By “voluntary excessive data sharing” you mean push notifications? That’s a feature mobile apps need, not something “voluntary”. Having apps keep long-lived sockets open, accept incoming connections, or poll a server are all non-starters for mobile devices.
It’s the US government in a lot of these announcements because there is some degree of transparency allowed. When repressive governments to this, and they do, it’s harder to confirm what’s going on and you just hear stuff about “state-sponsored actors”.
Well, when the GC is called, all callers’ registers have either been saved to the stack, or they’re callee-preserved registers. Either way the GC can find them.
I’m less sure about other threads. An inactive thread’s registers are all saved to a buffer, but I’m not sure how or if you can find the registers of another active thread (plus, they change constantly…j
A new component “systemd-storagetm” has been added that exposes all lock block devices as NVMe-TCP. This is a very nifty feature inspired by macOS with the new systemd Storage Target Mode.
Whoa, that’s really cool! Target Disk Mode for Linux machines.
This is how the Web Push API works. It is a pretty nice protocol. The browser (or whatever other tool imolements it) gives you a URL and a key. Then the pusher hits the endpoint with an encrypted blob.
IIUC WebPush can also traverse Android and iOS (has that shipped yet) push notifications so it seems like this could be implemented.
It seems like the worst case would be that you don’t get a perfect preview for the notification. But it seems that even if the key lives with the OS not the target application that should be good enough for most cases.
How does this prevent mitm? If Google/Apple both distribute the public keys and route the notifications, they can (be compelled to) generate their own keypair in-between. It would be detectable (though not by the apps themselves, since they’d never see these keys), but.
This is still the domain of wizards. When you try working out how to make your Rust program smaller or use less memory the answers are sadly wizardry :-(
What’s the general consensus on this? I admin linux systems with systemd (so I’m not a ‘nevar systemd-er!!!’) but I look at the release announcement and all I can think is “Ah, the Windowsification of Linux continues apace…”
They are definitely a huge improvement. But compared to Scala, Haskell or even F#, they are still way behind. There are many problems with ergonomony and those are important, because bad ergonomy means people keep using plain primitive types like strings etc. In particular, is it still required to have one record class per file?
They also lack many abilities in terms of expressiveness, for example (to my knowledge) it’s impossible to model GADTs and it’s impossible to enforce state validation beyond what the typesystem offers both at runtime or compiletime (unless making the compiler throw an exception). Also, there is no concept of “cardinality” for Java’s records, so in the future it will be harder to build on top of them and distinguishing between records with different number of fields. Furthermore, Scala’s case-classes do have automatic copy-methods, which record classes are missing.
Great write up. The error messages look really nice.
Hashing strings with for example FNV-1a is as expensive as the string is long, because the hash has to take every character into account.
Is that really true? I would expect that the hash algorithm could just do the first N bytes. It is going to have to compare the whole string regardless because two thing could hash to the same value just by chance. That might explain why you “only” saw a 2x speedup with hashing ints.
Also I am curious what gains came from the “fast paths” optimization. There were no benchmarks provided.
Marcan implemented some hacks to make it run, but making it run well would be a huge undertaking. An easier method of having an X11 desktop on Asahi Linux is probably to run Xwayland in rootful mode. I’m not sure if there are any drawbacks compared to using Xorg.
Wouldn’t it be trivial for apple and google to implement e2ee for notifications?
Generate an asymmetric keypair for notifications per device, or even per app. The pair could also be shared via keychain or whatever for convenience. Google/apple can then distribute the pub keys to apps that are granted notification permissions.
Then apps can encrypt their notifications with the pub key. They can also sign it, so google/apple servers can’t mitm.
By “voluntary excessive data sharing” you mean push notifications? That’s a feature mobile apps need, not something “voluntary”. Having apps keep long-lived sockets open, accept incoming connections, or poll a server are all non-starters for mobile devices.
It’s the US government in a lot of these announcements because there is some degree of transparency allowed. When repressive governments to this, and they do, it’s harder to confirm what’s going on and you just hear stuff about “state-sponsored actors”.
Well, when the GC is called, all callers’ registers have either been saved to the stack, or they’re callee-preserved registers. Either way the GC can find them.
I’m less sure about other threads. An inactive thread’s registers are all saved to a buffer, but I’m not sure how or if you can find the registers of another active thread (plus, they change constantly…j
[head explodes at such waste of space]
yes.
Whoa, that’s really cool! Target Disk Mode for Linux machines.
Is this your reaction to the headline feature, or really to a good chunk of the things listed in the release announcement?
NFTSet=sounds very nice, having ports open only when services are running would be useful.Surprised PIDFDs wasn’t the pre-existing choice.
This is how the Web Push API works. It is a pretty nice protocol. The browser (or whatever other tool imolements it) gives you a URL and a key. Then the pusher hits the endpoint with an encrypted blob.
IIUC WebPush can also traverse Android and iOS (has that shipped yet) push notifications so it seems like this could be implemented.
It seems like the worst case would be that you don’t get a perfect preview for the notification. But it seems that even if the key lives with the OS not the target application that should be good enough for most cases.
so it’s slow?
How does this prevent mitm? If Google/Apple both distribute the public keys and route the notifications, they can (be compelled to) generate their own keypair in-between. It would be detectable (though not by the apps themselves, since they’d never see these keys), but.
This is still the domain of wizards. When you try working out how to make your Rust program smaller or use less memory the answers are sadly wizardry :-(
And I use PGP for email several times per month, so I cancel out your anecdote!
Joking aside… it’s not my favorite thing, but what options exist that aren’t walled gardens?
What’s the general consensus on this? I admin linux systems with systemd (so I’m not a ‘nevar systemd-er!!!’) but I look at the release announcement and all I can think is “Ah, the Windowsification of Linux continues apace…”
They are definitely a huge improvement. But compared to Scala, Haskell or even F#, they are still way behind. There are many problems with ergonomony and those are important, because bad ergonomy means people keep using plain primitive types like strings etc. In particular, is it still required to have one record class per file?
They also lack many abilities in terms of expressiveness, for example (to my knowledge) it’s impossible to model GADTs and it’s impossible to enforce state validation beyond what the typesystem offers both at runtime or compiletime (unless making the compiler throw an exception). Also, there is no concept of “cardinality” for Java’s records, so in the future it will be harder to build on top of them and distinguishing between records with different number of fields. Furthermore, Scala’s case-classes do have automatic copy-methods, which record classes are missing.
So what is your definition for referential transparency now? Is it the one of the haskell wiki, combined with the “primitive equality”?
So then, can you give a well defined and unambiguous definition of that “performance” that you are talking about?
Great write up. The error messages look really nice.
Is that really true? I would expect that the hash algorithm could just do the first N bytes. It is going to have to compare the whole string regardless because two thing could hash to the same value just by chance. That might explain why you “only” saw a 2x speedup with hashing ints.
Also I am curious what gains came from the “fast paths” optimization. There were no benchmarks provided.
Marcan implemented some hacks to make it run, but making it run well would be a huge undertaking. An easier method of having an X11 desktop on Asahi Linux is probably to run Xwayland in rootful mode. I’m not sure if there are any drawbacks compared to using Xorg.
one of my favourite algorithms, it’s just so satisfying to see how it works
Wouldn’t it be trivial for apple and google to implement e2ee for notifications?
Generate an asymmetric keypair for notifications per device, or even per app. The pair could also be shared via keychain or whatever for convenience. Google/apple can then distribute the pub keys to apps that are granted notification permissions. Then apps can encrypt their notifications with the pub key. They can also sign it, so google/apple servers can’t mitm.