Thoughts about internet forums in 2018: a series of posts

Internet forums… websites and communities where I spent thousands of hours. To me, they already feel like relics of the past. I’m 21 and began using the internet about 10 years ago, maybe more. I’m sure the majority of kids who are now starting to browse the web (probably at earlier ages than I was) will not participate in a classic forum, perhaps not even land there through some random search. You know, the kind of discussion websites where there are threads, posts, moderators and rules, things are typically ordered in chronological order, and reactions to posts (“votes”, “likes”, and similar) are either unavailable or something added to the system as an add-on rather than a core mechanic.

In recent years, even I – someone who used to be staff on a medium-sized forum, FreeVPS – have withdrawn from most forums where I used to actively participate. Many of my friends who know what a forum is, either never got to participating in one, or are now participating much less than they used to do two, three, four years ago.

In recent months, it has come to my attention that some of the forum-based communities I frequented are facing serious drops in activity levels, sometimes to the point where days go by without a post, where previously there used to be at least one post per hour. While this reduction in activity is in part because the main topics of those forums are becoming more and more niche, I believe a big chunk of the problem has to do with the fact that they are, well, forums. The lack of activity has even led to meta-discussions on new directions and ways to bring life back to these communities Рsee the threads at Cemetech and CodeWalrus.

This is the first post of a series of blog posts where I’ll look into the state of forums in today’s web, identifying what alternative discussion formats and platforms exist, why users seem to prefer (or hate) them, and what is the role of forums nowadays and what they can still do better than other mediums. With this being a blog and not a scientific study, I will obviously write from my own experience and the experience of my peers, producing subjective, unverifiable but hopefully enjoyable content. I’ll also provide my opinion on why forums are still necessary, and give suggestions on how forum-based communities become more appealing to today’s web users.

With this, I hope to be able to bring some life and schedule to this blog – blogs, which are another medium that is nowhere as popular as it once was… maybe I’ll look a bit into that too. This post will act as the index of the series, so links to new posts will appear here once they are published. Stay tuned.

Series Index

A brief mention to my popular project, UnderLX

If I haven’t posted much here, it’s in part because the masters degree I’m pursuing is quite demanding, and in part because my “creative writing” time is often spent replying to interviews for Portuguese national media (and dealing with the exposure, which sadly is not expo$ure) about my UnderLX project, over the last few months:

…and with more to probably come ūüėČ

Sparkling Gambol One‚ĄĘ

“We’re adding another dimension to computing.”
Cliché and meaningless, but go on. I guess this is something revolutionary

“Where digital respects the physical.”
Because, currently, digital somehow violates the laws of the universe?

“And they work together to make life better.”
“they”? who’s “they”? Oh, digital and physical, sorry. You really should learn to use commas instead of periods. So the digital and physical work together, uh? My guess is that this is about a robot.

“Magic Leap One is built for creators who want to change how we experience the world.”
Finally, now you’ve told me who it is for, and it probably helps to “change how we experience the world”, because it’s for creators who want to do that.
You still haven’t told me what it is or what it does, and bonus points for jamming the “creators” clich√© in there!¬†Congratulations, you have passed your final assignment in Unicorn University :unicorn: of Shitty Vaporware Descriptions :poop: with the grade of: flying colors :sparkles: !

Advice on Casio Prizm development

A few years ago, I was very active in the Casio Prizm development community, having developed¬†three notable add-ins, contributed to the Prizm wiki, libfxcg (my fork), and even done a bit of reverse-engineering (the calculator OS is closed-source and there is no official SDK), that resulted in the discovery of a couple of syscalls and more detailed documentation on some other ones. Because of this, once in a while I still get messages about my add-ins, which I’m happy to support when possible. Most annoyingly, I also get messages about Prizm development, usually about how to start making add-ins.

Why are these messages annoying? Because I don’t really know how to answer. When I started developing add-ins for the Prizm, I had little to no knowledge of the C programming language, and yet, despite the fact that add-ins can’t make use of all the stuff “normal” C programs can (the libc provided by libfxcg is incomplete; the filesystem uses a different API, there’s no threading, the stack is giant compared to the heap, etc.), I managed to learn it. It certainly helped that I had some previous experience with programming in other languages, even if it was just sloppy code, but I don’t have much of an idea of what to say to someone who intends to learn programming using the Prizm.

I usually end up saying that learning programming using the Prizm it’s a bad idea, probably coming across as extremely discouraging. However, I do hope it’s for the best, and that these people will still learn programming – just not by developing add-ins! Had my first contact with programming been through Prizm add-in development, most certainly I would have chosen other career path than computer engineering. I mean this seriously. I’m glad my first contact with programming was through sloppy Visual Basic code. Anyway, I already wrote a post on my programming experience – it needs updating, but it should do.

Learning how to program, even in a “easy” language and common platform, can be overwhelming; for a programmer that is used to higher-level programming, learning the Prizm, a poorly documented platform¬†with a small developer community, can be overwhelming; combine learning how to program with learning a poorly documented embedded system, and it will most likely be very overwhelming. Of course, nothing will stop someone extremely motivated – hopefully, not even my less encouraging replies, or this blog post.

What follows is the partial reproduction of an email I recently sent, in reply to yet another of these inquiries on how to start developing for the Prizm. I have edited it to make it less specific to the situation of the person I was replying to.¬†I’ll also use the terms “Prizm” and “fx-CG 50” interchangeably, as add-ins built for the former run, with a few exceptions due to sloppy coding (one of mine’s one of these exceptions…), on all Casio Prizm models: fx-CG 10, fx-CG 20 and fx-CG 50.

Do you have any previous programming experience? If not, I honestly do not recommend starting with the Prizm or any other Casio graphical calculator. If yes, then be aware that this is not an “easy” platform to develop for. Either way, here are a few reasons why:

  • Prizm add-ins are written in C or very limited C++ (that might as well be considered C). By today’s standards, these are very low-level languages that require manual memory management and a very good awareness of the machine. They also provide very little protection from programmer mistakes. While some people had C as their first programming language, it is by no means a beginner-friendly language.
  • Even if you already know C well, or if you learn it from any common book, tutorial or course, you’ll be disappointed to find out that much of the standard library is not present, or is insufficiently implemented, in the Prizm calculators.
  • Add-in development for the Prizm was made possible through reverse-engineering and educated guesses based on what was known about previous models like the fx-9860G. While we now understand the essential things about the OS on these calculators, many things are yet to be known.
  • Documentation is lacking and the community is not very large. This essentially means that you won’t be able to just google your way through many problems.
  • Reverse-engineering/documentation and development efforts for the Prizm have basically stalled. You’ll also find many materials that mention the fx-CG 10/20, but since the fx-CG 50 is basically just a faster version of these with a mostly compatible OS (although some things like memory addresses have changed), almost everything you’ll ever need will still apply.

Now, I’m sorry if I came across as dismissive or as discouraging, I’m just trying to make sure you know what’s in front of you.
For Casio Prizm development specifically, this is where I can point you:

Prizm forums at Cemetech
Use these to ask any questions you might have and try to find solutions to any problems you encounter. There are also some guides there, mainly on how to set up the development environment (compiler and such), but I’m afraid they might be a bit out of date. However, as I said, development efforts have mostly stalled, so consider anything from 2014 or early 2015 as up-to-date. Specifically, do not follow the “[HOWTO] Prizm C Development” in there, as it is out of date.

Prizm wiki
This wiki contains much information on the calculator, the reverse-engineered OS functions (“syscalls”) that can be used from add-ins, etc. It also contains more up-to-date instructions on how to set up a development environment.

Personally, I have mostly moved on from Prizm development about three years ago, as I began pursuing a degree in Information Systems and Computer Engineering. Every year or so, I make a short comeback to fix urgent issues with my add-ins and eventually make them compatible with new OS versions and calculator models, as is the case of the fx-CG 50, as long as that does not require too much time/effort. As time passes and I work with other technologies, the more I realize more how “hard” of a platform the Prizm is, and the less motivated I am to build stuff for it again; the fact that I no longer use my fx-CG 20 nearly as much since high school, also doesn’t help.

I’m afraid I can’t help you much more, as I’ve forgotten much of what I knew about the Prizm, both the “theoretical” and “practical” knowledge, and I no longer have practical access to a development environment for it. I tried to put as much of my knowledge as I could into the Prizm wiki before I left, and I believe that the people that now frequent the Cemetech forums will be able to help you much better than I can.

I think that one day I might find some interesting in working on the Prizm again, but perhaps more from a reverse-engineering angle. As for the fun in developing for a constrained, embedded system, there are much more appealing constrained systems out there, like the ESP8266.

The current state of Clouttery, and what I’ve been up to

I neglect this blog very much. I write a non-negligible amount of stuff on the internet, but it’s usually on forums, Reddit, Hacker News and similar, and this blog ends up forgotten. I just wrote a 2000 words post on at CodeWalrus, about the current state of Clouttery, but since it also contains a personal-life-log part, I thought it would be the perfect thing to cross-post here. It’s not the first time I paste forum posts here, and it’s something I should probably do more often, as it helps keep this blog alive while at the same time preserving posts that, while usually made as replies to a forum topic, are general enough to stand on their own.

Hello everyone again. I figured it was time for an update, even though this is not exactly a “happy” update, at least as far as Clouttery is concerned.¬†This is a long post, bring it to bed so you can fall asleep to it if you wish, but trust me, it’s worth reading.¬†I hope you can learn a thing or two about managing your side projects, from reading about my mistakes.

Last school year was the last year of my undergrad course (and I’m starting a second cycle course in a couple weeks) and this required some more effort, so I had less time for side projects. As often happens when one works on something for an extended period of time, I too gradually lost interest in this project.

To make things more… interesting, in mid-March I launched a small website that was meant to be kind of a practical joke about the unreliability of the Lisbon subway (for those who haven’t yet figured it out, I’m Portuguese). You’ll be able to understand what it is about by checking out its¬†repo on GitHub.
I started that project mostly to have something different to work on that was not Clouttery, and the original plan was for it to be something I’d build in a few weeks, publish and then forget, for it to be yet-another-small-thing in my portfolio. But to my surprise, after minimal “marketing” on the SkyscraperCity Portuguese community, that has a section dedicated to railways and subways, my website received a lot more attention than I was expecting, especially for something so simple and tongue-in-cheek.

I then understood there was a real interest in a service that would let people work-around the problems in the Lisbon subway, while at the same time denouncing the problems with the service (for example, by collecting independent statistics). Long story short, a small community assembled around this project, which ended up evolving into¬†an Android app called UnderLX¬†that’s even published on¬†Google Play. And there’s still¬†a lot¬†of work to do for it to become the product I envisioned.
This obviously took most of my summer.
Yes, it’s true that, unlike Clouttery (for which I had even written a complete billing system from scratch!), I’ll never be able to monetize UnderLX effectively. However, it is way more satisfying to work on, at least until I get saturated of it too. With Clouttery, it often took a while to realize what it was about, and let’s be honest: the final reaction of many people was just “meh”. However, with UnderLX, people tend to pay a bit more attention, and those who understand the whole potential of the project usually become much more involved in it. “Unfortunately” for me, the technical side of it is more complex than Clouttery.
It also has an “advantage” to my eyes: both the client (Android app) and the server are open-source from the first day. I regret not going this route with Clouttery; now I have lots of closed-source code which I can’t easily show to anyone because, well, it’s in private repos. I’ll go back to this point, later.

Finally, to add to the school work, the gradual loss of interest, this happy accident that was UnderLX, there’s a fourth factor in all this. Because of multiple reasons including the astronomical rise of the price of Bitcoin, it made economical sense to fulfill a long-time desire of mine: to build a desktop, so I could have a powerful machine, more powerful than my six-years-old laptop. Picking parts and putting it together was very enjoyable, and now I have a proper workstation like I had been dreaming of for the past couple years. If you are interested I might even post a thread about it here. I wasn’t much into PC gaming before (in part, because the hardware didn’t really allow for it), but… you see… to sum things up, many hours were spent chilling to some great triple-A titles (thanks Steam summer sales!…).¬†;D

That’s all really nice, but I thought this topic was about Clouttery?

Work on Clouttery gradually slowed down through the last months of 2016, subject to how busy I was with school, and pretty much completely halted in March this year, as I got more and more tired of working on it, so I decided to do that “small” subway thing. It also didn’t help that I was going through a complex phase with Clouttery, more specifically regarding the Windows and Linux clients.

  • I couldn’t get the Linux client to work right, despite trying to develop it from scratch multiple times using different languages and technologies. No matter what I tried, there were always major roadblocks to getting it to the point I wanted.¬†I did not want to write it in C or C++; I hate Python but decided to try using it anyway – didn’t end well; UI framework bindings for Golang are apparently all terrible, or don’t have a suitable license. Mono would have been a viable choice, but the gtksharp bindings were tricky to get to work, they apparently had to be recompiled for each GTK version (meaning I couldn’t simply distribute a single binary), and the bindings for GTK3 aren’t/weren’t exactly ready for prime-time.¬†Ugh, I don’t even know what all the problems were anymore. I do remember that I just wanted to write code, but problems with libraries and bindings and whatever were always getting in the way.
  • The UI of the Windows client suffers from major lag and other problems, so I decided to switch from WinForms, which is no longer supported, to the supported and way more modern and flexible alternative: WPF. But this was taking a lot of time, certain things were much harder to get to work than I expected, it didn’t help that I only had time to work on it like one hour at a time (school work, etc.), and I lost more and more interest.

For you to get an idea of how inactive this project has been, these are the dates of the latest commits to Clouttery repos:

  • Server: 2017-07-10 (and this was only to fix a bug with notification filtering; previous “real” work on it had been on the 23rd of March)
  • Windows client: 2017-03-26
  • Android client: 2016-12-29
  • Chrome client: 2016-09-08
  • Linux client: 2017-03-09

Earlier, I mentioned I regret not open-sourcing Clouttery from the beginning. I decided to work on it privately, because it was supposed to become a commercial service, and I feared that if I made it possible for people to host their own Clouttery servers and recompile the clients to talk to it, then nobody would pay for the service.¬†This is obviously a stupid way of thinking, especially when the project in question is a personal project of a student that doesn’t have much time to work on it, and likely would never be able to get it to a commercially-viable state. If the service was worth it, I guess most people would happily pay for it, just to not have the hassle to figure out how to make the server and clients work for themselves; this is especially true since the target audience wasn’t exactly software developers nor sysadmins, i.e. it was people who wouldn’t have a clue how to do that nor would bother even if they were given clear and easy instructions.

Right now I have 30K lines of code, possibly more, that’s closed-source, but for no good reason. To aggravate things, Clouttery shows more of my abilities in software development and engineering than any of my open source projects, because it contains code in more languages, for more platforms, than any other of my projects; it includes web design, API design, use of cryptography, etc. It is not the most beautiful code (for example, the UnderLX Android app has much cleaner and organized code than the Clouttery client, and even then it’s not exactly stellar), but it works, and definitely shows what I’m capable of.

This whole situation is even more ridiculous, because right now there’s very little to no code in Clouttery that’s “novel” to the point of requiring intellectual property protection.¬†:banghead:¬†At this point, Clouttery is extremely dumb, as I never got to work on the “intelligence” that would involve machine learning, pattern matching and the like. And in the end, if I wanted to make my super-awesome-and-courageous battery level prediction and damage identifying algorithms secret, I could always have added them as a closed source module while keeping the “infrastructure” open source.

Finally, I always told people that if I were to stop working on Clouttery, I would release its source code. I don’t know what you think, but if I half-close my eyes and look from far away… yeah… like that… yep, I definitely stopped working on it.¬†:-|

Then why don’t you open source Clouttery?

I definitely want to open source Clouttery, so I can show its code to more people, and so that others may eventually try to pick up on the project.¬†I intend to keep running the official Clouttery server¬†– if for no one else, for me, as my family finds Clouttery useful. I think I would be a little sad if someone took the project and simply changed its name and started running their own “official” service, available to the masses and possibly profiting from it, so I’ll see what kind of licensing restrictions I can add to prevent that. Without the help of a lawyer, it’s a bit hard to add clauses to existing software licenses or write new ones from scratch; even with legal help, it’s easy to get to a controversial result – for example, Facebook has that famous problem with the “patents” file on their open source projects, like React.

…so why didn’t you do it already?
Because ideally, I’d like to publish the source code with the complete commit history. The problem is that, in the past, secrets (API keys and the like) have been committed to the repos. If I remember correctly, the latest server code no longer has that problem – keys are read from a separate, uncommitted file and no longer stored in the source code, but going back in history the secrets are still there. Some of these secrets are hard to revoke and replace, and I’ll need to go on an individual basis to see what can be done about them. Furthermore, the clients also contain secrets in their repos, but this is just one secret per client that’s used to authenticate the client before the server, and since it’s relatively easy to get these secrets from the binaries anyway, I might just go and make them public anyway – their only purpose is to stop people from using the official server with unofficial clients, but if the whole thing is going to be open source, that doesn’t make much sense. These secrets are not involved in securing the pairings between clients and user accounts, so in terms of user account security, there’s no problem with publishing them.

I also need to write a bit of documentation explaining essential things about each repo, and ideally also explaining how to run the server, what needs to be in the database, etc. Or I could not care about any of that, and just have people figure it out by themselves – at that point, I make it hard for people to contribute, but at least people can already look at the code, which is much better than the current situation.

As you can imagine, all this takes time and effort, and I’ve been busy with all those things I mentioned in the first section. But with classes starting very soon, I’d like to get this going ASAP, or it’s not going to be done for some more months.

Did I “give up” on Clouttery too soon?
Is it a good idea to open source it, even if in the distant future I decide to turn it into a proper commercial service?
Do you agree it would have been better if it were open source from the beginning?
What license do you think would be most adequate? – don’t forget the server and each client can have different licenses.
Would you be interested in submitting pull requests for this project, perhaps even taking over one of the sub-projects or the whole thing?
Share your thoughts.

Redesigning the Clouttery database

I spent the past week, the last one of my winter break, redesigning how the Clouttery server stores data.

The Clouttery server, which is written in Go, was using a simple key-value store (Bolt). I slowly came to the realization that some of the features on the¬†roadmap would be kind of hard to implement using Bolt; that the nested buckets structure used with Bolt was too limiting, by forcing a hierarchy on the data, when sometimes it could be useful to interpret it in other ways. For example, sometimes it could be useful to look at all the battery log entries from all users; with the database structure I had, that required looking into each user’s bucket separately, and within those, into each device separately.

The databases course I took last semester forced me to get my hands very dirty with SQL, and after seeing the benefits, I decided to move to a relational database.

Another reason for moving was that Bolt can’t scale (no replication, it’s meant for use by a single app, like SQLite), and while the server software is not yet ready to be clustered, moving away from Bolt (and, in general, uncoupling the server from the database) is a giant step towards the¬†goal of being able to scale the server to multiple nodes. I had known for long that I had to use something other than Bolt if I wanted to make the server distributed, I just wasn’t sure whether to move to a relational database, another barebones key-value store, or some amalgamation of solutions involving specialized time series databases or what-have-you.

The database can now be accessed transparently by multiple applications, which means that, for example, in case I want to do some complex analysis on the battery histories, I no longer have to stuff that code into the server. I can even use a language other than Go, like Python, which I really don’t like, but has many libraries for data analysis.

I tried to use CockroachDB¬†(and I can’t stress the terribleness of that name enough). At some point, the server was mostly ready to work with it, and it was time to import the data from the Bolt database. My code migrated all data in a single transaction, that was rolled back in the case of errors – that way, as I stumbled upon problems and general incompleteness in my migration code, I did not have to be constantly dropping and recreating the database, as with every failure the database would be always supposedly in a pristine state, with all the empty tables waiting for data.

Let’s just say things were not as smooth as I was hoping. On my laptop with an aging but still plenty fast i7, 8 GB of RAM and a SSD, data would get into CockroachDB relatively fast… but no matter if the transaction was committed or rolled back, once I tried to perform any query – basically any query, even if just counting the amount of users (about 40), would make CockroachDB’s RAM usage skyrocket, to the point where the whole system just hanged for seconds at a time, due to how much swapping was going on.

So I decided to scrap CockroachDB and go with plain old PostgreSQL. Given that the SQL supported by the former is relatively similar¬†to what PostgreSQL supports, changing the queries to work with Postgres was not too hard. The most annoying part is the lack of support of PostgreSQL for the UPSERT command, which in CockroachDB and other databases, behaves like a INSERT when there’s no¬†uniqueness conflict, and¬†like a UPDATE when there’s a conflict (in which case it will update all¬†the other columns). I had about ten UPSERTs that had to be rewritten as INSERT … ON CONFLICT (…) DO UPDATE SET – followed by¬†all the columns to update. Ugh.

Importing data into Postgres was noticeably faster than into CockroachDB, and most importantly everything kept working fine after about a million entries were in the battery history table. And yes, everything was still inserted in a single transaction.

I took the opportunity to perform some long-needed changes to the data types used by the server. Making sure Clouttery clients kept receiving data with the formats and semantics they were expecting was a bit of a challenge, but very easy in the grand scheme of things.

As a very nice bonus, the server now does transactions properly. Previously, for a single API or website request, multiple Bolt transactions could be¬†made. If something¬†went wrong with one of the latter transactions, that one would be rolled back and no more transactions would be performed, but the changes done by¬†previous ones would stay – like most databases, Bolt doesn’t let you rollback a committed transaction. Obviously, this could result in an inconsistent state.

Now, and after changing most functions in the server code to accept what can be described as a¬†“transaction node”, each API request, web console request, or admin command works in a single transaction. Either there’s no error and everything goes through, or everything is rolled back. No more inconsistent data.¬†sqalx was the library used to implement this.

The changes were pushed to production about two hours ago – after extensive testing on the staging environment, which unfortunately didn’t catch all the bugs. To identify¬†problems, there’s nothing like dozens of devices running different clients and submitting different data¬†to your server…

A few hotfixes later, everything appears to be working fine, but I’ll be keeping a close eye on the logs where, hopefully, all errors are logged. I say “hopefully”, because during testing I found out that the error return values (in Go, errors are values) from some of my own functions were not being logged, and some¬†were completely ignored…

It would be great if over the next few days users could pay a bit more attention to the behavior of Clouttery, namely making sure that battery histories are updating as they should, and that notifications are generated when they should, according to their settings.

I’m probably a bit too much proud of this – at least, until I find a horrendous bug. This is how things should have been from the start, but at the same time, when I started this project, I did not know enough about relational database design to even do a mediocre job. So I went the easy, “no SQL” route and just used Bolt, which allowed me to get to something that worked, relatively quickly. And now I’m glad I could turn it into something better after about 60 hours of work…

I barely have time to work on Clouttery, and it becomes less and less of a commercially viable project as time goes by. It’s one of those projects that seems to never leave Beta status,¬†and not for good reasons. But oh boy, the things I learn…

The stack powering goodbye redundancy! The end of an era

I was casually going through my GitHub repos and came across PicoRed, a server redundancy manager I developed, with the immediate goal of managing the DNS records for the domain. The shortener used to be hosted by multiple servers in a Round-robin DNS configuration. The idea was that as servers went online and offline (or underwent maintenance, etc.), the DNS records would be automatically updated to reflect which servers are currently serving a service, in this case

PicoRed is the successor to mersit, which¬†served the same purpose but was written in very unidiomatic¬†Python and was much clunkier than PicoRed (which is written in very unidiomatic Go, but used fewer resources and was somehow more stable). PicoRed and mersit were completely peer-to-peer, and this is because I couldn’t afford to have a “master” server that was stable enough and which I could be sure would¬†have three nines of uptime.

The idea behind those tools is everything but novel;¬†container orchestration, for example, requires similar tools to be deployed. For some reason, perhaps ignorance, back then I decided to write my own. (For an example of mersit/PicoRed done right, see Serf). I don’t regret it, of course:¬†I learned a lot about distributed systems, and while my terrible consensus “algorithms” (a complete joke) worked, they taught me why things like Paxos¬†and Raft¬†had to be invented. The main takeaway was, “it’s complicated”. So for PicoRed I decided to use a library by Hashicorp that handled the hard parts for me (and that’s how my unidiomatic¬†Go program was “somehow more stable”).

Three paragraphs into this post, and I’m still writing the introduction… these three paragraphs about distributed systems are just warming up for what’s coming, which is me saying that none of those homemade tools are in use anymore, and it’s not even because I switched to something better:, and some other services of the TNY network, are now served by a single server.

How did we get here? Back in 2014, I was a huge proponent of distributing every single¬†service across many cheap servers, instead of buying a proper, rock-solid, big and expensive server from a reliable company. In theory, horizontally scaling would let one handle big amounts of traffic and improve availability at the same price, or even less – sounds great, right?¬†These strong opinions were backed by the issues I was having with my¬†BlueVM server. But now, we’re back to zero redundancy… what changed?

Well, my opinion is still the same: I’ll take horizontal scaling over vertical scaling any day, and the more redundancy that’s fit to pay, the better. The problem is when horizontally scaling begins to¬†hurt performance and reliability instead of helping it, and that’s exactly what was happening in our¬†case., dotAccount, PrizmID and my WordPress websites (this blog and the TNY network website) are powered by an extremely uninteresting LEMP stack. A LEMP stack is one composed by Linux, Nginx, MariaDB and PHP, or in other words, a LAMP stack but with Nginx instead of Apache. Until a few weeks ago, the “M” in this stack had the peculiarity of actually being MariaDB configured in master-master replication mode. What this means is that MariaDB was running on multiple servers, managing the same databases, and whenever a change was made, it was propagated to all of the other servers in the cluster (up to a few weeks ago, two servers; at some point in the distant past, up to five servers were used).

That’s how was served by multiple servers: simply by running the same PHP code in all servers, and having that code talk to the same database, replicated across all the servers. Of course, MariaDB master-master replication has its disadvantages. For one, performance is worse, because all database writes¬†involve communication between the different MariaDB servers. This began to show on more database-intensive applications like dotAccount.

Perhaps more surprisingly, reliability is also worse. Perhaps I didn’t have MariaDB replication properly configured (after many attempts and hours spent, trust me), but it would sometimes break in wonderful states such as “WSREP has not yet prepared node for application use” whenever there was some network hiccup. This could happen as often as once a day, or once every two months (yes, networks are unpredictable like that). Whenever it broke, it would need to be manually restarted, and it would sometimes take multiple attempts until all the servers had their MariaDB running. In other words, exactly the opposite you want¬†for a reliable system that requires minimum amounts of human supervision.

Perhaps PicoRed could have expanded into taking care of restarting the cluster, but since I couldn’t even get to a sequence of commands that, when executed on all servers at the right times, would reliably restart the MariaDB cluster, I kind of gave up. Lack of time and more interesting projects to develop, like Clouttery, meant that some stuff would inevitably get left behind, and my horrible mess of code called PicoRed ended up forgotten and eternally unfinished. Moving to proper solutions like Serf also required time that I didn’t have.

A few months ago I¬†was notified¬†that¬†the provider of one of my VPS was closing, and all servers would be shut down by December 4th. I bought¬†a new server, moved the stuff that wasn’t hosted anywhere else to it, but I really didn’t feel like reconfiguring the MariaDB cluster and PicoRed for the new server. PicoRed, in fact, stopped working in one of my servers (the one that wasn’t getting shut down) with some binary incompatibility error, a year or so ago. So I kind of gave up… reconfigured MariaDB so it stopped being a cluster, got rid of PicoRed, and said goodbye to one of the servers.

The new server¬†is PHP and MariaDB/MySQL-free, and this probably won’t change. I would really like to move on from PHP and MariaDB to better languages and DBMSs. My main¬†conclusion from the whole replication story is that MariaDB is not really prepared to scale horizontally, at least not without a lot of effort and “baby-sitting”.

I certainly have not given up on horizontal scaling, but I think that from on now, it’s best that I manage scaling at the application level instead of the database level, or alternatively, use a DBMS that¬†was designed with horizontal scaling in mind, from the start. For the second option, it’s unfortunate that both CockroachDB and TiDB¬†are still in a very premature state for production use.

I would rather not give up on relational databases; while it’s true that other types of database also cover some of the use cases of¬†relational ones, I’m yet to know of any problem other than document storing that¬†can’t be effectively solved with relational databases. (And for document storing, may I interest you in a relational database coupled with this strange thing called a filesystem?) Commercial solutions are obviously out of reach for¬†me: it’s not like Segvault¬†is a money-making machine; isn’t even profitable, despite all the ads!

I have grown to hate the mess of PHP and SQL that is so much, that shutting down the service (or at least getting it into a “read-only” mode) was once a topic for discussion at one of the TNY network meetings – all three of them. By the way, Segvault/TNY network is “hiring”, i.e. looking for new members with exciting project ideas, and if you had the patience to read this post this far, you may be a good candidate – contact me somehow.

Ads at earn me pocket change, that is used to offset the cost of the servers and domain names, and this shall be enough motivation to keep maintaining and supporting its users for some more years, updating MariaDB one version at a time.

500 days later: Windows 10, revisited

Today, 500 days have passed since the initial release of Windows 10. I quickly and unscientifically reviewed it right after it was released, in two blog posts: one mostly complaining, and another mostly praising it (as if I was seeking some sort of redemption). The former one was a huge success, if we take into account the readership numbers for this blog. That post accumulated over 30 thousand views in the few hours after its publication Рand a month later, we were back to our usual readership stats of approximately zero views per hour.

But don’t get fooled by these yuge numbers; I’ve probably spent more hours of my life using Linux than Windows, which probably means¬†my opinion on¬†the latter actually isn’t worth shit – but don’t worry, as I’ve got this¬†covered: studies show that¬†this valuation falls in range with that of most people writing on popular tech news websites! The difference is that these usually spend their days looking at press releases and lesser-known tech news websites and blogs written by even-lesser-known¬†people (totally not the case here) to repost¬†find sources for their original pieces, while I usually spend my days going through¬†computer engineering courses, building useless¬†shit like Clouttery¬†and answering support requests.

Since my¬†500-day-old posts have published, a lot of things have changed in the way I use Windows. Most importantly,¬†my main Windows machine¬†is no longer a Chinese Crapstore 7-inch tablet, but a proper Surface Pro 3 which I bought with a relatively good discount in October of 2015 right as the Pro 4 was being released. This means¬†any problems I experience with Windows, I can no longer blame them on anyone other than me (the luser) and Microsoft (since the software is theirs, and the hardware is chosen,¬†assembled and shipped by them). Oh, and drivers. On Windows, it’s always drivers.

After getting the Surface I¬†started to use Windows much more, and in the last few months there have been many days during which I didn’t touch my more powerful Linux desktop [1]. I mostly use the desktop for coding, compiling big code trees and running heavier programs, but I do all of my note-taking (OneNote!), light web browsing (redditting and hackernewsing, for instance) and ssh-ing into Linux servers using the SP3, which means that when there isn’t¬†more than this to my day, I don’t even turn on the desktop. I bought the Type Cover 4 a few months after buying the SP3, which certainly contributes to how much I use it.

Still, and after these major changes to the way I use Windows and how often I use it, I thought it would be interesting to go through all of the complaints in my extremely popular post from 31st July 2015, the day Windows 10 was released to the general public as it (supposedly) went out of beta, and check what was done about each of them. In a completely unscientific way, obviously, matching the standards this publication has accustomed you to.

As with my older posts, I will focus on the desktop edition (i.e. x86, i.e. the version that can run Win32 apps, i.e. the version that is actual “Windows” and not Windows Phone or Mobile or whatever they call it this month). It was announced in¬†September 2014, skipping Windows 9 for reasons that, after many theories, may be best described as “yes” [2]. After multiple “preview” releases, it was made available “for real” on July 29, 2015 (this was version 1507, build 10.0.10240).¬†Two days later, I published my “Windows 10 is unfinished” post, completely written and produced with my Windows 10-powered 7 inch tablet, sans-physical-keyboard. For this post, however, I’m not a masochist anymore – some parts have been written in my Linux desktop and others on the Surface with the type cover.

On November 12, 2015, the “November Update” was released (version 1511, build 10.0.10586), and I didn’t write a blog post because… well, I had more interesting things to do than I have right now (or rather, I was not procrastinating in writing). For the purposes of this post all you need to know is that this fixed a¬†big number of stability and UI problems, but nothing too revolutionary. More recently, on August 2, 2016, the “Anniversary Update” was pushed to the production ring¬†(version 1511, build 10.0.14393). This one was a bit more “revolutionary”, especially in terms of UI and feature changes, but as you’ll find out later… deep down,¬†the important issues are yet to be solved.

There’s an upcoming “Creators Update”, but we are going to pretend that doesn’t exist and instead focus on the Anniversary Update, released about four months ago. Also, I can’t compare resource usage, as I’m no longer using the same hardware (even though I still own the smaller tablet and use it from time to time, it’s much, much less frequent now). Let’s begin.

The touch experience is still possibly worse than on Windows 8.1, but by now I’ve gotten used to it (also, with the Type Cover 4, I can use the excellent trackpad, so I¬†no longer have the touchscreen as the only input device…). Annoyingly, the touch keyboard still doesn’t dock “properly”. This means that docking it doesn’t resize the whole desktop (forcing all windows to fit above the keyboard) like it did back in Windows 8.1. In many legacy apps which haven’t been adapted to “run away” from the touch keyboard, the cursor will still often be below the keyboard. Even on many parts of the Windows UI, this happens, and on parts which clearly have been adapted to avoid getting their inputs obscured by the keyboard, it’s still buggy as hell.

Funnily enough, some apps (like OneNote) can do this “desktop resizing” trick. So some months ago, I looked up the necessary APIs and in a few hours had a .NET proof-of-concept application that could resize the desktop, too. So it’s not a matter of missing APIs or compatibility problems – it’s certainly a deliberate design decision, and one I can’t understand. Perhaps it’s to encourage moving to UWP? I don’t even know anymore. If I still had to use the touch keyboard as my only keyboard for extended periods of time, you can be pretty sure that by now I’d have written my own “desktop resizing” helper that does its¬†magic when the keyboard is docked.

The “void” between good old Win32 “classic” apps and the “modern” UWP (and that Windows 8 and 8.1 framework they don’t like to talk about anymore, but was the pre-UWP that powered Windows 8 apps) is even more reduced, with some bugs (for example, small details in¬†behavior and looks between the “modern” and “classic” windows) getting fixed and more parts of the OS getting refreshed with a modern look (that, don’t let your eyes fool you, are¬†often not¬†actually built with¬†UWP; it’s all just a matter of design language, the tech is still the same).

One can still find remnants of the multiple design languages used by the OS¬†throughout its decades of history. Paying off this kind of¬†technical debt, which I call “UX debt”, would surely¬†go a long way towards giving Windows that polish it is often criticized for not having. You can still find icons from the Windows 98 and earlier era, from the XP era, from the Vista and 7 era, and even though it’s less noticeable (since it’s all “flat design”) you can also find some stuff that was designed back in the Zune and¬†8/8.1 days and was forgotten since then (now that I think of it, though, that happens mostly with Microsoft software other than what’s bundled with Windows). But pictures¬†are so much better than text for this, so let’s mimic the iconic “two control panels” screenshot:

Not much left to comment here… oh wait, this is still a thing:

Sure, you may argue this is a fairly minor thing, doesn’t hurt anyone, doesn’t¬†decrease system stability, and realistically doesn’t hurt anyone’s productivity. But, Microsoft, if you keep pushing your main product through deadlines without ever slowing down to fix “lower priority” stuff, the “UX¬†debt”¬†will keep increasing… damn, at some point you’ll lose even to “unpolished” Linux environments, if nothing else because¬†some of these tend to throw everything away every three years and so have no “UX debt” to speak of (only¬†bad UX, but no debt – it’s like being poor, but at least you don’t owe anyone money).

Now, the part which I personally find the funniest, and is an actual annoyance which certainly hurts productivity. To their credit, this had a major improvement with the Anniversary Update:

Left out of this image is¬†the even wider assortment of context menu styles used by Microsoft’s own apps, like Office and Visual Studio. There are¬†still¬†different styles but the differences are now mostly between light and dark menu themes (which makes sense: dark elements produce dark menus). There’s also that giant menus situation, which supposedly should only occur¬†when you use your fingers to open them. Problem: they sometimes show up when you use the mouse or a pen…

Don’t let me begin on the clusterfuck that are the network settings… I find myself constantly switching between the wireless networks popup in the taskbar, the “Network and Sharing Center” (old control panel page) and the Settings page to find the things I need. A particularly fun exercise I recommend to all readers, is getting to the dialog where you can retrieve the password for the Wi-Fi network to which you are currently connected. It’s especially fun if you have seen it before, and have a vague idea of where it is and how it looks like… and yet I always find it hard. Do you?

So, in terms of UI, it’s still far from perfect – but getting better. At this rate, I expect everything to be migrated to the “Windows 10 look and feel” in¬†four or five years. Not a big problem, except for the fact that Microsoft, too, likes throwing out much of their work every three or four years (except they can’t throw much away, because of backwards compatibility and user training; things never get fully updated, and then you get “UX debt”). Let’s see how this works out.

There’s also the whole privacy concerns/telemetry topic, which I have¬†skipped in this post. Not that it’s not important, but there’s so much to talk about that, it’d be better suited for whole another¬†post on the privacy policies¬†of most software-as-a-service (as some friends will be keen to point out, my own privacy policies – or the lack of them – included!). And the phenomenon of¬†software that needlessly becomes software-as-a-service is¬†vast enough to warrant another post, too… posts which I’ll most likely never write. But hey, just use your favorite search engine to find people with skeptical opinions on these topics. If you want a head-start and eventually some laughs, you can start with this or this. Guaranteed hours of endless fun and/or fumbling!

I also masterfully skipped over the “Windows updates are still stupid and require¬†lengthy reboots 90% of the time! Why? Because it’s 2016 and Windows locks that way since the 90’s, that’s why!” subject, as well as the “Windows ate my settings and brought back Candy Crush!” one. Phew.

Now for the praising bit. Some of the stuff Microsoft is¬†doing with Windows is particularly exciting. The Windows Subsystem for Linux, for instance:¬†if it doesn’t appeal to you from an ethical/moral/religious perspective (and yes, I feel uncomfortable too), you have to agree it’s pretty interesting technically. And¬†very recently they showed what appears to be a comeback of Windows RT, except this time it’s done right: x86 binaries running on ARM processors thanks to ISA translation. It’s not the fastest, and I suppose it only became usable (at least for “heavier” software like office suites and image editors) with the current generations of ARM processors (and perhaps more specifically, Snapdragon SoCs only). However, had they implemented this back in the Surface RT, perhaps not even as a marketing item but as a “nice to have” thing power users would find out about (just to find out it was dog slow), and the fate of that line could have been slightly better.

The Creators Update will bring more “nice to have” improvements and hopefully fix more¬†of the still present UX issues, and add major features (but I’m not sure I care that much about these anymore, I would rather have more polished versions of what we have now). I bet: getting to the dialog where you “unhide” the wireless password will still be hard.

[1] This “desktop” is actually a Toshiba A660 laptop with a 1st-gen i7, 8 GB of RAM and a SSD upgrade, but the battery’s dead – it was never good to begin with. A machine that’s at least five years old and still rocking – unlike some would put it, it’s not ‘sad’ to be using it. Fortunately, I often can’t hear these people over the sounds¬†travelling¬†through the headphone jacks of my machines. I’m using Arch Linux,¬†KDE¬†and headphones and I’m quite happy with this setup, thank you.

[2] “Yes” is also the reason that’s more in line with the official reasoning, which, to quote Terry Myerson (an important guy at Microsoft), goes like this: “based on the product that’s coming, and just how different our approach will be overall, it wouldn’t be right to call it Windows 9”. Or to put it simply, “yes”.

The more¬†base-2 oriented readers may¬†be wondering, why post this 500 days after the release of Windows 10,¬†missing the opportunity to post it 512 days after? The reason is that Windows 10 will turn 512 days old on¬†the 24th of December, and you’ll probably have more interesting things to do¬†that day than caring¬†about this silly post – not that anyone cares on the other days of the year, anyway…

WoSign is shit, and so is StartCom

I say you should stop trusting them in your systems ASAP. I’m just going to leave this here:

WoSign and StartCom: Mozilla’s proposed conclusion

I’m really glad¬†all of my websites now use Let’s Encrypt. At the same time, I think this means that Let’s Encrypt now is¬†a “monopoly” on the free certificates market – which, all things taken into account, is probably a good thing, as they seem to be way superior to the alternatives both in technical and ethical terms. My only problem with this¬†is the¬†“centralization”¬†that arises: no matter how well Let’s Encrypt is managed, all it will¬†take is the compromise of that single CA to cause major havoc.

HTTPS on this blog

Because, why not? Let’s Encrypt makes it so easy…

Let’s Encrypt certificates are now used on all the websites maintained by Segvault, but not all of the websites of the TNY Network – the CPUVInf website, for example, seems to be using CloudFlare-provided TLS.