I know this is satire, but the progression of things is pretty stark:
2005: "Code on the internet can be dangerous!"
2026: "To use this project, let's start by downloading 2,000 direct and transitive dependencies."
It's like the line from "The Big Short" regarding mortgage bonds: "You read them? No one reads them. Only the lawyers who put them together read them."
What sort of inconceivable thing today will we be doing in 10 years? Maybe all code is AI generated and never read by a human.
It used to be a practice among emacs users to install code directly from emacswiki (which doesn't even require an account to edit pages), which is one of the few options for software distribution I can think of that's even less secure than the current state of the world. The modern practice is the "install stuff from people's forges, or one of the package managers that basically just pulls from forges", but afaik in practice there aren't many dependencies and the ones that exist mostly tend to be one of a few "missing batteries in the elisp stdlib" libraries.
Interestingly, bash does something similar, faking a system device: cat </dev/tcp/smtp.google.com/25. Unfortunately, it's not a real OS feature, so it doesn't work in other programs.
pyj | 10 hours ago
I know this is satire, but the progression of things is pretty stark:
It's like the line from "The Big Short" regarding mortgage bonds: "You read them? No one reads them. Only the lawyers who put them together read them."
What sort of inconceivable thing today will we be doing in 10 years? Maybe all code is AI generated and never read by a human.
quasi_qua_quasi | 7 hours ago
It used to be a practice among emacs users to install code directly from emacswiki (which doesn't even require an account to edit pages), which is one of the few options for software distribution I can think of that's even less secure than the current state of the world. The modern practice is the "install stuff from people's forges, or one of the package managers that basically just pulls from forges", but afaik in practice there aren't many dependencies and the ones that exist mostly tend to be one of a few "missing batteries in the elisp stdlib" libraries.
gignico | 6 hours ago
The same happened to regular users.
2005: providing your real name on the internet is dangerous, use nicknames!
2026: it’s fine to tell them your name, where you live, and literally anything else about yourself!
dijit | 5 hours ago
More like “Real Names are mandatory for account creation” these days.
But yes, these progressions from unthinkable to common have a surprising number of occurrences.
riki | 2 hours ago
Is that the case for anything other than Facebook and LinkedIn?
aw1621107 | 12 hours ago
Fun fact: Godbolt/Compiler Explorer has similar (albeit more limited) functionality:
Unfortunately the example in the OP does not work on Compiler Explorer, presumably because of the noted caveat.
[OP] lcamtuf | 12 hours ago
Interestingly, bash does something similar, faking a system device: cat </dev/tcp/smtp.google.com/25. Unfortunately, it's not a real OS feature, so it doesn't work in other programs.
0x2ba22e11 | 7 hours ago
Heh you could maybe mount a FUSE filesystem there to make it work for all programs?
The bash thing works for things that only care about file descriptor numbers and not about filenames.
jaredkrinke | 10 hours ago
yoi | 2 hours ago
you really got me... I was focused and waiting for the... lock!!!
chris-evelyn | an hour ago
Tsoding did something like that a few years ago: Including C file over HTTPS