I love it. Some of these solutions are things I looked into during the early days of Android, before Google had cemented hegemony on so many things. Namely, Subsonic and K-9 Mail were some early contenders that I remember, although both quite clunky at that point (Subsonic very much had the patina of a one good developer, but no UI specialist, team).
This is generally a good flow, but something that absolutely baffles me is that GitHub changes the commit SHAs when branches are rebase-merged from PRs[0]. This totally breaks a fundamental notion in Git that the same work, based on the same commits, has the same hash. It also makes it incredibly difficult to determine which PR branches have been merged into master.
That is not something Github is doing, it's fundamental to how git works that different commits have different hashes - and rebasing creates different commits (they have different parents).
Not rebase-merging would probably suit your workflow better.
I really don't think this is a "fundamental notion in Git." They ship git-patch-id to do what you're trying to do and frequently used internal tools like git-cherry use it. It's also not a true statement for LKML-like workflows that are landing patches off of mailing lists with git-am or git-apply.
Discussions like this are always helpful for people with more experience in dynamic languages. My first experiences with Monads, like the one in LYAHFGG[0], left me with the sense that Monads were a tool primarily used in statically-typed languages. After much searching, I stumbled across Tom Stuart's _Refactoring Ruby With Monads_[1] talk, which helped describe Monads as just another useful programming abstraction independent of the language. (Jim Duey's _Monads in Clojure_[2] also helped.) Monads now make sense to me as a general-purpose programming paradigm, like recursion or immutable data structures.
Agreed -- I found Haskell most confusing at first because of the lack of syntax. My brain kept wondering where the rest of the syntax was. Not to be too dramatic, but I think Haskell is kind of like programming "poetry" in this regard.
Love it. Every few years, a site like this gets posted, detailing somebody's transition from rooted to nomadic. If you work remotely, this can be an exciting idea.
The analogy is a little twisty, but yeah, seeing the files in the directory is probably like looking in through the door, and actually opening them is probably more like trespassing.
An ftp client downloads a list of files as soon as you connect.
It's the same as fat fingering a website in your browser. Are you saying I should go to jail if I type the wrong website, it loads, and it turns out that site was supposed to be "private"? My browser downloaded the home page and all the files on it.
What if I click the wrong wifi network and use it all day without noticing? Should I get charged for "unauthorized access"?
There needs to be a reasonable standard for security above "so insecure you could do this by accident" to send people to jail. Whoever set up the server that shitty should be charged with negligence.
See, the legal system has this thing called “intent” and courts are decently adept at figuring it out. If you actually did fat finger something, you could probably prove that. Maybe you only connected once for a quick second. But if you connected multiple times over several days, and forensic evidence showed you deliberately downloaded things, well, that’s intent.
I see this all the time in technology: people come up with contrived counterexamples to expose some non-existent flaw in the legal system that they get really defensive about. The legal system isn’t like a computer. If you really did make a mistake, that should become obvious in the ideal case.
Some graphical FTP clients might download a list of files, but certainly not all. It's not a standard part of the protocol to immediately execute 'LIST'.
You may have fat fingered a URL, but your browser still asked for it and any content located there.
I don't agree with prosecution on things like this, but the reality is the best analogies are still doors and locks: My front door is connected to a walkway, which is connected to the public sidewalk. You may see my door is open and unlocked, but you're still trespassing if you walk in. If you did, I may decide not to press charges, but that's my choice. And I'd be mad as hell at anyone who created a law that said I couldn't just because my door is open.
I think the best solution is for people to treat others with a little more goodwill, and find other ways to make society less litigious overall. Unfortunately, corporations drive a lot of that because a corporation's only goal is to make money. People, however, can make different choices.
The "doors and locks" analogy is not perfectly applicable in this case.
In the cases of house front doors in the suburbs, the overwhelming expectation is both that the door is intended to be locked and that the public is not intended to freely come and go from the interior of the residences. This is a custom so well-established that it is essentially universal, and a house with the door open and unlocked is an obvious outlier.
In the case of fileservers on the public internet, the overwhelming expectation is that anyone may connect to them, and if anonymous logins are accepted, access the files on the server. Again, this is well-established custom.
Because the customary behaviour in the two situations are so different, the analogy is inapplicable.
After walking away from this I thought of an analogy to fit the other side: Attractive Nuisance
Maybe a security researcher/group/company could sue on behalf of customers affected by an open FTP server because it's an "Attractive Nuisance" on the Internet. Affecting a company's bottom-line is about the only way to get some to take notice.
> Are you saying I should go to jail if I type the wrong website
No, I'm not saying anyone should go to jail. The person in question did not do this by mistake though.
In general I'm in agreement with you. I'm just making sure we don't mix analogies. Looking through an open door is not the same as connecting to an FTP server and getting list of files.
I'm saying that unauthorized access shouldn't apply to things that are trivial to access even by mistake.
The law needs to be at the same standard as real life. For example the police can search your belongings unless they're locked, then you need a warrant. If you've got a service wide open on the internet with no security it shouldn't be a crime just because somebody found it.
The difference between doors and locks is that going through real life doorways is a lot different than connecting to a service. On the internet the act of connecting to it gives you access to the inside, there's no second act of walking in.
It's like an open door that throws a copy of it's contents at anyone that finds it.
> The law needs to be at the same standard as real life.
Unless you're intending to make the argumet that accessing those files is the same as you leaving all of your personal belongings on the street, I'm not seeing any differences.
> For example the police can search your belongings unless they're locked, then you need a warrant.
The police need a warrant, I [an individual] do not. By your argument, I can come to your house and go through all of your things just because you left the door unlocked.
> If you've got a service wide open on the internet with no security it shouldn't be a crime just because somebody found it.
I don't think anyone here is saying it is. The argument is it's illegal to search through the data made available by that service without permission.
> It's like an open door that throws a copy of it's contents at anyone that finds it.
It's really not. Here's an exercise: Name a protocol used on the Internet that does NOT make a distinction between connecting and the client requesting information.
>Name a protocol used on the Internet that does NOT make a distinction between connecting and the client requesting information.
Http, among almost everything else. In HTTP the browser will call GET / as soon as a TCP connection is established. If you want to go down a level yes TCP doesn't leak info on connect but what kind of client does that?
The L4 protocol doesn't matter, too low level. What matters is what a normal client does. In HTTP, every browser will make a GET request for info immediately on connecting
Say Bob tells me to connect to his ftp server and gives me a different IP. I go into my client, type the IP, and hit connect. I have a directory listing of all the filez now. A crime? You've gotta be kidding.
To even know you're connected to the right place in most protocols you need to request information. It's like I said, a door that throws the contents inside to anyone that finds it. It has to be that way because otherwise all the doors look the same and you couldn't find the right one
HTTP _does_ make that distinction, as does just about everything else (off the top of my head, the only thing I could think of that may not was NTP). My point was the client has to request something, that's a search in this context.
> Say Bob tells me to connect to his ftp server and gives me a different IP. I go into my client, type the IP, and hit connect. I have a directory listing of all the filez now. A crime? You've gotta be kidding.
Say Bob gives you the address to his house and says "Open the gate and go in the back yard. My grill is in the corner, you can have it". Unfortunately, you transposed the numbers and took someone else's grill. Is that not trespassing and stealing?
I don't disagree with you that the prosecution in this case probably should not happen, but it's not nearly as simple as making a blanket statement that "Whoops! I connected to the wrong server." is enough to make an act no longer illegal.
As @poorrights commented, a lot of it has to do with intent as well.
> The police need a warrant, I [an individual] do not
Well, you just can't legally break into and search my locked property at all; it's true that the remedy for a police violation (the exclusionary rule) doesn't apply to a private violator of property rights in this way, but that's because regular civil and particularly criminal process is available, without governmental immunities and, at least in theory, without the conflict of interest that arises when government law enforcement agents pursuing law enforcement evidence are the ones violating property rights.
> Well, you just can't legally break into and search my locked property at all;
That's my point and counter-argument to the item I quoted; Just because something is visible, or behind an unlocked door, it is NOT available for someone to search through it.
The 2D->3D analogy made sense to me -- only being able to see the cross-section that is visible in a current dimensionality -- but I got to wondering if you couldn't use some of techniques from information visualization techniques to show a representation of that extra dimension in the current dimensional landscape (ie fading the object as it gets farther away from the current dimension).
