this post was submitted on 10 Jun 2024
31 points (100.0% liked)
TechTakes
1425 readers
175 users here now
Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.
This is not debate club. Unless it’s amusing debate.
For actually-good tech, you want our NotAwfulTech community
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
iterm2 update, moving the shit out of the core application (like it probably should've been in the first place):
still never received a reply email from the author to my mail. wonder what they think/have learned of this experience tho
I'm afraid their character has been exposed
I uninstalled when they announced it but this week's news says it's time to uninstall macos too
I seem to remember iTerm doing something weird about 10 years ago, like adding telemetry, but I can’t find it…
Maybe this?
https://www.bleepingcomputer.com/news/security/iterm2-leaks-everything-you-hover-in-your-terminal-via-dns-requests/
jfc
to get on my soapbox for a moment: iterm2 is in objc, which still has a lot of the ancillary problems that C has. testing properly is one of them - I can easily see such kind of fuckups slipping past by simple virtue of human error, possibly helped along by shitty tools/choices[0]. for example, I know of nothing in C-land that enables property-based testing, and from a quick check it seems that XCTest also runs on the human-enumerated-tests philosophy. so if no-one writes the test that'll catch it, it could at best be caught by accident (through something else maybe triggering it).
and people are also really fucking bad at thinking in/about side effects. even a lot of systems thinkers seem to fuck that up.
/soapbox
[0] - I was recently debugging why a particular piece of Go software wasn't outputting anything I was expecting at the log level I had it set. quickly went to its repo, glanced at the code just to check if my expectation was right, then popped a message to a friend who deals with more Go than I do (which is near-nil, because it is a GARBAGE FUCKING LANGUAGE OF AND CAUSING NIGHTMARES, gah). he reminded me of the fact that Go had fairly recently fixed a bug in its stdlib logging library that had fucked up which levels it would handle things, due to an error in the fucking switch statement. for the stdlib goddamn logger. a bug which had been there for over 2y iirc.
Yeah, I that’s probably what I was thinking of.