Profile

Cover photo
Lex Spoon
Works at Semmle
Attended Clemson University
599 followers|87,980 views
AboutPostsPhotosYouTubeReviews

Stream

Lex Spoon

Shared publicly  - 
 
I know that Windows support is hard, but it's a real blow to basic software development if you can't trust your Git checkout to have binary correct files. I really dislike the autocrlf setting.

What I learned today is that one of the authors of msysGit not only agrees, but moreover is unimpressed by the implementation of the feature. That's interesting to me because in my world, msysGit is the main reason people get interested in this setting. When you install msysGit, it strongly encourages you to turn the feature on, even though Linus himself left it off by default. People trust that msysGit is looking out for them and so turn it on.

I'm very curious that msysGit is still doing this, given its authors don't seem in agreement about it. I would think there's a meta-default that if you are repackaging someone else's software (Git), you should leave its defaults alone without a clear reason otherwise. If they don't agree themselves, then the reason for overriding Linus's choice can't be all that clear.

More broadly, I wish there was a more general interest in removing CR pollution from the world. A lot of people just seem to assume that we've inherited this problem and so will always have it. Look what has happened with text file formats, though. Ten years ago, it was just assumed that any file processing text must come along with some out-of-band option to specify the particular text encoding to use. Nowadays, software assumes UTF-8 by default, and it's really caught on.

Speaking of character encodings, would anyone like to have a core.autoutf8 option on Git? After all, CP-1252 is the standard on Windows, isn't it? Maybe I should not ask, because there might be people out there who would say yes, that sounds great.

Digression aside, I think the same could happen with text files. People keep writing code that emits CR characters out of a misguided assumption that it's helping things. At this point, though, Windows has joined the Internet, so even on Windows, to a first approximation it doesn't matter what line endings a given file uses. Most things don't care, and a few things will work better, and a few things will work worse. Generating CR characters now doesn't usually help the software doing it (does it?), but it definitely contributes to an overall problem in the global computer ecosystem.
core.autocrlf considered half-assed. Date: Sat, 6 Mar 2010 00:23:33 +0100 (CET); From: Johannes Schindelin ; Subject: core.autocrlf considered half-assed. Hi, back then, I was not a fan of the core.autocrlf support. But I have to admit that in the meantime, ...
4
Joel Webber's profile photoPhilippe Lhoste's profile photo
2 comments
 
That's something that should be handled by the editor (auto-detect line ending), not by some filter behind the back of the coder... Same for auto-formatting and co.
Add a comment...

Lex Spoon

Shared publicly  - 
 
I quite enjoyed this read. I have often heard the tales about "limers" on English ships eating a lime a day (actually it was lemon juice...), but I had wondered how that policy had gotten established. In fact it was a torturous 40-year process with many turns, and it was later completely undone when the navy penny pinched on its source of lemons and thereby lost the benefits. The particular form of penny pinching was, most curious of all, to switch to actual limes, instead of just lemons, which they had been calling limes.
Atkinson inclined to Almroth Wright's theory that scurvy is due to an acid intoxication of the blood caused by bacteria... There was little scurvy in Nelson's days; but the reason is not clear, since, according to modern research, lime-juice only helps to prevent it. We had, at Cape Evans, ...
2
Add a comment...

Lex Spoon

Shared publicly  - 
 
I'm trying to reuse some software called H2 today, so am researching the license terms. Funny enough, if you digging around about EPL and MPL, you quickly run into pages like this one complaining about how miserable open-source licensing is.

I've said it before, but authors seem to really get nervous when they get to that last step of just giving away their code and seeing what happens. I guess that makes sense on an emotional level, but it sure adds friction to the actual reuse of open-source code. For all that it causes trouble to would be users, though, I'm not sure how much these extra terms really help the author.

It's a huge subject, and I certainly can't claim to understand everyone's situation on this, but my leaning when working on open-source code is really just to give it away. Licensing terms for credit, disclaimers, patents, and legal fees seem especially unlikely to go well. Even getting into non-commercial restrictions seems unlikely to help you as you might hope for; after all, if you do attract commercial interest for the software, they're going to want to hire you to do more with it. It will hardly hurt you at that point whether version 1.0 is still out there for free.
03 Apr 2007. Pick a License, Any License. I hate software licenses. When I read a software license, what I see is a bunch of officious, mind-numbing lawyerly doublespeak. Blah, blah, blah.. kill me now. meaningless license certificate. If I had my way, everything would be released under the ...
1
Add a comment...

Lex Spoon

Shared publicly  - 
 
The different JVM languages all have their own approach to lambdas, which poses an interesting question to anyone trying to make a library that will be used by all of them. There's an extra problem hidden in there, too, that will make Go programmers snark at the trouble this is in Java: if Michael Bayne decides to go with the Scala function types, he'll either have to include some version of the function-type interfaces in his jar, or else require his callers to provide copies of those types. It's a thorny problem that does not appear to have a standard solution in the Java ecosystem.
1
Ray Cromwell's profile photo
 
There's worse problems than that, just look at https://github.com/mintern-java/functions and the nastyness that checked exceptions in lambda's provoke.
Add a comment...

Lex Spoon

Shared publicly  - 
 
The mystics are coming out
Discussion on the Scala collections revamp is starting to get mystical. It really bugs me: good language design makes a huge difference, but it's hard to see unless you actually deal with thousands or more developers on millions or more lines of code. Casua...
Discussion on the Scala collections revamp is starting to get mystical. It really bugs me: good language design makes a huge difference, but it's hard to see unless you actually deal with thousands or more developers on milli...
1
2
Margaret Leber's profile photoArthur Shagall's profile photo
Add a comment...

Lex Spoon

Shared publicly  - 
 
Spark is hot. If you are writing big cluster-computing jobs ("big data"), you don't want to have to write out all the Java goo by hand.
1
1
Noel Yap's profile photo
Add a comment...

Lex Spoon

Shared publicly  - 
 
A great discussion of "real names". Internet forums should be based around pseudonyms, with the possible exception of the occasional site where it's important to check ID (e.g., motor vehicle registration).
A week ago in: Social Media Abuse Stories to Shrivel Your Soul. I discussed the wide range of serious problems resulting from social media "real names" identity requirements, with Facebook being the most prominent and important perpetrator of the resulting damage to users.
1
Add a comment...
Have him in circles
599 people
Karen Parker's profile photo
Jim Johnson's profile photo
tieu ho's profile photo
Eric Winger's profile photo
Todd Url's profile photo
Sami Jaber's profile photo
Posada Real de las Vegas's profile photo
Vernard Martin's profile photo
Trina Francis's profile photo

Lex Spoon

Shared publicly  - 
 
One thing that has changed since then is that UTF-8 has taken over as the standard interchange format.  Because of that, it's no longer a big deal to use the same type for strings and for byte arrays.

Maybe Python 4 can go back to that. In our strange world, it might be better for adoption of Python 4 if it is designed for the 2-to-4 upgrade path rather than the 3-to-4 upgrade path.
Also, clicking the slide images will jump into the full presentation at that point. The Symbola font is included, but will have to be downloaded before some of the special symbols will appear. Pragmatic Unicode~ or ~How Do I Stop the Pain? Hi, I'm Ned Batchelder. I've been writing in Python for ...
1
1
Joel Webber's profile photoHilmar Hoffmann's profile photo
 
This is one thing I think Go got right, mostly by accident. Everything's basically a `[]byte`, with `string` being special only in that it's an immutable UTF-8 `[]byte`. If you don't care about the encoding, you get random access to bytes in the slice. If you do care about encoding, you have to walk the characters in order, but that's trivially easy to do. The Go team made some noise early on about this being "not good enough", but so far I've found it easy and efficient to work with.

The fact that "slice" is built-in, and ubiquitous, makes it easy to deal with these things efficiently, e.g., when getting strings from binary data and you don't want to copy them all over the place. Compare this with, say, the Eclipse CDT, which uses an insane collection of things built on Java `byte[]`s to avoid being overwhelmed by string munging costs.
Add a comment...

Lex Spoon

Shared publicly  - 
 
Here's another thread that makes me think we are all building on top of sand.

If you store a timestamp in UTC, you at least know unambiguously what timestamp is being referred to. You can then fix up the timezone you want in later layers of the software. If you store a timestamp in local time, then you have nowhere to start from. You don't generally know what locale was used to save it, and worse, if that locale used daylight savings, then there are certain time values that refer to two different points in time.

I'm surprised a database implementer would suggest and encourage users to store data in local time. Given all the confusion around this topic, my own included, it's probably best to avoid the SQL "timestamp" type. The number of assumptions you have to vet out before it will work is prohibitive compared to storing a UTC time as an integer.
1
Ray Cromwell's profile photoLex Spoon's profile photoJohn A. Tamplin's profile photoBrian Slesinsky's profile photo
7 comments
 
Even just recording event timestamps can be tricky. How much do you want to trust the client's clock? For consistency, it's often a good idea to always use the database's clock, but this doesn't work for offline operation.
Add a comment...

Lex Spoon

Shared publicly  - 
 
There is another gain that Timothy Taylor doesn't mention: the payment process is a lot smoother. This doesn't seem to bother everyone, but I dislike the awkward speed bump that comes from having to count out a wad of dirty bills once you arrive at your destination. It feels much nicer to do it on your app while the car is on the way over, because you're just idling around anyway. When you arrive, you smile at your driver and hop out and are on your way.
A common accusation against Uber and other web-facilitated car-hire services is what looks like a competitive advantage only arises because they operate under a different and more lax set of rules than regular taxicabs. In ot...
2
1
John A. Tamplin's profile photoJoel Webber's profile photoLex Spoon's profile photoVilmar Simson (Ves)'s profile photo
6 comments
 
I've run into the credit card reluctance, too. It means the tip will get taxed, so that may be part of it. As well, the little machines that are in a lot of taxis seem rather slow and ornery. Sometimes they even have to get out a pad of paper and write down your card details. Sometimes the little machines are slower than the old-school pad of paper.
Add a comment...

Lex Spoon

Shared publicly  - 
 
Well, there's a bug that lowers confidence in a product. For a correct journalling implementation, you have to sync the data to disk before you write the commit mark. If you skip that first sync, and you try to sync both the data and the commit mark at the same time, then you can get exactly the situation the poster describes. The OS will write the data to disk in one order or another, and it's possible it will write the commit mark at the end of the file before writing the data that precede it.

Aside from these details, it raises ReiserFS-like questions of what you mean by "journalling" and "data integrity" if the reported sequence of events is in any way possible....
1
Lex Spoon's profile photoJohn A. Tamplin's profile photoJoel Webber's profile photoBrian Slesinsky's profile photo
6 comments
 
It seems like a checksum might fix this?
Add a comment...

Lex Spoon

Shared publicly  - 
 
"Just a click away" is a phrase you hear a lot at Google. There's a constant terror that if you slip up in the slightest, your users will click over to another web site and vanish instantly. Obnoxious search ads? click now your users are on Bing. Slow user interface for email? click now your users are using Yahoo Mail.

For that reason I find it very strange to read Schneier believing otherwise. He thinks there should be some kind of extra damages applied to a company that loses a user's data, above and beyond the actual terms of service that the user has agreed to pay for.

I certainly agree about the problem--email is weak, even with two-factor turned on. I don't see any issue with incentives. Internet services of all stripes have started supporting two-factor, and they don't do it because Uncle Sam wagged a finger at them and said they should. They do it because they want to retain their users.
The Doxing Trend. If the director of the CIA can't keep his e-mail secure, what hope do the rest of us have -- for our e-mail or any of our digital information? None, and that's why the companies that we entrust with our digital lives need to be required to secure it for us, and held accountable ...
1
Aaron Novstrup's profile photo
 
This seems to be a gross misuse of the term "classic market failure". There's absolutely no way that the companies involved in such breaches do not suffer losses, and it's unclear how the government "establish[ing] minimum standards for results" (i.e., imposing penalties for security breaches) would differ substantially from the current system in which parties can recover damages through civil actions -- except that it might open the door to more harmful interventions.  Sure, a provider's terms of service might limit its liability, but a user that requires greater security should seek out providers that are willing to warranty their services.
Add a comment...
People
Have him in circles
599 people
Karen Parker's profile photo
Jim Johnson's profile photo
tieu ho's profile photo
Eric Winger's profile photo
Todd Url's profile photo
Sami Jaber's profile photo
Posada Real de las Vegas's profile photo
Vernard Martin's profile photo
Trina Francis's profile photo
Collections Lex is following
Education
  • Clemson University
  • Georgia Institute of Technology
Story
Tagline
Software engineer at Semmle
Work
Occupation
software engineer
Employment
  • Semmle
    2012 - present
  • LogicBlox
    2012
  • Google
  • IBM
  • EPFL
Basic Information
Gender
Male
We've always had good experience with Estes, both for repair and for sales. Thanks to Raymond, Patrick, and Jonathan for excellent repairs and installation, and thanks to Chris on sales for telling me what I need to know but skipping any hard-sell tactics.
Public - a year ago
reviewed a year ago
They have excellent pizza and a good selection of beer. Definitely try the "monster slice". It is cooked to order and is accurately named.
Food: ExcellentDecor: GoodService: Excellent
Public - 2 years ago
reviewed 2 years ago
2 reviews
Map
Map
Map