The Good Parts #1

The vast majority of tech-related comments today (on all platforms) are a dumpster fire. The deeper understanding you have about the subject, the more clearly you can see that.

"The Good Parts" is a series of collections of links and comments (mostly from HN and occasionally from other sites), which I find insightful or interesting in some way.

Series index: The Good Parts


SELinux is unmanageable; just turn it off if it gets in your way

The problem is not so much that selinux is too complicated (it is as complicated as it needs to be), but that we all run software we don't understand.

The whole IT ecosystem has become a hail mary. Even admins usually have no idea what a certain program actually wants to do. If the admin knows how to install the app so that it actually runs, you call them a good admin.

From a security point of view, an application is like a nuclear power plant. It's good if it works as planned, but if something blows up it endangers your whole enterprise.

The whole container movement can be seen as putting the apps in a sarcophagus like Chernobyl. That way the radiation hopefully stays in, but history has shown that it really doesn't. Also, the wheel of history has just turned one more iteration and now admins just view the sarcophagus as something you deploy as you previously deployed the app. Who is responsible that it is air tight? Well, uh, nobody, really.

You can't even blame the applications for that. Let's say you want to build a good, secure application. How do you know what files your application will try to open? What syscalls it wants to call? Library and framework functions tend to not document that properly.

Obscure files like /etc/localtime, /etc/resolv.conf, /etc/ld.so.conf, /dev/zero ... how can you expect devs to build well documented and well sandboxable applications if they don't know which files their library functions will open?

You may have heard of /etc/resolv.conf ... but have you heard of /etc/gai.conf? /etc/nsswitch.conf? /etc/host.conf? Wouldn't it be great if the man page of getaddrinfo mentioned those (mine only mentions gai.conf)


Internet spring cleaning: How to delete Instagram, Facebook and other accounts

People are realizing that social media is draining, predatory, and entirely superfluous.

Of course there are employees here of social media corporations who would want to stem the tide of this mass exodus, but it's useless. Social media corporations have overstepped their boundaries and become a net negative on human society.

Deleting your social media accounts results in an immediate improvement of quality of life and mental wellbeing. These sites are intentionally designed with predatory psychological mechanisms, they are designed by hackers like ourselves, but the hackers who see "social engineering" as a perfectly ethical practice and not simply psychological manipulation.

These services are designed to be addictive, full stop. Addiction is not healthy, and neither is social media. Maybe this will bring SV back to its roots, real technological progress for the nation and not desperate bids for data mining based on cheap psychological tricks.

People are growing sickened of the endless scrolls of psychological disturbing viral content combined with the false positivity of human interest stories. It is deepening social divisions, racial conflicts, political partisanship, and general misery. We don't need social media, what we need is real social connections in an increasingly isolated society, and social media stands in the way of this.


Why I'm usually unnerved when modern SSDs die on us (2018)

I worked on SSD firmware for quite a long time and here is my perspective.

Early flash used to fairly reliable with almost minimal error correction. However with increasing density, smaller processes and multi level cells, it has gone progressively less reliable and slower. Here are some of the things that we need to worry about: https://www.flashmemorysummit.com/English/Collaterals/Procee...

To compensate for all these deficiencies, the SSD architecture and hence the entire FTL becomes very complicated because any part of it can become damaged at any time. We always have to have backup algorithms to recovery from any scenario. Its difficult to build algorithms that can recovery from arbitrary failures in a reasonable time. I cannot have a drive sitting around for 20 minutes trying to fsck itself.

Another problem is that the job while rewarding is not very lucrative. The chance of a multi million dollar payoff for an employee is low. I have a higher chance working on a web connected gadget to become a millionaire. So that means it is really hard to recruit those who are top notch programmers who known how to figure out the algorithms, write the code, debug the hardware. Most new grads these days are interested in python, javascript and machine learning.


No one expects young men to do anything and they are responding by doing nothing

I can appreciate this perspective because I used to have it. I even wrote a similar blog post 10 years ago - it was on the top of HN and the comment section was a beautiful shitshow. For me, this perspective was a good story to tell myself - it justified why I was only investing my time in “work”, and validated me for having “come so far”.

Over time, I have reflected and shifted this perspective. That reflection centered around the question the author hasn’t asked himself yet: who creates these expectations? It’s always some loose definition like “society” or “elite”, or some other handy wavy grouping of people.

But, to be clear, those expectations are coming from the author. That’s his perspective of what the world thinks, based on his interactions, based on what he chooses to read, listen to, etc. He's not describing anyone but himself.

I found that if I find myself projecting onto social norms, society, or some other loose definition of “they”, what I’m really doing is projecting a part of myself that I haven’t been honest about yet.


LineageOS 19

I'm still pissed at Google for locking the bootloader on my Pixel 2. I bought the phone unlocked directly from Google, specifically so that I could install a custom ROM once Google stopped supporting it. But I sent the phone in to repair a broken USB port, and apparently it was Google's policy to send back a phone with a locked bootloader any time you get a repair.

I can't even get a response from Google's support about the issue. (Although, based on what I've seen from other people in the same situation, the response would be pretty useless if I did get one.)

I'm still using the phone, because the hardware is perfectly fine for my needs, but it's slowly turning into e-waste as the software gets more and more out of date. (I replaced the battery about a month before learning about the bootloader, so it's good for another 3-4 years.)

Edit: I'm not the only one this happened to - see https://support.google.com/pixelphone/thread/14920605/google... and https://issuetracker.google.com/issues/73217322 and https://issuetracker.google.com/issues/68897739 and https://forum.xda-developers.com/t/rma-phone-from-google-is-... and https://forum.xda-developers.com/t/oem-unlocking-grayed-out-... and https://www.reddit.com/r/Android/comments/9xcdle/psa_rma_ref...

Series index: The Good Parts
Comments, suggestions and questions and are always welcome.