Broad appeal? You can’t do anything good aiming for broad appeal. People like too different things, they all don’t mash together well. If you add to many tings that appeal to different people you end up with incoherent mess. Instead of appealing to everyone you end up pissing off everyone in many different ways.
Look at the Ring of Power. Did it have broad appeal? Maybe, first 2 episodes brought in 25 million viewers. The whole first season was watched by 150 millions, despite season completion being ~40%. For reference, X-Files pulled in more only in 1 of its 11 seasons with most under 20 mil, and Friends lowered in 20-25 mil with only one season being about 30 mil. So the numbers are impressive but do you know anyone who loves the Rings of Power? Anywhere near to how people love SG-1?
This is one of the reason why that law will surely be challenged and very likely invalidated by SCOTUS. Trade secret protection is a very fundamental part and if this is forced to be broken by legally compelled speech, then it needs to have very creative interpretations over judicial precedents.
99% of the server code doesn't deserve trade secret protection, and fulfilling the goal of games continuing to work doesn't require releasing the other 1%. They can keep their matchmaking algorithm secret while releasing the code that lets people straightforwardly connect to each other. They can keep most of their code secret.
What a fucked situation where a company that fails who took money from people on the premise of a service existing no longer offers that service, says it's against the first amendment to enable people to continue having access to the product they paid for.
If this only applies to new sales then there is nothing that must be broken. The developers would need to choose technologies where license allows this. Those that don't wouldn't get new sales from game developers.
It's the same as GPL and similar licenses. If you don't want to publish your source that contains trade secrets then don't incorporate GPL licensed code.
There are also already various laws which compel certain types of speech. Consider things like nutrient labels or ingredient lists.
Issues like that are part of why the law is only going to apply to new releases.
If you still choose to license something you can't release later, and it's critical to the game's operation, then that's a deliberate liability and you'll need to replace it.
That sounds like a bad incentive. Lots of games license software like Photon to run game servers. For many games, building something like that is a non-starter.
It's not like it specifically has to be open source. Photon can license their software in a way that allows for free servers that are still tied to the specific game. And then companies can buy that.
And it's not expensive for Photon to do that, so I don't see why they wouldn't add that feature for a modest price or even free. (And that's assuming the license doesn't already allow it.)
I’m not sure what you mean. Photon makes money running game servers as a service. It wouldn’t surprise me if their business wasn’t viable selling software alone.
As far as I can tell, you can have Photon run the servers or you can license them to run yourself. Though they clearly prefer the former.
Either way, there's not much revenue coming in to most games by the time the developer wants to abandon them, and Photon's not getting paid much either. There's a lot of ways to make this work out monetarily.
It’s not that simple. Many of the newer products are designed cloud-first.
I’d love to see you rise to the challenge. If you think there’s an opportunity to make money here, “lots of ways to make this work,” perhaps take it up yourself.
Cloud first is fine as long as there's a fallback. Photon has a fallback.
Can you name something that's stuck on the cloud on a technical level and also couldn't be substituted with a mild dev effort?
Right now I don't think it's a good money making opportunity. Becoming one would need Photon or some other significant service provider completely refusing to license their software in a way that's compatible with this law, and assurance that they'll continue to refuse while I build my entire product around supplementing/replacing them.
Simple: that contract would be illegal. It's that simple. You can't put yourself into a position where you would be violating the law. The licensor would be on the hook for violating the law. This is "you can’t outsource compliance". Either your contract makes sure that you are compliant or a judge would make you both.
so a new law making it required would likely solve the legal issues, and gets the dev team (the only ones thinking about users or doing what's right) get what they wanted from the start?
I doubt it. I don't think another law _reduces_ legal issues. If anything it makes the situation more complicated. The plug is still getting pulled and I don't think this materially changes the outcome. If the company shuts down I'm not sure there is a legal obligation to release the code or refund. What entity would be responsible for that work?
Take I’d for example. They released source code for genre defining extremely popular games and were fine.
And how often is code reused anyway? Every online game seem to either use mostly stock server code that comes with the engine or build anew every time.
I just want my brightness/volume indicator back in the middle of my screen without fluffy graphics.... :( I dont know why it isnt even a power-user option....
Technically correct, but… Want to build a web app, every more or less popular framework is async. Want to make a web request? High change of async. Database? Very likely async, too. A huge fraction of crates are async. Right now crates.io says there are "54172 reverse dependencies of tokio”. And the page that lists them struggles mightily to load. And that’s only direct dependencies of tokio, no indirect ones, no dependencies on other runtimes, no generic dependents.
And all the popular ones include a synchronous interface you can use instead of the async one. If if they don't, you can wrap your calls in spawn_blocking.
You might complain about it pulling in tokio, but that's a very different complaint than having to learn/use async.
Is the inclusion of synchronous interfaces a new thing? When I learned actix_web 2-3 years ago for some webservices at work, the documentation surely (at least) started of with async functions everywhere.
Did that change? Were synchronous interfaces introduced later in the actix_web documentation? Or did everybody switch over to axum in the meantime and axum has synchrounous interfaces!? (I just checked and according to crates.io axum seems to have 8x the recent downloads of actix_web.)
background: actix_web is still the only Rust webframework I have experience with
You seem to have picked the framework where the selling point is literally providing an async actor model, so yes, it's probably going to be async. If you don't like async, you probably should be spending time getting experience with one of the frameworks that's less opinionated.
Dependencies having to pull in tokio is an even larger issue, indicating that async‘s promise of „bring your own runtime“ is a bit of a lie. Lovely, lovely dependency hell.
> Want to build a web app, every more or less popular framework is async.
I think its the same as Java, Tomcat has some async threadpool inside, they just hide it from you, and your favorite rust framework doesn't, you need manually move your sync logic to Tokio spawn_blocking
Java is different. Tomcat's thread pool is the older way. A lot of newer stuff was using something promises-related instead with an event loop. But then recently Java added virtual threads which should obviate the need for that, similar to Go. Rust considered virtual threads but chose against that because it requires a more abstracted runtime like Java and Go have. Great preso on this https://www.youtube.com/watch?v=lJ3NC-R3gSI
All the "async" stuff is super poorly named. They mean cooperative multitasking, or I guess "async within a single kernel thread." Yeah multiple kernel threads are asynchronous but "async" doesn't mean that :S
There's an API to call async code in a sync context, it's called block_on. You can just spawn threads and do your block_on on every async API you encounter and go on about your life. Pair it with a good mpsc library for inter thread channels (or just use the stdlib mpsc - even though it's slower and strictly worse than libs, it doesn't matter) and you are good to go
Likewise there's an API to call sync code in async context, it's spawn_blocking (or sometimes block_in_place but, stick with spawn_blocking)
One thing Plex does better is media detection. Like you can plop all your shows in a folder and it still will make sense of it. Jellyfin insists on a very specific directory structure and file naming. It’s very frustrating if you only want to watch a show and not interested in maintaining a perfect library.
It's astounding how much every single system out there fights and fights and fights against showing you your directories, as they are.
I started but didn't finish a Rygel + local-search (nee Tracker) plugin to try to finally get that. I wish the upnp media services were better. I keep telling myself I'll build a nice client/controller... Some day.
Is there anything around that does _not_ force a management system? I really just want a thing that primarily just tracks if I've seen a particular file, secondarily maybe let me control playback from a different device. Actually figuring out what media those files map to is a distant third.
DLNA usually doesn’t force any system and more or less exposes fs. Some TVs natively have a client. Otherwise Kody or some other client app can be used to browse and play files.
As far as I can tell plex only wants separate folders for different kinds of media and file names that give at least some clue to what it is. Plex is much more lax.
The problem with Plex is that is has a very opinionated system that ignores how things are in real life.
One example I can point to is Stargate SG-1. Episode 1 is a two parter and depending on who you ask it's either Episode 1 and 2 or Episode 1 which causes all subsequent episode numbers to be thrown off by 1 depending on how you count.
This confusion is further complicated by the release order on DVD/Bluray, the order of airing, and the fact that all of these things can be different in different regions of the world.
That has more to do with TheTVDB than with Plex itself, and it's really nothing compared to what Jellyfin demands. Plex at least supports several different alternative directory structures and file naming schemes. In order to transition to Jellyfin I would have to rename thousands of files to comply to its specific requirements, whereas Plex was mostly okay with the way I had organized my files offline.
I actually discovered the advanced item ordering menu where can you change the series episode order source, it solved this exact problem for me yesterday
It's a big deal because there's no rhyme or reason why it's one way or another way in different series so when you ask your TV through voice command to "Play Season 3 Episode 2 of [Show] through Plex] and then your TV plays the wrong episode it becomes a big deal.
It does give full access but Obsidian does tell you that. Community plugins are not enabled by default, you have to enable them manually. Same happens with a shared vault: once you get it you still have to manually enable plugins. So far no one managed to sneak in a plugin completely unnoticed.
To make an actual counter, you need numbers. If only a tiny niche of users use it without community plugins, then yes, it's unusable (in a practical definition of the term)
The attack here requires not just enabling community plugins, but also syncing the attacker's vault to your computer, and also separately enabling the synchronization of the attacker's plugins with yours.
Obsidian Plugins are still incredibly vulnerable. A compromised plugin will essentially take over your machine. There's no sandboxing of any kind. It's even more insecure than browser extensions (that could steal your auth tokens, but at least don't have unfettered access to your filesystem).
This is really unfortunate. I love Obsidian and am a paid subscriber for many years, but the community plugins needs a security overhaul asap, before someone gets hurt.
Not even slightly. Browser extensions are a trivial counter-example, as are all flatpacks, and anything restricted by user/group. That covers probably literally a majority of all software on your computer, because people have been voluntarily restricting their software to protect you from their potential accidents for decades.
In practise, Flatpak packages have many more permissions than you might expect, and the sandbox feature gives a false sense of security. For example, the Obsidian Flatpak package [0] is given all of the following abilities without explicit permission from the user (the user has to know where to look to find out about them):
- Home folder read/write access
- System folder media
- System folder mnt
- Microphone access and audio playback
- And more...
The Obsidian snap [1] is installed with the --classic flag, which also grants access to the whole home directory, but at least you have to consciously specify the --classic flag to grant this permission.
fwiw blocking access to anything except my notes folder (and denying internet, among other things) is my very first step when installing Obsidian. Flatseal makes that quite simple.
Flatpak could of course be significantly better... but it's still a massive step in a better direction.
> That covers probably literally a majority of all software on your computer
If you're running GNU/Linux, chances are you'll have hundreds, if not thousands, of pieces of software that run totally unsandboxed.
Yes, a very small minority of applications are unfortunately primarily distributed via flatpak or snap, and the distributors don't care about the user experience, so it's error-ridden and problem-ridden, but chances are you can get a "normal computer program" version of it unencumbered by such grossness.
And tons won't be part of e.g. root, or dialout (to pick one I've had to deal with a lot lately), or many other more-privileged-than-default groups, yes. That's a permissions system working as intended.
Besides. They said "all software on your machine". That is trivially false, to a significant degree.
I was pointing out that the claim that "literally a majority of all software on your computer" runs sandboxed is also trivially false, to a significant degree
A majority have more access controls than obsidian plugins, yes. I think that's fairly safe to say, given that new system installs often have hundreds of processes already running.
Sandboxing, at least in the sense of easily configurable access with default deny on most even somewhat sensitive things: agreed, sandboxing is fairly uncommon in general, definitely not a majority on most systems. When ignoring the elephant in the room: mobile OSes.
> A majority have more access controls than obsidian plugins, yes
A majority run as me, a minority run with root privileges.
> I think that's fairly safe to say, given that new system installs often have hundreds of processes already running.
Precisely! Those hundreds of pre installed processes are running without sandboxing, or any access control beyond what Obsidian has.
For example, did you know you can just `ls` a directory, or `cat` a file, and both of those applications will run with full, unsandboxed, unrestricted access as you? And there are countless preinstalled applications just like those.
I rely on Advanced URI, which opens certain functionality up to external apps. I use Raycast and with Cmd+Space, it lets me open vaults or daily notes.
And Obsidian_to_Anki, but that's probably just me because I have no clue how to use Anki otherwise.
Yeah, I don't use any community plugins. I take notes in obsidian. And it turns out, having multiple years worth of notes and todos in a tree of crosslinked markdown files is pretty handy in this AI era. I take notes in obsidian and run the Gemini cli from my vault. Works a treat.
An ADD/SUM feature on tables was the first plugin I installed. It could be argued this should be part of the TABLE but I guess the dev team has a lot on their plate not to mention I'm not even sure if there's a feature request for this ability.
All I want is a top-notch Markdown editor with a mobile app and trustworthy sync, and that's what Obsidian gives me. And if ever Obsidian goes away or is enshittified, I'll still have a perfectly good folder of Markdown documents that I can take elsewhere.
For me these are the self hosted livesync, copilot and readitlater for better web clippings.
I really don't want my notes on other people's servers so the official sync will never be an option unless they enable that to be self hosted as an option.
Seriously though, I agree with your sentiment that community plugin security can and needs to be improved, but how does someone saying they use it every day "disregard software usability as a formal discipline, along with decades of UX research and standards"
They are irrelevant for this dispute, because these problems do not concern them. And the amount of people using plugins because of some real demand is not low.
The parent comment says that Obsidian is not usable without plugins and it's simply nonsense. It would be very charitable to call this a "dispute."
Could Obsidian handle plugin permission better? I guess so. But that doesn't mean the users have to use plugins. It's ultimately the user's choice. Blender has zero security guards over the addons besides the OS's and the ecosystem thrives. So does Minecraft. These communities are essentially "arbitrary Python/Java code goes brrrr."
The discussion about the plugin-system, and the people who need it to which degree.
> The parent comment says that Obsidian is not usable without plugins and it's simply nonsense.
Sure, fair. But the comment happened in the context of talking about the plugin-system, and parent comment seems on the side that for them obsidian is worthless without plugins. Saying that other people have no need for them is pointless, because they are not in the picture. Phrasing could indeed be better, but talking about people who are not concerned by the problem is not really adding anything to the discussion.
I think if the wording had been something like "I, one person out of billions, personally find Obsidian to be unusable without plugins", there probably would have been no disagreement and this discussion would be moot.
The disagreement was because the actual claim made was far broader, and in that far broader context, opposite to reality. We can assume good faith and an honest mistake in wording, but we can also forgive respondents for reasonably taking the words at face value.
I think that's especially important to point out because it reminded me of a blog post by Obsidian that also was discussed here[1], where they talked about reducing supply chain risk by not relying on dependencies, but people quickly pointed out that this is only possible because users depend so heavily on extensions. Just look at that top comment and here we are now.
This combination of software relying on third parties without security seems to be untenable. Personally I've gotten rid of just about as many extensions as I can anywhere and switched to batteries included software.
Krita: that is a decision by Krita(/GIMP) and not anything inherent in "plugins" or "python" - it could be a bubblewrap/firejail contained process, for example (other OSes have similar-ish options but there's always something, e.g. don't use cpython). They have chosen to continue to put their users at risk by not doing anything at all like that.
There are of course complications, costs, and downsides associated with doing that. It might not be worth it currently, or performance costs might be too high, or the community might be overwhelmingly using abandoned plugins that won't be updated, etc. It's still a decision to remain complacent until forced by attacks though, it's well beyond common knowledge that these things happen so you can't really call it ignorance.
Software engineers at large would benefit from playing World of Warcraft, and seeing the ongoing fight between Blizzard and add-on authors.
WoW's whole UI is built in the same Lua environment as add-ons, and Blizzard has implemented some interesting restrictions (like the taint system[0]) to prevent add-ons from completely automating gameplay.
World of Warcraft is one of the most popular MMO's ever made.
You simply can't expect every software that wants a plugin system to have the same security practices as the most used software in the world.
In fact, there are many reasons why you might want a plugin to have full filesystem and internet access, such as batch processing or simply adding things directly from webpages. Sandboxing this will just make plugins less useful.
In the end it's a problem of trust. You're installing software from untrustworthy developers because you trust the name of the application those plugins are associated with.
You could fix the problem in Obsidian, but the same problem will happen in other software. Some of which simply can't justify bothering with sandboxing plugins. This is just the way plugins are.
> You simply can't expect every software that wants a plugin system to have the same security practices as the most used software in the world.
I'm not saying that I think they should, or that I expect them to. I'm saying that it's one particular implementation of sandboxing that has a bunch of interesting properties, and that makes it worth studying.
If you happen to use the WoW example in the future, the wiki efforts moved from the fandom one to wiki.gg[0], as voted by maintainers and contributors in late 2023[1].
Thanks! I've been meaning to read up on taint systems, looks interesting :)
I'm somewhat convinced that taint-influenced capabilities is a good future model to pursue. Computers are fast, I'm fairly confident that it chould be done at whole-computer scale and still be reasonable... though probably not with a million electron apps. Which is likely a good thing in aggregate (I say as a fan of web tech and the very compelling features such things offer. Great for minor or PoC, not for major pieces of software).
I'm not sure I agree or understand where you're coming from.
Side-loaded Android apps are still bound by all the same permission restrictions as any app installed by the Play Store. The only difference is Google didn't review it (for what little good that does) and that I didn't get the app from Google.
If I side-load a camera app, it still has to ask for camera privileges the same way any Play store app does.
Is there something in your message I missed about how it relates to this article or is this just being uninformed about side-loading?
Look at the Ring of Power. Did it have broad appeal? Maybe, first 2 episodes brought in 25 million viewers. The whole first season was watched by 150 millions, despite season completion being ~40%. For reference, X-Files pulled in more only in 1 of its 11 seasons with most under 20 mil, and Friends lowered in 20-25 mil with only one season being about 30 mil. So the numbers are impressive but do you know anyone who loves the Rings of Power? Anywhere near to how people love SG-1?
reply