would have any longevity at all and I'm super surprised to find out that many pieces of software I wrote have some longevity and of course, Bash is the most famous of those and is now available on multiple planets as well as basically every computer that exists on the earth today.
There is a really great book which is available online about implementing Emacs. Anyone know it’s name? Would love to reread it. It has a lot of C and builds around a “redisplay” process.
Many years ago I worked on a test editor with a data structure like VI, where each buffer was a list of strings, rather than emacs where a buffer with two strings where point implicitly is between them, but written in pure style and scriptable in Clojure.
I hoped you would have asked about LSD use - Bash is such an insane tool with dynamic scoping, horrific array operations, incomprehensible rules for quotes, simultaneously unquestionably useful and one of the most painful programming environments to work in. Acid (big at the time, even bigger than today) must have been involved in the creation of Bash, I'd love to hear more about it.
Most of that stuff is just required compatibility cruft with ksh. I think the array operations were new, maybe, but bash really didn't have a chance to go back and redesign the language from scratch. It had to be able to run existing ksh scripts correctly.
The problem – as always – has been one of compatibility. The original Bourne shell from the 70s didn't have scoping at all, or functions, or arrays, and ksh added stuff on top of that in ways which maintained compatibility. Changing all of that would be like Python 3, except worse.
Bash copied a lot from ksh and zsh (and zsh also copied a lot from ksh), which was a closed "improved Bourne shell" at the time.
Please don't pick the most irritating detail in an article and then copy it into the thread to complain about it. This leads to significantly lower-quality discussion, especially when the detail is off topic.
One thing we're working on learning as a community is how to respond to the interesting parts of an article or situation and leave superficial provocations alone. Not easy, but important for curious conversation.
I understand and respect your point of view. I even agree with it in general. But in this particular case, it seems really off. The issue has been debated ad nauseam so it makes no sense to repeat the arguments, and it looks like there are two camps and it is going to stay this way. But this is supposed to be an interview with the creator of Bash, and the interviewer suddenly pops in with his opinions about RMS, talking about him in very base terms - but nobody even asked him about it!
My point is if we, as a community, start to ignore these acts of passive of active aggression, we will become worse as human beings - and hence my reaction. (And at the same time I'm sorry to see you intervene - I admire your hard work and I'm happy that thanks to you HN is a better place.)
Or, we become worse as human beings if we react with intense charged emotion every time a particular thing is mentioned, creating a situation where we can easily be baited into reacting, and where perpetual tit-for-tat outrage is normalised. Let’s try for something other than that.
Maybe, I'm not sure. It's not even about RMS. Imagine an interview with Rob Pike and the interviewer saying, "Tom Howard did so many bad things I'm ashamed to share his name." It's just plain wrong. You don't do these kinds as a decent human being. When you are talking to your colleague - fine. Even if the interviewee specifically asked your opinions on a person you hate, a well-behaved person would answer "I'd prefer not to talk about this" or "we're not on good terms", something like that. You simply don't do thing like this one publicly.
I know what you mean, I really do. I've been spoken about in pretty harsh terms at various times, and yep, it cut deep, and I've also been sensitive to public attacks on others I admired, or even didn't much admire but could see myself in their shoes. So yep, I get it. But over time I've learned that if you do anything that challenges the status quo, you'll attract public criticism and worse. Some of it may be valid, in which case the target wins by learning from it. In other cases it's unfounded and cruel, and thus it reflects more on the attacker than the target, and the way to win is by being unaffected and just walking away. A sure way to lose is for it to affect your own sense of inner peace and react in a way that perpetuates the negativity.
Stallman predicted years ago things that only now are getting the attention of people, most notably the fact that with proprietary software it's the software that controls the user and not vice versa: just see the recent news, for example we now discuss about the control that Apple has on the store, or the fact that it's legitimate to scan the user internal memory and reporting to the police, something Stallman again predicted years ago.
I think that in the end he is right. In a world where software is becoming more and more part of our lives, and not something for a couple of nerds like in the 80s, it's fundamental to embrace the free software, if we want to be free and not slaves of corporations like Apple, Google or Microsoft.
Of course the media is against Stallman: it's the same media that is controlled by the companies that makes billions with proprietary software at the expenses of the users!
Unfortunately most technicians don't understand the message of Stallman, that is not about money (free software != you don't pay for it) or about convenience (some proprietary programs are better than free ones and vice versa), but about something more important, democracy, that in the world we are transitioning to cannot exist if the software is a small oligarchy of 5 gigants.
> Of course the media is against Stallman: it's the same media that is controlled by the companies that makes billions with proprietary software at the expenses of the users!
I've been struggling with putting my thoughts into words regarding this point. There are two points that I want to make:
1. The idea you expressed is so clearly and obviously incorrect that it's surreal to see it on Hacker News. The American media conglomerates are not owned by Apple, Google or Microsoft. (This point is boring and probably not worth spending much time on)
2. The idea you expressed is so frequently posted in other contexts that I wish we had a separate word for it in English. There is this tendency for people (especially in conspiracy-focused groups) to make this same argument. I usually see it as some variation of "follow the money" or "who profits" followed by an extremely tenuous connection between some action and a profit-motive. These arguments usually treat companies (eg. Microsoft) or entire industries (eg. the media) as homogeneous entities with a single-minded focus on profit. In reality, these companies and groups are comprised of individuals with orthogonal and conflicting motivations (many of which have nothing to do with profit).
The moment you realize this, ideas like "The American media manufactured a campaign against Richard Stallman so Microsoft could sell more copies of Microsoft Office" seem ridiculous. Whoever runs NBC does not have their paycheck tied to profits over at Microsoft. I wish I could more concisely express this idea.
You have a limited view of what the free software movement is. It's not all about software (despite the name), but most generally a movement that wants to go into the direction of a decentralized and more open internet, where all central entities, not only software companies, but also record companies, publishing houses, banks, and news companies, will become obsolete.
It's a fact that news companies are lobbying against the freedom of the internet, just take a look at article 13 of the EU copyright law (that of course the EFF, FSF and Stallman did a campaign against).
Other than that, typically free software, takes privacy and anti tracking more seriously. If you use Firefox for example, out of the box most trackers, that are the things that make newspaper earn money for each click, are blocked by default. Of course it's easier to just pay Google a percentage on the money earned trough ads and user tracking because you are sure that they will never allow blocking of them in their proprietary browser. While Firefox, a software developed by the community, you can't control, there is no company to pay to make the software go in the direction of your interests.
> These arguments usually treat companies (eg. Microsoft) or entire industries (eg. the media) as homogeneous entities with a single-minded focus on profit. In reality, these companies and groups are comprised of individuals with orthogonal and conflicting motivations (many of which have nothing to do with profit).
Well, it's not necessary that the whole org "thinks" this way - it's enough that those who are to exert the necessary influence, do so - in this case, Satya Nadella:
> "In fact, this morning, I was reading a news article in Hacker News, which is a community where we have been working hard to make sure that Azure is growing in popularity and I was pleasantly surprised to see that we have made a lot of progress..."
The relevant URL[0] no longer works, this one [1] does.
Sure is pretty plausible that the bigwigs of American media don't make stupid investments. It would be rational, even, if all of them had investments in technology. In fact, it's almost a sure thing that any of them with any investments have large portions of their wealth in technology stocks.
I find it so strange that podcasters use mp3 instead of using opus, considering the space savings, which you might think does not matter, but all of my podcasts are on my phone, which is always somehow running out of space.
How many clients understand opus files? How many break if you try let them figure out the one they understand? Then you are down to providing a separate feed and hoping the people interested in an Opus variant find it. Not very effective.
Sadly the podcast ecosystem is fairly brittle like that due to client/aggregator expectations. (e.g. there is a whitelist of a dozen CAs your HTTPS cert is allowed to have if you want it to work with iTunes etc)
Does the iPod support opus? I doubt too many podcasts are played on original iPods these days but there’s something to be said for the fact they can be.
Re-written: I'm surprised Bash shell passed muster for mission critical NASA applications given it isn't based on a formally verifiable language that they tend to use (e.g. Ada).
> Linux Is Now on Mars, Thanks to NASA's Perseverance Rover
> Previous NASA Mars rovers mostly used an operating system from Wind River Systems. But this time, the space agency chose Linux for Perseverance's Ingenuity helicopter drone.
I know one of the DoD sysadmins who was involved in making this happen, and have taken great joy in listening to her brag about it any time she likes. Never gets old for me :D
"I stopped at", saying software on a flying helicopter on Mars "isn't mission critical" and that bash would never pass any verification process at NASA does indeed sound like you're dissing bash here. If your intent was to leave some sort of feedback or opinion that can improve things and look less like a "diss", then you probably wanna give it another go.
From what I've read, one of the things the helicopter project did was to see how well ignoring the usual heavy verification would go--it used consumer-grade off-the-shelf hardware as well, for instance.
Just because they are using OTS hardware doesn't mean it doesn't go through verification and testing, it just means they are buying hardware instead of making it themselves.
They have 2 sets of RAM and a RAD hardened FPGA that checks for bitfips in the memory. It can restart one that quickly that it can do it mid-flight. It's amazing what possibilities this could open up as doing intensive image processing on RAD hardened is expensive, or not even possible as it lags behind the state of the art.
Why would you be surprised? Out of nearly a decade of using Bash on Linux I don't think I have ever run into a bash bug or issue. There's been bugs with utilities like sudo of course, but those aren't Bash.
It happens... I can think of a couple that bit me in the last 5 years or so. Some of them felt like bugs but were flagged as new features in later releases like this one from 4.4... spent way too long trying to figure out why this worked under 4.4 but not 4.3 and didn't even consider a bug, let alone a feature at the time. I was convinced it was something I did wrong :P
"a. Using ${a[@]} or ${a[*]} with an array without any assigned elements when the nounset option is enabled no longer throws an unbound variable error."
From the anguish of those who try to implement the POSIX shell, I understand that edge cases are far from difficult to find. The Almquist shell (Debian Dash) is cited for not using lex/yacc to implement the parser, and described as untrustworthy.
There are design flaws and edge cases in bash though, lots of them come up when trying to automatically show the exit code of the last command and when trying to automatically show whether or not the output of the last command ended in a line ending character.
Formally verified programs often still have bugs.
AWS S2N, for example, currently has hundreds of open issues and identified bugs, despite being the subject of a continuous formal verification program.
Bash powers probably hundreds of billions of dollars worth of critical infrastructure...
My point being that whatever other software runs on this thing is far more likely to contain hidden bugs than bash has given its age and widespread distribution. It seems weird to single out bash as opposed to the hundreds of other random packages on any given distro.
It's been kind of difficult for me to reconcile considering that this is the dude who co-wrote frickin bash, but then I look at how weird of a language it is for shell-scripting and I totally understand.