>So...here's the question. I don't think these are broken, so what are you fixing?

First, it's not just about something not working. It's about creating tools that are extensible and understandable and hackable. Open Source is not just about "working", it's about being modifiable by the end user. All this cruft (a mess of 200 obsolete architectures, dead code and deprecated library support that nobody used since 1988) works against that goal.

Second, there are things that would be essential for some people, like international users (e.g proper multibyte support) that cannot be added due to dependancy of some custom methods of handling encodings. That's not some wishy washy magical unicorn feature request, it's essential for the main operation of what less does for those that have to deal with these encodings.

Third, there's nothing wrong in taking pride and crafting finely your tools. UNIX is supposed to be made of things that "do one thing and do it well". Less having its own utf-8 support breaks this division of responsibility. We have libaries for that. Same for getopts vs it's custom options parsing.

What's the library for UTF-8?

At least for programs written in C, most (all?) modern Unix-like platforms should include the functionality in the base install. On the language side, C89 requires support for wide and multibyte characters in a conforming libc implementation. And POSIX furthermore requires a locales/iconv system to specify and convert between encodings. Neither of those strictly require that UTF-8 be one of the supported encodings (C89 predates Unicode), but any reasonably modern implementation will include Unicode locales. And if it doesn't, I think at this point you can just consider that to be the system's problem: the current assumption for POSIXy programs is that they will use the system locales, not try to implement their own encoding machinery.

Well, ICU http://site.icu-project.org/ would be a good start.

Did you read the blog post? Here's what he fixed:

>So, now it:

>Speaks terminfo (X/Open Curses) instead of ancient BSD termcap

>Uses glob(3C) instead of a hack involving the shell and a helper program (lessecho, which I've removed from my tree.)

>Functions properly as /usr/bin/more, both with and without -e (even on broken xterms)

>Is fully ANSI C (or ISO C, if you prefer)

>Passes illumos' cstyle code style checks

>Is lint(1) clean

One thing I have noticed is that less's filtering ('&<pattern>') is sloooooooooow compared to grep.

If that were improved I'd never have to use tail -f ever again.

Someday, I'll look into it.

>I don't think these are broken, so what are you fixing?

This is what the post talks about. But in short, Iluminos (An operating system derived from OpenSolaris) needed a posix compliant pager(/usr/bin/more), ported the less program to their OS and in the process found many issues which they cleaned up and fixed.

> So...here's the question. I don't think these are broken, so what are you fixing?

I know many people that never got a BSOD on Windows. Does this mean that there is nothing that could be fixed about Windows? Or is it possible that different people have different experiences?

Alright. If you are a web developer or you are a whatever who knows nothing about security, please read resources that apply to whatever you do.

Learning security on a topic will make you so much better at what you do and it will make you learn internal details AND best practices.

The things you build will be BETTER not just more secure

I'm really tired of reporting account hijacks and Remote code executions to startups who look at me blankly when I explain what I did

Seeking work. Remote

I do security consulting and work at a well known security startup. If you have a web or mobile app that you need help either implementing, scaling, or someone to pentest and double check your security settings, crypto, token implementation, whatever you need then I'm your guy. I'm available for short or long engagements

You can email me at evanjjohns at gmail

This looks really cool. There are a lot of people (like me) who live in tmux and I'm really surprised this hadn't been done earlier.

It is incredible, the equivalent of the "Oceans" movies but electronic instead. For everyone one of these sophisticated attacks there is a huge number of smash and grabs.

Really interesting stuff. It is only getting better as well (imho). I am honestly not noticing any increase in security aptitude in the average engineer. People are still making the same mistakes.

Hi Sol,

Where's my t-shirt you promised me 5+ months ago? =]

-Tk2oG

Shiiiiiiit busted. I swear I asked about hylete pricing today!

SEEKING WORK Location: USA, DC REMOTE: Yes

Security, cryptography, web-development, security consulting.

I work at a successful security/crypto/web startup co. Looking to make some money on the side, remote and short term. I would be great for pentesting your web or mobile apps.

Contact me. evan@honelerts.com

Applications are separated by Linux permissions on android. Attempting to read or write to other application directories simply won't work. Your fear is not correct for the average case user

It looks great. UI is really nice to look at.

Looking around, this has a long way to go before it is able to compete feature wise with current commercial managers.

Also, it's going to take a long time, security-wise, to get up to par with the current commercials as well. It sounds like I'm being harsh but there are a lot of possible issues to consider. An HSTS header would be a nice start......

Palantir is pretty mysterious to me. Frankly, I don't see the demand for their software being high enough to warrant their size and number of employees.

I guess I'll just have to wait and see what happens.