Xarg blog Archive

Dave Hyatt just posted

Safari now passes the Acid2 test. There were two issues left that needed to be resolved.

which is indeed a good thing, but even better is that at the end he says:

Here are the patches for all of the problems fixed in Safari to make the test pass.

And then of course provides all the patches! That the fixes come back to the open source code base is a great thing. Also, seeing how little had to actually change and what exactly those changes were makes it hard to see why the other reasonably standards complaint browsers couldn't get there as well. I wonder if it's something they will even attempt to do with IE?

I have been looking vaguely at distributed SCM's again, with the idea that we might switch to Arch, svk, or monotone. One thing I have been watching is the stuff around git, which is what Linus is now shifting to for the kernel patch management -- and I ran across this hilarious and 100% accurate assessment of peoples concerns about SHA1 vulnerabilities...

in fact, this attack cannot even be proven to be malicious, purely via the email from Malice: it could be incredible bad luck that caused that good-looking patch to be mistakenly matching a dangerous object.

I really hate theoretical discussions.

The fact is, a lot of _crap_ engineering gets done because of the question "what if?". It results in over-engineering, often to the point where the end result is quite a lot measurably worse than the sane results. You are _literally_ arguing for the equivalent of "what if a meteorite hit my plane while it was in flight - maybe I should add three inches of high-tension armored steel around the plane, so that my passengers would be protected".

That's not engineering. That's five-year-olds discussing building their imaginary forts ("I want gun-turrets and a mechanical horse one mile high, and my command center is 5 miles under-ground and totally encased in 5 meters of lead").