On his personal blog, Red Hat's Chris Short (also a CNCF Cloud Native Ambassador) told his readers that "We kinda went down a rabbit hole the other day when I suggested folks check out yq. ("The aim of the project is to be the jq or sed of yaml files.") "First, there's nothing wrong with this project. I like it, I find the tool useful, and that's that. But the great debate started over our lord and savior, YAML." And then he shares what he learned from a bad experience reading the YAML spec in 2012: It was not an RFC, which I am fond of reading, but something about the YAML spec made me sad and frustrated. Syntax really mattered. Whitespace really mattered... It is human-readable because you see the human-readable words in the scalars and structures, but there was something off-putting about YAML. It was a markup language claiming not to be a markup language. I held the firm belief that markup languages are supposed to make things simpler for humans, not harder (XML is the antithesis of markup languages, in my opinion)... Close to ten years later, I see YAML in the same somewhat offputting light... I hope that a drop in replacement is possible. The fact that we need tools like yq does show that there is some work to be done when it comes to wrangling the YAML beast at scale... Incrementally, YAML is better than XML but, it sucks compared to something like HTML or Markdown (which I can teach to execs and children alike)... Yes, balancing machine and human readability is hard. The compromises suck, but, at some point, there's enough compute to run a process to take in something 100% human-readable and make it 100% machine-readable... There will always be complexity and a need to understand the tool you're using. But, YAML gives us an example that there can and should be better things. In a comment on the original submission, Slashdot reader BAReFO0t writes "Binary markup or GTFO." UTF8 is already binary. Hell, ASCII is already binary numbers, not directly readable, but mapped to vector drawings or bitmap images ... that again are rendered to pixel values, that are then turning on blinkenlights or ink blots or noises that a human can actually recognize directly. So why not extend it to structure, instead of just letters (... and colors ... and sound pressures... EBML's core [Extensible Binary Meta Language] is the logical choice. If all editors always display it as, say XML, just like they all convert numbers into text-shaped blinkenlights too, people will soon call it "plain, human readable" too...

Read more of this story at Slashdot.

Self-described "Java geek" nfrankel writes: At the beginning of 2019, I wrote about the state of Java modularization. I took a sample of widespread libraries, and for each of them, I checked whether: - It supports the module system i.e. it provides an automatic module name in the manifest - It's a full-fledged module i.e. it provides a module-info The results were interesting. 14 out of those 29 libraries supported the module system, while 2 were modules in their own right. Nearly 2 years later, and with Java 16 looming around the corner, it's time to update the report. I kept the same libraries and added Hazelcast and Hazelcast Jet. I've checked the latest version... Three full years after that release, 10 out of 31 libraries still don't provide a module-compatible JAR. Granted, 3 of them didn't release a new version in the meantime. That's still 7 libraries that didn't add a simple line of text in their MANIFEST.MF Meanwhile, long-time Slashdot reader AirHog argues that "Java is in a war for the browser. Can it regain the place it once held in its heyday?" All major browsers have disabled support for Java (and indeed most non-JavaScript technologies). Web-based front-ends are usually coded in JavaScript or some wrapper designed to make it less problematic (like TypeScript). Yes, you can still make websites using Java technology. There are plenty of 'official' technologies like JSP and JSF. Unfortunately, these technologies are entirely server-side. You can generate the page using Java libraries and business logic, but once it is sent to the browser it is static and lifeless... Java client-side innovation has all but stopped, at least via the official channels.... How can Java increase its relevance? How can Java win back client-side developers? How can Java prevent other technologies from leveraging front-end dominance to win the back-end, like Java once did to other technologies? To win the war, Java needs a strong client-side option. One that lets developers make modern web applications using Java code. One that leverages web technologies. One that supports components. One that builds quickly. One that produces fast-downloading, high performance, 100-Lighthouse-scoring apps. One that plays nicely with other JVM languages. What does Java need? Spoiler: The article concludes that "What Java needs Is TeaVM... an ahead-of-time transpiler that compiles Java classes to JavaScript."

Read more of this story at Slashdot.

After the U.S. unveiled charges against six members of the Sandworm unit in Russia's military intelligence agency, Wired re-visited "a secret experiment in 2007 proved that hackers could devastate power grid equipment beyond repair — with a file no bigger than a gif." It's an excerpt from the new book SANDWORM: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers which also remembers the late industrial control systems security pioneer Mike Assante: Among [Sandworm's] acts of cyberwar was an unprecedented attack on Ukraine's power grid in 2016, one that appeared designed to not merely cause a blackout, but to inflict physical damage on electric equipment. And when one cybersecurity researcher named Mike Assante dug into the details of that attack, he recognized a grid-hacking idea invented not by Russian hackers, but by the United State government, and tested a decade earlier... [S]creens showed live footage from several angles of a massive diesel generator. The machine was the size of a school bus, a mint green, gargantuan mass of steel weighing 27 tons, about as much as an M3 Bradley tank. It sat a mile away from its audience in an electrical substation, producing enough electricity to power a hospital or a navy ship and emitting a steady roar. Waves of heat coming off its surface rippled the horizon in the video feed's image. Assante and his fellow Idaho National Laboratory researchers had bought the generator for $300,000 from an oil field in Alaska. They'd shipped it thousands of miles to the Idaho test site, an 890-square-mile piece of land where the national lab maintained a sizable power grid for testing purposes, complete with 61 miles of transmission lines and seven electrical substations. Now, if Assante had done his job properly, they were going to destroy it. And the assembled researchers planned to kill that very expensive and resilient piece of machinery not with any physical tool or weapon but with about 140 kilobytes of data, a file smaller than the average cat GIF shared today on Twitter.... Protective relays are designed to function as a safety mechanism to guard against dangerous physical conditions in electric systems. If lines overheat or a generator goes out of sync, it's those protective relays that detect the anomaly and open a circuit breaker, disconnecting the trouble spot, saving precious hardware, even preventing fires... But what if that protective relay could be paralyzed — or worse, corrupted so that it became the vehicle for an attacker's payload...? Black chunks began to fly out of an access panel on the generator, which the researchers had left open to watch its internals. Inside, the black rubber grommet that linked the two halves of the generator's shaft was tearing itself apart. A few seconds later, the machine shook again as the protective relay code repeated its sabotage cycle, disconnecting the machine and reconnecting it out of sync. This time a cloud of gray smoke began to spill out of the generator, perhaps the result of the rubber debris burning inside it... The engineers had just proven without a doubt that hackers who attacked an electric utility could go beyond a temporary disruption of the victim's operations: They could damage its most critical equipment beyond repair... Assante also remembers feeling something weightier in the moments after the Aurora experiment. It was a sense that, like Robert Oppenheimer watching the first atomic bomb test at another U.S. national lab six decades earlier, he was witnessing the birth of something historic and immensely powerful. "I had a very real pit in my stomach," Assante says. "It was like a glimpse of the future."

Read more of this story at Slashdot.

Today's song: You can't always get what you want.

Poll: Anyone who votes for Trump after they said they aren't going to control the virus is..

The New York Times' looks at "a deal that controls the internet" — Apple's agreement to feature Google as the preselected search engine for iPhones, saying America's Justice Department views it "as a prime example of what prosecutors say are Google's illegal tactics to protect its monopoly and choke off competition..." The scrutiny of the pact, which was first inked 15 years ago and has rarely been discussed by either company, has highlighted the special relationship between Silicon Valley's two most valuable companies — an unlikely union of rivals that regulators say is unfairly preventing smaller companies from flourishing. "We have this sort of strange term in Silicon Valley: co-opetition," said Bruce Sewell, Apple's general counsel from 2009 to 2017. "You have brutal competition, but at the same time, you have necessary cooperation." Apple and Google are joined at the hip even though Mr. Cook has said internet advertising, Google's bread and butter, engages in "surveillance" of consumers and even though Steve Jobs, Apple's co-founder, once promised "thermonuclear war" on his Silicon Valley neighbor when he learned it was working on a rival to the iPhone. Apple and Google's parent company, Alphabet, worth more than $3 trillion combined, do compete on plenty of fronts, like smartphones, digital maps and laptops. But they also know how to make nice when it suits their interests. And few deals have been nicer to both sides of the table than the iPhone search deal. Nearly half of Google's search traffic now comes from Apple devices, according to the Justice Department, and the prospect of losing the Apple deal has been described as a "code red" scenario inside the company. When iPhone users search on Google, they see the search ads that drive Google's business. They can also find their way to other Google products, like YouTube. A former Google executive, who asked not to be identified because he was not permitted to talk about the deal, said the prospect of losing Apple's traffic was "terrifying" to the company. The Justice Department, which is asking for a court injunction preventing Google from entering into deals like the one it made with Apple, argues that the arrangement has unfairly helped make Google, which handles 92 percent of the world's internet searches, the center of consumers' online lives... [C]ompetitors like DuckDuckGo, a small search engine that sells itself as a privacy-focused alternative to Google, could never match Google's tab with Apple. Apple now receives an estimated $8 billion to $12 billion in annual payments — up from $1 billion a year in 2014 — in exchange for building Google's search engine into its products. It is probably the single biggest payment that Google makes to anyone and accounts for 14 to 21 percent of Apple's annual profits. That's not money Apple would be eager to walk away from. In fact, Mr. Cook and Mr. Pichai met again in 2018 to discuss how they could increase revenue from search. After the meeting, a senior Apple employee wrote to a Google counterpart that "our vision is that we work as if we are one company," according to the Justice Department's complaint. The article remembers Steve Jobs unveiling the iPhone in 2007 — and then inviting Google CEO Eric Schmidt onto the stage. Schmidt, who was also on Apple's board of directors, joked "If we just sort of merged the two companies, we could just call them AppleGoo." He'd also added that with Google search on the iPhone, "you can actually merge without merging."

Read more of this story at Slashdot.

A friend is starting to use the outliner to narrate his work. He writes about an "impenetrable wall of text." I wrote up some tips, and of course felt they should be public.

• Re the impenetrable wall of text -- try collapsing things, where the detail isn't of immediate concern, so you can see the structure. It would help me too as a reader, to see the old stuff collapsed, and be able to expand it as I need to.
• Also hoist and dehoist are there to help manage complexity. You can hoist a section, by placing the cursor on a head with subs, and click on the pushpin icon in the left margin. It'll be the one that's enabled. Then when you want to return, click the other one. It's like a stack (it actually is a stack, of course).

Imagine a bookshelf of notebooks. You don't have every notebook open to all pages at the same time. It doesn't even make sense. You'd go crazy trying to find something. Same idea here. You've got tools to manage clutter, they take time to learn to use.

Here's what my blog outline looks like as I'm writing today's notes.

Phoronix ran a story this morning with this provocative headline: "It's Time To Admit It: The X.Org Server Is Abandonware." The last major release of the X.Org Server was in May 2018 but don't expect the long-awaited X.Org Server 1.21 to actually be released anytime soon. This should hardly be surprising but a prominent Intel open-source developer has conceded that the X.Org Server is pretty much "abandonware" with Wayland being the future. [Or, more specifically, that "The main worry I have is that xserver is abandonware without even regular releases from the main branch."] This comes as X.Org Server development hits a nearly two decade low, the X.Org Server is well off its six month release regimen in not seeing a major release in over two years, and no one is stepping up to manage the 1.21 release. A year ago was a proposal to see new releases driven via continuous integration testing but even that didn't take flight and as we roll into 2021 there isn't any motivation for releasing new versions of the X.Org Server by those capable of doing so. Red Hat folks have long stepped up to manage X.Org Server releases but with Fedora Workstation using Wayland by default and RHEL working that way, they haven't been eager to devote resources to new X.Org Server releases. Other major stakeholders also have resisted stepping up to ship 1.21 or commit any major resources to new xorg-server versions.

Read more of this story at Slashdot.

I've now made it through the first two episodes of The Queen's Gambit, and it is really good. If the quality in the first two episodes carries through, this is going to be one of my favorite binges.

New Coke was "the unofficial name for the reformulation of Coca-Cola introduced in April 1985. It was renamed Coke II in 1992, and was discontinued in July 2002."

Have you experienced 5G yet?is it wonderful?worth it?

HBO Max is like New Coke. HBO was the #1 brand. Needed to be a little more like Netflix, but really it was pretty good as it was. Now the max part has coincided with it being a lot harder to use, virtually impossible if you use the popular Roku platform. At least for me. Looks like an epic mistake. At a time when the market is overloaded with lots of big brands (Disney, Apple etc) trying to diversity into a market already dominated by HBO, it's a really curious time for them to knock out their own legs.

America's national health agency "halted a public-service coronavirus advertising campaign funded by $250 million in taxpayer money after it offered a special vaccine deal to an unusual set of essential workers: Santa Claus performers." The Wall Street Journal reports: As part of the plan, a top Trump administration official wanted the Santa performers to promote the benefits of a Covid-19 vaccination and, in exchange, offered them early vaccine access ahead of the general public, according to audio recordings. Those who perform as Mrs. Claus and elves also would have been included.... The decision comes as the Covid-19 spread continues to accelerate in most states, and the vaccines are unlikely to be broadly available to the public before the holiday season. The coronavirus ad effort — titled "Covid 19 Public Health and Reopening America Public Service Announcements and Advertising Campaign" — was intended to "defeat despair, inspire hope and achieve national recovery," according to a work statement reviewed by The Wall Street Journal. It was to include television, radio, online and podcast announcements, starting immediately. The public-relations blitz began to fizzle after some celebrities, including actor Dennis Quaid, shied away from participating, a former White House official said, amid concerns that the campaign would be viewed as political rather than aiding public health.... [Former pharmaceutical lobbyist Alex Azar, now serving as America's Secretary of Health], has "ordered a strategic review of this public health education campaign that will be led by top public health and communications experts to determine whether the campaign serves important public health purposes," Health and Human Services officials said in a statement. Santa's vaccines were the brainchild of Michael Caputo, a political strategist/lobbyist also appointed to America's Health and Human Services as assistant secretary, according to the Journal. But an HHS spokesman now tells them that the Santa "collaboration will not be happening." They also get a quote from Ric Erwin, chairman of the Fraternal Order of Real Bearded Santas — who called the news "extremely disappointing." In a 12-minute phone call in late August, Mr. Caputo told Mr. Erwin of the Santa group that vaccines would likely be approved by mid-November and distributed to front-line workers before Thanksgiving. "If you and your colleagues are not essential workers, I don't know what is," Mr. Caputo said on the call, which was recorded by Mr. Erwin and provided to the Journal. [In audio of the call published by the Journal, Santa responds by saying "Ho ho ho ho, ho ho ho. I love you."] "I cannot wait to tell the president," Mr. Caputo said at another point about the plan. "He's going to love this." Mr. Erwin said on the call: "Since you would be doing Santa a serious favor, Santa would definitely reciprocate." Mr. Caputo said: "I'm in, Santa, if you're in...." Mr. Caputo said he wanted Santas to appear at rollout events in as many as 35 cities. In exchange, he said the Santas would get an early crack at inoculation.

Read more of this story at Slashdot.

One thing that's so disappointing about the people I've met in tech is that they are mostly motivated by what they can take from others, rather than what they can build working with others. So often they could make so much more money by doing the latter. Stupid. (And of course money is far from the most motivating motive.)

In a sane world "We're not going to control the virus" is what you say as you resign. It literally is a resignation.