This has happened in online chess, with some people admitting to using engines (ie cheating) to "confirm their suspicion that the other guy is cheating".
That is not the solution if you want to play competitively of whenever you feel like it.
Kernel level AC is a compromise for sure and it's the gamers job to assess if the game is worth the privacy risk but I'd say it's much more their right to take that risk than the cheaters right to ruin 9 other people's time for their own selfish amusement
Cheating may not be moral but it's better to put up with it than to cede control of our computers to the corporations that want to own it.
If it kills online gaming, then so be it. I accept that sacrifice. The alternative leads to the destruction of everything the word hacker ever stood for.
I'm sorry but you are fighting a crusade you can not win by definition. If I am free to use my computer for anything I want then I am also free to lock it down to enjoy my favorite game. If I care about my freedom I will have a dedicated machine for this game that I accept I will not have control over.
You are hijacking this thread about VOLUNTARY ceasing of freedom as if the small community even willing to install these is a slippery slope to something worse. You have a point when it comes to banking apps on rooted phones and I'm with you on that but this is not the thread for it
Valve drives significant development of compatibility layers for Linux for the sake of gaming. Their customer base is anything but small. There is potential for this kernel stuff to spill into the entire Linux ecosystem. It was bad enough having to deal with nvidia. I really don't want other companies screwing up the kernel.
Realistically I don't see how Valve can avoid this. They want all those games on Steam Deck and the new console. Game devs want KAC. Therefore Valve can either provide them with some way to implement KAC - which effectively requires a "signed kernel / drivers only", same as on Windows - or tell them to go away. Why would they do the latter?
Mind you, it doesn't mean that the Linux kernel will be "infected for everyone". It means that we'll see the desktop Linux ecosystem forking into the "secure" Linux which you don't actually have full control of but which you need to run any app that demands a "secure" environment (it'll start with KAC but inevitably progress to other kinds of DRM such as video streaming etc). Or you can run Linux that you actually control, but then you're missing on all those things. Similar to the current situation with mainline Android and its user-empowering forks.
> we'll see the desktop Linux ecosystem forking into the "secure" Linux
> Or you can run Linux that you actually control, but then you're missing on all those things
We cannot allow this stuff to be normalized. We can't just sit by and allow ourselves to be discriminated against for the crime of owning our own devices. We should be able to have control and have all of those nice things.
Everything is gonna demand "secure" Linux. Banks want it because fraud. Copyright monopolists want it because copyright infringement. Messaging services want it because bots. Government wants it because encryption. At some point they might start demanding attestation to connect to the fucking internet.
If this stuff becomes normal it's over. They win. I can't be the only person who cares about this.
There's rational and then there's common sense, if put in that situation who in their right mind would take even a 50% chance that the entity is wrong and greed it for 1000$. All I'd need to know is that it is far more likely I get the million if I go into the game thinking I'd only one-box
No, that's exactly parent's point. The premise of the title can be read as "just create value, don't worry about monetizing, things will work out (financially)". Which is invalidated by FOSS
It isn’t. FOSS doesn’t just create value it gives it away for free usually in a not so friendly way to the point entire companies exist to streamline and support projects (eg redhat)
Nothing; but PHP, in experienced hands, will be waaay more productive for small-to-medium things. One issue is that experienced hands are increasingly hard to come by. Truly big, complicated things, built by large teams or numbers of teams, teams with a lot of average brains or AIs trained on average brains, will be better off in something like Typescript/React. And everyone wants to work on the big complicated stuff. So the "modern frameworks" will continue to dominate while smaller, more niche shops will wonder why they waste their time.
I worked at a startup, they built their API in PHP because it was easy and fast. Now they're successful, app doesn't scale, high latency etc. What does their php code do? 95% of it is calling a DB.
You're telling me today with LLM power multiplier it's THAT much faster to write in PHP compared to something that can actually have a future?
“PHP was so easy and fast that they’ve built such a successful startup they now have scaling problems” is, as far as I can tell, an endorsement of PHP and not a criticism of it.
Scaling can be hard in PHP at the same time GGP comment's about PHP being in productive hands and thus being one of the reasons why PHP worked for them. Both of these can be true at the same time.
And for what its worth, Typescript scaling, although better than PHP is still somewhat of an issue and If you want to have massive scaling, Elixir/ (to-an-extent gleam) are developed for solving the scalability problem especially with Phoenix framework in Elixir-land.
So I guess, jack_pp comment's about PHP can also be applied to an degree towards Typescript as well so we should all use elixir, and also within the TS framework the question can be asked for (sveltekit/solid vs next-js/react)
I am more on the svelte side of things but I see people who love react and same for those who love PHP. So my opinion is sort of that everyone can run in their own languages.
Golang is another language to be taken into consideration especially with Htmx/datastar-go/alpine.
If 95% of what app does is calling a DB, then the bottleneck is in the DB, not with the PHP.
You can use persistent DB connections, and app server such as FrankenPHP to persist state between requests, but that still wouldn't help if DB is the bottleneck.
Depending on what you are doing, the above is not necessarily bad.. often much better than an SQL that locks an entire table (potentially blocking the whole DB, if this is one of the key tables).
> I worked at a startup, they built their API in PHP because it was easy and fast. Now they're successful, app doesn't scale, high latency etc. What does their php code do? 95% of it is calling a DB.
So PHP worked perfectly, but the DB is slow? Your DB isn't going any faster by switching to something else, if that's what you think.
PHP is the future, where React has been heading for years.
> Your DB isn't going any faster by switching to something else, if that's what you think.
Only true if none of the DB accesses are about stuff that could live as state across requests in a server that wasn't php. Sure, for some of that the DB's caching will be just as good, but for others, not at all.
In most cases you could add a shared cache to fix the problem - e.g. put your shared state in Redis, or in a file that is synced across servers (if its kept as state in a long running process it cannot need to be updated frequently).
PHP did better than python and perl. Python is doomed. PHP got a good jit already, a good OO lately, good frameworks, stable extensions. It has a company behind.
Unlike python or ruby which break right and left all the time on updates. you have to use bunkers of venvs, without any security updates. A nightmare.
What's so bad about Python's virtualenv? It's a good way to have an LKGC (Last Known Good Configuration). When a CVE happens, you spin up a new venv and do smoke test, canary test, blue/green deployment, and so on.
If the update breaks things, you go back to the old venv. If the update goes well, then you just delete the old venv.
Not implementing security updates the right way is just human laziness and has nothing to do with the language in use.
No matter how you look at it, the dependencies have to go somewhere. Node uses node_modules, most compiled languages require compiled libraries (or they're a huge blob), etc. Idk about PHP but I'm pretty sure 3rd party things for any given app also live somewhere. Different ways of managing dependencies. It's recommended that venvs are used in Python because you may accidentally nuke a system script by doing global installs, and otherwise there still needs to be some sort of 3p version handling when you have multiple projects going.
Once something works in Python (which uv now makes trivial; before it could be a pain), updating 3rd party packages rarely cause breakage. But yes, I think many who use it hardly update, because things usually continue to work for years and the attack surface is pretty narrow[0]. Heck just a few days ago I checked out a project that I hadn't touched in years, which I wrote in Python 3.7; updated to 3.13 and it continued to just work. Compare to PHP which has a far higher attack surface[1] and often has breaking changes. I've heard a couple nightmare stories of a v7.x -> v8.x move being delayed because it required a serious codebase rewrite.
I don't think it's true that experienced hands will be faster in PHP than in Python or JS or whatever. It's just about what you know, and experienced hands are experienced.
Eh, you know, when the conversation has devolved to the level of "Python is slower to develop in than PHP because of spaces or tabs", you have to bust out the Hebrew.
Where are my backbone apps? In the trash? Me ember apps? Next to them. My create-react-apps? On top of those. My Next apps? Being trashed as we speak. My rails apps? Online and making money every year with minimal upgrade time. What the hell was I thinking.
People bicker about PHP and Javascript, sorry Typescript, like they aren't both mule languages peoppe pick up to get work done. They both matured really well through years of production use.
They are in the same group, similar pedigree. If you were programming purely for the art of it, you would have had time to discover much nicer languages than either, but that's not what most people are doing so it doesn't really matter. They're different but they're about as good as eachother.
Not sure what you’re talking about, I scaled to millions of users on a pair of boxes with PHP, and its page generation time absolutely crushed Rails/Django times. Apache with mod PHP auto scales wonderfully.
I have a S21 which was released in early 2022. Bought it new in late 2023 for 430€. I don't see any reason to get a new one currently. Had to service it twice for water damage to be honest but service was free
Because naming things is one of the two hard problems in computer science — the other being cache invalidation and off-by-one errors.
More seriously: Tesseract (the 4D hypercube) felt right for a tool that adds a dimension to how you see architecture. And if you've seen Interstellar, there's a scene where the tesseract reveals the hidden structure behind everything — that's basically what this does for your codebase.
I was aware of the OCR library but figured a 40-year-old project can share its name with a newcomer. No one's going to accidentally npm install their way into a 3D architecture editor.
Is it superstition to deduce that I get gassy after eating beans? I need a scientific study to tell me this? Same for if a screen hurts my eyes (not long term, like truly my eyes hurt) when using bright white colors at night.
Yes, actually, if someone has direct scientific evidence contrary to the claim (I doubt such evidence exists for your first example as to the best of my knowledge the relationship between beans and gastrointestinal changes is well understood).
Your eyes could hurt for a variety of reasons - brightness, too long screen time, being dry for external reasons, etc. Most humans are poor at identifying the cause of one-off events: you may think it's because you turned on a blue-light filter, but it actually could be because you used your phone for an hour less.
That's why we have science to actually isolate variables and prove (or at least gather strong evidence for) things about the world, and why doctors don't (or at least shouldn't) make health-related recommendations based on vibes.
It's pretty clear, even on monitor, night and day difference at a push of a button. I'm not arguing if this helps you sleep better but it is pretty arrogant of you to tell me I can't figure out from my own experience if something is comfortable or not.
It’s about the equivalent of someone claiming my saying I find woollen clothing directly touching my skin to be irritating / itchy requires double blind randomised controlled studies to determine whether this is true at the population level.
There are eight billion of us, we can’t all be different, there must be at least some categories we can’t be sorted in to, maybe those who find woollen clothing itchy and those who don’t, and those who find blue-light reduction more comfortable and those who don’t.
One of my pet theories is that this hyper fixation on The Ultimate Truth via The Scientific Method is what happens when a society mints PhDs at an absurd rate. We went up with a lot of people who learn more and more about less and less, and a set of people who idolise those people and their output.
If your eyes routinely hurt when doing something, and then they stop routinely hurting after you make a change, that's pretty good reason to believe that there's a causal effect there.
Sometimes the causality is clear enough that you don't need sophisticated science to figure it out. Did you know that the only randomized controlled trial on the effectiveness of parachutes at preventing injury and death when jumping out of an airplane found that there is no effect? Given that, do you believe there really is no effect?
There's a few viral shorts lately about tricking LLMs. I suspect they trick the dumbest models..
I tried one with Gemini 3 and it basically called me out in the first few sentences for trying to trick / test it but decided to humour me just in case I'm not.
Sort of like nuclear weapons
reply