articles don’t mention mitigation methods.

what to disable in thunderbird to not be vulnerable to “obfuscated JavaScript file that is sent to the victim through emails in archive files.” and prevent that “The JavaScript file drops a self-copy at “C:\Users\<Username>” location with random names like “needlereportcreepy.bat”. The bat file is then executed”?

Shell scripts were a mistake. The weirdness you have to remember to safely stop executing when something fails is mind-boggling.

nushell scripts aren’t shellscripts?

exactly. Forking for any reason is the essence of FOSS.

Scenarios like OPs were taken care of right from the start. That’s just the legal side, tho. But someone still needs to do the actual work which is why it sometimes fails.

Public funds.

There actually are lots of initiatives (e.g. https://bigdatastack.eu/european-open-source-initiative ) but it’s still young and there are multiple problems between available public money and contributors actually earning a salary.

Money is not the problem.

either earn a good living being a code monkey, or find a job in a small company that has passion

crazy idea: let’s publicly fund FOSS projects so devs working on stuff they like with a passion can actually make a good living and enable sustainable non-profits to hire expertise, marketing and all the stuff a company needs

the result would be actually good software and happy devs

That was also the time where some classic tunes were created…

25 years in the industry here. As I said there’s nothing against learning something new but I doubt it’s as easy as “leveling up”.

Both fields profit a lot from experience and it’s as much gain for a scientist do become a software dev as an architect becoming a carpenter. It’s simply not productive.

there is so much time lost in research institutes because of shoddy programming

Well, that’s the way it is. Scientific code and production code have different requirements. To me that sounds like “that machine prototype is inefficient - just skip the prototype next time and build the real thing right away.”

It’s always good to learn new stuff but in terms of productivity: Don’t attempt to be a programmer. Rather attempt to write better research code (clean up code, revision control, better commenting, maybe testing…)

Rather try to improve cooperation with programmers, if necessary. Close cooperation, asking stupid questions instead of making assumptions etc. makes the process easy for both of you.

Also don’t be afraid to consult different programmers since beyond a certain level, experience and expertise in programming is vastly fragmented.

Experienced programmers mostly suck on your field and vice versa and that’s a good thing.

Consequence:

Software can only be good, when enough people WANT to work on it and with it along the complete life-cycle. There’s a critical amount of developers/contributors/testers and (feedback providing) users.

Hence a lot of critical consumer stuff is based on popular opensource.

Also, we’re entering an aera where the difference between hardware/firmware/software gets increasingly blurred. So all of this applies to more and more hardware, too.

• do one thing and do it well

byebye unix principles

Zorin

Not sure if I’d trust an OS named like a Bond villain.

Great, now find a project to apply it and collect your participation trophy. :-P

Just use your media corporations

Exactly. It’s easier for smaller NGOs to do political lobbying since they don’t have any media corporations available.

If you take that away, you’re basically left with big actors and social media.

and produce tons of excellent, reviewed but useless code on the way.

corporations with big pockets have more possibilities to influence than regular people, or even NGOs

I guess nowadays it’s cheaper to target social media and let the voters + traditional media do the lobbying.

Unironically Lynx and Elinks.

We should

license is probably the reason they’re doing it. no way around that without infringing copyright law I guess.

I find too verbose comments less annoying than no comments.

Try to describe the bigger picture. Good comments allow understanding the current portion of the code without reading other code.

Also add comments later if you find yourself having to read other code to understand the code you’re currently looking at.

Comments are also a good place to write out abrevations/acronyms.

Never optimize for sourcecode size.

you could check how other FOSS do it. e.g. you externally link it as a library and use another license the user has to agree on just for that.