Threads for Anvoker
-
My intuition on this issue is that if you do not go “far enough” on the dynamic typing and bundle it with something such as code-as-data, ala Clojure, then you end up in some awkward space where you do not get much benefit out of being dynamic. It’s very hard to say anything on this topic that has a high degree of confidence or that won’t piss off someone, but I think the fact that more and more Python developers rely on things such as mypy is a strong indicator that Python is in this awkward space I mentioned.
-
It has steadily become harder and more costly to unlock your bootloader and root your phone. The amount of rooted phones has gone down over time severely. The easy corporate friendly narrative is that they’ve given users a better experience and more control without root. This has some genuine truth to it! But the central issue is more related to how rooting is such a huge pain in the ass and loses you access to enough apps that even powers users have given up.
I’m not sure what it will take for people to recognize that this is not healthy and that it leads to a concentration of technological power away from the hands of users and more into the hands of corporations. If you have a healthy user base with root they can push back against bloatware, abusive telemetry and OEM spyware for starters. If however you have a root population of <2% then none of this matters.
All it takes is for a couple of apps a lot of people rely on to tick that box and make it so rooted users can’t use them, and suddenly root becomes so much less attractive to users. This eviscerates the resources the power user community has (by reducing its population) and people outright forget what benefits device control would have because nobody is even capable of demonstrating that anymore.
This is not about rights. This isn’t about whether you should or not have the right to access your banking app with root. Let’s stop thinking in terms of who is owed what and start thinking in terms of the world we want to live in. If you want to use root and avoid detection, the OS conspires against you. Steadily root population has been trimmed down via various measures and market conditions and now it is feasible for every app in the world to make it impossible for its users to continue using the app while having root.
They aren’t doing it because they’re moustache twirling villains, as another poster put it. They’re doing it because the cost of losing all rooted app users is tiny and it makes their security department happy. Ultimately their reasons don’t matter because the result is the same – the increased domestication of the user and consolidation of user population into specific settings that the OS developer approves of. The more users get into this approved band of user settings, the lower the cost of discriminating against everyone else.
Look at what the post actually mentioned. That MacOS will allow you to bypass captchas via remote attestation. Sounds great for the user! The problem is that once you have 80% of the userbase on this fast track, it becomes much more easy for Cloudflare to ramp up captcha frequency for the rest of the users. And now Cloudflare suddenly relies on MacOS ensuring that users on its platform minimize behaviors Cloudflare dislikes. Sure, even this case I’m presenting is hypothetical. The case itself is less important than the fact that we already have all the incentives aligned to produce this future trend: OS developers and big companies shaking hands to make life more convenient for attested users (that have the settings Apple / Microsoft / Google want them to have) while leaving others behind. Now it’s just one nice feature, but in the future there can be many.
Our lives are tiresome and complicated, convenience is a real resource we want access to, it’s not some luxury nobody really needs if they “actually” cared about freedom enough.
Over the years Android and Windows have become less free by about every metric I can think of. 15 years ago, the idea of your OS forcing you to restart to update would have been considered unacceptable. Now you will see apologists for it on even the supposedly “hardcore” software communities. The overton window has shifted so much that you have to be extremely optimistic to think it will not shift further – you are not immune to this overton window.
Remote Attestation is yet another piece of technology that has the potential to curtail what a user can do with their own devices. It will probably not be used in an obviously doomsday way. These companies have PR failures commonly, but they’re neither dumb nor evil, they’ll find genuine reasons, genuine benefits. They’ll use their vast access to social network to propagate ideas about these great benefits. We already have people on here and HN that hate politics and love tech and they don’t like seeing these heated political discussions that reek of hysteria. They are prime targets to become apologists corporations on these issues. It’s not a conscious effort by companies or said users, it’s just the structure of the social network. This results in users forgetting a bit more about how life could be with more user control. And that’s how the gap between consumer and corporation will be allowed grow. The expansion of this tech will be gradual, nobody will make it impossible to install Linux. Microsoft will not risk something that can get the EU in a legislative mood.
The fact that Microsoft pushed so hard for everyone to have TPM gives us a genuine signal of how important this is for them – it’s a hint they would really like to milk this technology in the future. This whole line of argument about “if they wanted to destroy free software, they could have done it ages ago, they don’t need Pluton” is fallacious. Microsoft doesn’t care about free software in the abstract. Free software won’t die by Microsoft consciously attacking it. It will wither away by big corporations creating a technological platform to which major service providers subscribe to, where alternative free platforms are second class citizens which lesser features, reduced convenience.
DRM is also a major threat where TPM can be leveraged to great effect. Regardless of your opinion on piracy, DRM has caused genuine harm to its users, the net effect is extremely negative. Based on how the current overton window is around piracy and how it’s difficult to get people to care enough about this even on HackerNews, Microsoft would have no problem expanding its DRM capabilities using Remote Attestation. We can talk shit all we want about how “companies have the right to exclude certain users that do x, y, z with their computers” – the end result will still be net negative for everyone except those companies.
If this again sounds like empty rhetoric to you, consider that if I’m wrong about being “dystopic”, and techniques like remote attestation and root detection are kept to a minimum, the average user loses almost nothing.
If I’m right and nothing is done, we become technological lumpenproles and the past will look like a golden age by comparison.
-
Since you’re obviously arguing with me despite not doing it in a reply to me, I’ll just point out that your moral theory is missing a big piece: effects on other people.
Say, for example, that you don’t want to have Windows force an update on you. OK, now what? Refusing to apply security updates isn’t just a you problem – you refusing to apply security updates can very easily turn your system into an attacker of my systems. Do I have a right to say that as a condition of network access to my systems you must agree to be a good steward of your systems and take at least some basic steps to prevent that?
And before you give an immediate answer rooted in freedom, remember that out in the real world this kind of “limit what you can do with your property, to protect others” is already a standard thing. If you own a piece of land that a river flows through, for example, you’re not completely free to do what you want with it, because what you do to the water in the river can and will affect others’ properties downstream of you.
So if you want absolute freedom with your devices, fine. Just don’t expect the rest of us to be willing to be on the same network as you when you do it, because your choices can affect the rest of us, and our property, and when that happens we have every right to step in and tell you to act in a way that only affects you. Which may involve denying you networked access to everyone else’s property.
-
I’ll just point out that your moral theory is missing a big piece: effects on other people.
I don’t think this is a missing piece in my moral theory any more than yours. It’s not like you spared a single line to actually consider the negative effects on other people in your posts. But I don’t hold that against you since we have different values and focus on different areas.
I’ve considered knock-on security effects, I just have no reason to believe they are significant enough to warrant this kind of behavior from software corporations AND I have no reason to believe that measures which I consider invasive and restrictive are the best possible solution out there. Other kinds of measures exist.
you refusing to apply security updates can very easily turn your system into an attacker of my systems. Sure, this is true, I am just arguing that the pendulum is swinging dramatically in one direction and I do not think it is for the good of the users at large and have not seen anywhere near enough evidence to suggest otherwise. The world of computing existed before these measures and didn’t collapse in on itself. Of course you can say that attackers were not as sophisticated in the past, but the truth is that the world got along and security can get better without things like Google and phone manufacturers making life hell for people that value rooting their phone.
The trade-off corporations choose to set matter dramatically. Users don’t get to choose anything other than “do I want to uproot my entire life for a significant portion of time and give up on Windows because I don’t agree with their trade-offs in this version?”.
And before you give an immediate answer rooted in freedom, remember that out in the real world this kind of “limit what you can do with your property, to protect others” is already a standard thing. If you own a piece of land that a river flows through, for example, you’re not completely free to do what you want with it, because what you do to the water in the river can and will affect others’ properties downstream of you.
I am aware of the concept of negative externalities. It’s not a matter of whether they exist, it’s a matter of magnitude and whether other recourses exist.
If you could incarnate the incentives of corporations into a person and question that person how much user control there should be, the answer would be “as little as possible that still keeps the platform attractive”. If you ask them how much user control should be sacrificed in exchange for security, they will say “as much as possible”, but note that “security” here is not “the user’s security”. It has overlap with the user’s security, but it primarily refers to the security of their systems, the convenience that security affords them, and the reputation gains from being seen as a “secure platform”. More often than not, it’s security by restriction – it’s not the expansion of platform features to empower the user to do more things securely. It’s the restriction of user power in the service of security, which is then presented as a new feature.
(Disclaimer that not all corporations are like this, but the vast majority of big tech is like this.)
So if you want absolute freedom with your devices, fine. Just don’t expect the rest of us to be willing to be on the same network as you when you do it, because your choices can affect the rest of us, and our property, and when that happens we have every right to step in and tell you to act in a way that only affects you. Which may involve denying you networked access to everyone else’s property.
Because you might be affected, you think that you and people like you should get to choose how much people that disagree get to be part of modern society? This is how you’re making it sound to me, whether you want to or not. Losing access to a few critical services (banking apps, play store, gmail, gcal, facebook, twitter etc.) can cripple your ability to network and/or massively reduce your convenience. Inflicting that on someone because they’re not as security-minded as you seems like an unhealthy and unfair approach in the absence of evidence regarding the necessity and utility of these measures. People have begun waking up to the amount of influence these technologies over our daily lives that the discourse has started to shift towards considering them as public utilities where the service provider has fewer rights to discriminate, not more. I don’t say think I conceptually agree with this framing, but it gives you some impression of how important addressing this power imbalance has become to people.
Secondly, this isn’t the early 00s where spam and worms genuinely threatened to bring email as a service worldwide to its knees. Your network will be fine without further reductions in user control.
The way you phrased this paragraph makes it sound as if you’re part of the group deciding this. You are verbally associating yourself with the agents of corporations that have all of the power, but that association is just that – a one sided verbal association. Unless you are an executive at Microsoft, the “you” in this case does not actually have any power. These measures aren’t driven by societal consensus. They’re driven by what corporations can get away with in a market that is dominated by users that are too busy to want to care and too non-technical to be able to care. But just because they can’t discriminate on these matters doesn’t mean that whatever Apple, Google and Microsoft decide is good for them.
Ultimately, there’s always many ways to make your own device more secure. And there are ways to make networks more secure without moving the onus so much on user nodes. But there is very little way for people to circumvent certain kinds platform-side decisions of their tech providers - SafetyNet definitely falls within this category. The idea that users need to give up significant control just to make life easier for the networks and services they often pay for is unsupported to me.
I don’t want our exchange to be particularly hostile and I already feel apologetic for not having been able to find more common ground. But I simply don’t get where you’re coming from or why you’re defending the “rights” of network providers (which I find a weird way to focus the conversation), when the discussion itself is fruitless to phrase in terms of rights.
It’s a jockeying for power over what the future of computing will look like – one where users that don’t work for big tech can have a hand in shaping the digital landscape and make devices serve them OR one where devices exist primarily to be as convenient as possible for corporations, and in which alternative devices do not exist because FOSS has failed to keep up its tech stack and corporations have similar levels of device lockdown across all their products, providing no alternative in the market (This is basically 90% already the case with phones).
-
The security measures of the old days didn’t have to deal with the number of always-on, always-networked devices we have today, and the new threat models which come from that. Claiming that computing “existed… and didn’t collapse in on itself” in the past is no guarantee that the past’s security techniques will be sufficient for the future.
Many modern systems take away your freedom to have a chunk of memory both writable and executable at the same time, for example. Computing didn’t “collapse in on itself” before that, so should we reject
W^Xmodels?It’s a jockeying for power over what the future of computing will look like – one where users that don’t work for big tech can have a hand in shaping the digital landscape and make devices serve them OR one where devices exist primarily to be as convenient as possible for corporations
There already is at least one counterexample in this very thread for remote attestation being useful to entities that aren’t “corporations”. I also do not happen to share the axiomatic beliefs you appear to hold about “corporations” in general – all the wonderful FOSS you no doubt use and love exists today largely because of corporations sponsoring and supporting development, for their own ends!
device lockdown across all their products, providing no alternative in the market (This is basically 90% already the case with phones).
I have never personally treated phones or even most tablets as truly “general-purpose computing” devices. I don’t really want to write code on my phone, or even on the tablet where I’m typing this comment, because the form factor and input mechanisms are horrible for that use case. When I want “general-purpose computing” I turn to a laptop or desktop computer, or to a server running somewhere. And the market seems to be content with that segmentation. If Apple or Microsoft wanted to fully lock down laptops and desktops they already could – they’ve had the technical capabilities for years! – but the fact that they haven’t, and are giving no indication of wanting to, should be a big big sign that people are incorrect in assuming that their imagined dystopia is the explicit and inevitable goal.
(which isn’t taking into account that you explicitly can root at least Android phones, but that gets into the “nobody else is required to network with you after you do” issue that people seem to have trouble accepting)
-
I don’t really want to write code on my phone, or even on the tablet where I’m typing this comment, because the form factor and input mechanisms are horrible for that use case.
Sure, doing the actual coding on a tablet, never mind a phone, isn’t practical. But you should be able to modify the code that runs on your phone and tablet, including platform code, and use such modifications written by others that will never be blessed by the platform vendor. The big platforms don’t serve all users equally well, and users should be free to work around deficiencies in their platforms without then being unfairly discriminated against by applications. This is where I’ll tie this subthread together with a discussion you had with @teiresias, who said that he doesn’t support unrestricted freedom of association because he’s a member of a minority. I’m a member of the same minority (well, kind of; I’m not totally blind but legally blind), and I believe that we shouldn’t be forced to rely on the accessibility solutions handed down to us by platform vendors. We should be free to hack on our own solutions to accessibility problems, at whatever layer(s) of the stack we must. This is why I think applications shouldn’t deny us access simply because we’re not running a stock version of the OS, especially if the OS (e.g. Android) is ostensibly open-source.
-
This is getting to a more productive way to discuss things!
And that’s fine. If you go back and read my initial comments, my issue is with people who want to take an absolutist/moralizing stance based on abstract arguments of “freedom”. That basically always ends uselessly, because they end up defining their position to be the only morally good one (how could it not be? Who would be against freedom?) and anyone who disagrees as morally wrong (since, after all, anyone who disagrees is anti-freedom by definition).
Before any kind of actual productive discussion about the merits of something like remote attestation can even begin, that framing has to be attacked and broken down. Which is what I have tried repeatedly to do here.
And when it comes to the actual discussion, there aren’t any easy answers. There are legitimate issues that might make some entities – especially ones in highly-regulated fields – not want to allow use of an app unless they can verify certain security properties about it. Which then gets into debates about what methods of access they’re obligated to provide, how we’ll ensure that they’re provided equitably, and so on. And as other commenters have pointed out, attestation goes both ways and also lets a user establish trust of a remote service, which is a positive.
But we can’t have those debates if people jump straight into the “I am for freedom, and everyone who disagrees with me on this issue is against freedom” stance.
-
Anyone who knows me can confirm that I’m far from a software freedom absolutist. I even worked on the Windows accessibility team at Microsoft. But I felt some cognitive dissonance the whole time that I was there, because I felt I had become part of an elite group where I believe there shouldn’t be an elite at all. @Anvoker captured this in one of their comments:
what the future of computing will look like – one where users that don’t work for big tech can have a hand in shaping the digital landscape and make devices serve them OR one where devices exist primarily to be as convenient as possible for corporations, and in which alternative devices do not exist because FOSS has failed to keep up its tech stack and corporations have similar levels of device lockdown across all their products, providing no alternative in the market
I want the former. To make it more concrete, I want all disabled programmers to be free to help adapt our devices for our needs (and the needs of non-programmers as well), not just the handful of us that happen to land a job at one of the big tech companies. I took that job in part because I was afraid Windows was headed toward being fully locked down, and I figured I should try to make the best of it.
Even now, I’m not fully consistent; I currently use an iPhone, because it just works better for me than Android, and when I was using an Android phone, I never got serious about hacking it. But others should be able to. Especially future generations of kids who have more time to do such things.
On the general subject of where the line should be drawn between the user’s freedom and the security requirements of services such as banks, I think such services should accept connections from any client that implements the relevant protocols and can authenticate itself as an authorized user of the service. I can see why enforcing the latter requirement would be helped by remote attestation of a secure enclave or similar, to guard against authentication tokens being compromised. But requiring the app to be running on a fully unmodified OEM OS image, including all the UI components that are included in such an image, seems excessive to me. And if I’m not mistaken, that’s what SafetyNet for Android does.
-
-
-
-
-
Say, for example, that you don’t want to have Windows force an update on you. OK, now what? Refusing to apply security updates isn’t just a you problem – you refusing to apply security updates can very easily turn your system into an attacker of my systems. Do I have a right to say that as a condition of network access to my systems you must agree to be a good steward of your systems and take at least some basic steps to prevent that?
If your systems were updated, the point would be moot, because the attempted attacks would be fruitless. Seems like a bit of a strawman. And the illusion of security you might have from controlling what I do with my systems is just that: an illusion. If your systems are at risk, then they’re at risk regardless of what I’m doing, because bad actors will not play by the rules. In this society, there’s always a way around the rules if you have enough money and resources.
-
ubernostrum is saying that because you don’t update your system as fast possible, your system may be subverted by an attacker and be leveraged in a subsequent attack on different systems or the network.
What you’re doing with your system affects the chance that your computer is compromised and used in other attacks. The point is logically valid, I just don’t think the magnitude of the problem can justify the trajectory of loss of user control that we’re on currently. And I don’t see the loss of user control as actually addressing this problem. Services aren’t going to get DDoSed less because my banking app forbids me service due to root.
-
I just don’t think the magnitude of the problem can justify the trajectory of loss of user control that we’re on currently
We live in a world where brand-new consumer devices fresh out of the box get pwned within minutes of being connected to the internet. We live in a world where brand-new installs of content-management systems get pwned within minutes of being turned on. We live in a world where ransomware attacks and data breaches are rampant, virtually all of them targeting entities which refused to engage in some simple and reasonable preventive practices.
We live in a world where the devices and systems that don’t have these problems, or don’t have them to anywhere near the same degree, are the ones you’re arguing against.
So in addition to overestimating the loss of “user control”, I think you also drastically underestimate the scope of the problem.
-
-
If your systems were updated, the point would be moot, because the attempted attacks would be fruitless
This is “if you believe vaccines work then it doesn’t matter if I get vaccinated because you will never get the disease anyway right?” And it’s wrong for similar reasons. I’m “vulnerable” to DDoS regardless of my security patch status, and like vaccines DDoS is partially a statistics game, for again similar reasons. We need “most” machines to be patched for the inevitable unpatched botnets to be small enough to not matter.
-
This is “if you believe vaccines work then it doesn’t matter if I get vaccinated because you will never get the disease anyway right?”
Thanks for comparing me to an anti-vaxer. Let’s get back to the discussion at hand.
I argue that ceding control to manufacturers does not in fact imply greater security for end users. My story below is worth telling, even though I told it in at least two other threads.
Take, for example, my Motorola G6 smartphone. It came from Amazon, bought as a Prime “exclusive”, new for a really good price. There were strings attached, but I didn’t realize it until it was too late.
The bootloader is locked. It stopped receiving security updates in 2020, two years after I bought it. I cannot unlock the bootloader through Motorola’s unlocking program, because the device was gotten through Amazon. I cannot install an up to date ROM on the thing. My hands are tied.
This is what happens when manufacturers have nearly complete control over the devices that you bought and paid for. You are at their mercy. They can force planned obsolescence on you, or prevent you from maintaining a perfectly good and usable piece of hardware.
I would love to have regular security updates on my phone again.
I challenge anyone who really believes that restricting my use of my device leads to greater security to put their money where their mouth is. I’d love to sell a Motorola G6 in good condition. The price is negotiable, as long as it’s above $60.
-
-
And the illusion of security you might have from controlling what I do with my systems is just that: an illusion.
Right now, for the record: do you believe that I have freedom of association? Yes or no?
Because if I do, I can choose who to associate with, for whatever reasons I choose, and you don’t get to force me to do otherwise. It’s not “controlling what you do” for me to say I won’t associate with you, it’s just… me choosing who I will and won’t associate with.
And my freedom of association extends to the network level. If I don’t want to accept traffic from you, you cannot force me to. That’s not me “controlling what you do”, that’s just me choosing who I will and won’t associate with. You are the one demanding to control me and my systems by hinting that I might not have freedom of association, or that you might argue I should be forced to associate with you and accept your traffic even when I don’t want to.
-
Right now, for the record: do you believe that I have freedom of association? Yes or no?
No. But read the long answer. Not absolutely, because absolute freedom of association has been used to justify all manner of discrimination against minorities. I’m a member of a minority group, so I’m not down with the absolute freedom to discriminate.
-
You’re still not going to get to where you want to be, though – yes, many jurisdictions have carved out exceptions to freedom of association to prevent discrimination against minority groups, but they’ve done so due to demonstrated, long-term historical persecution and violence against those groups due to attributes over which they have no control and in which they had no choice, such as their perceived race or ethnicity. People, say, who want to root their Android phones are not one of those groups, so forcing everyone to associate with them is not a justifiable exception, to me.
-
-
-
-
Do I have a right to say that as a condition of network access to my systems you must agree to be a good steward of your systems and take at least some basic steps to prevent that?
I don’t think anyone’s saying you don’t or shouldn’t have the option to do that. Anvoker seems to be saying “Hey, we’ve observed how technology like this has been used to degrade the user experience, and it will continue to get worse unless we discourage the use of technology this way.”
It’s really cool and fair enough you want to control how we use our systems for the sake of your own. That has trended towards not ending well for the freedom of anyone involved except corporate actors.
-
Anvoker seems to be saying “Hey, we’ve observed how technology like this has been used to degrade the user experience, and it will continue to get worse unless we discourage the use of technology this way.”
And I’ve already pointed out that the reason why vendors have been moving to more-secure-by-default systems is the superior user experience. Which is to say: the user experience that comes with reduced fear of anything and everything potentially being a security issue.
It’s really cool and fair enough you want to control how we use our systems for the sake of your own.
I have the right to choose who I will and will not associate with, including at a network level. You’re still free to do whatever you want with your devices, just not to also demand that I engage in unrestricted networked communication with you. Any other arrangement would be you dictating to me what I must do with my own property. Which you assert has bad outcomes, so it’s surprising that you seem to want that.
-
We’re clearly going to be at-odds in determining which experiences are superior for which groups of users.
I have the right to choose who I will and will not associate with, including at a network level.
I don’t believe people are saying you can’t choose. I’m for sure not. You have that right, just users including myself have the right to try and discourage the implementation of these features.
-
-
-
-
-
One thing I’m worried about is having common datatypes established. I guess this falls under “Navigating the crate ecosystem”.
I don’t want every crate to bring in its own Vector2D, Vector3D, LinkedList, Color etc. I don’t use Rust enough to have a good understanding of how painful this is currently, maybe somebody could enlighten me, but every time I run into something like this in C# it’s quite painful. I want the community to agree over time on some infrastructural base for datatypes.
C# minimizes this by having a huge ass standard library. I don’t know what Rust’s approach will be, if any.
-
I think this is less of a problem with Rust, or at least I would redefine the problem as needing a foundational set of traits that everyone implements for their datastructures. Rust traits are a lot more powerful than C# interfaces (particularly with a subset of GATs being stabilized now), and I think they provide a better way forward than requiring the standard library to carry everything.
Rust already has things like indexing, iteration, and hashing baked in to the standard library, but extending that to cover things like: a richer form of key-based access (e.g. the Entry pattern seen in HashMap/BTreeMap), the general class of structure (map/graph/tree/etc.); intrusiveness; whether a data structure is purely functional or not (i.e. changes to the structure create a new structure, rather than mutate the old). This would allow libraries to implement functionality on top of any data structure that implements a requisite set of traits, rather than needing to implement/provide their own.
That kind of thing is much better for the ecosystem in my opinion, but is a hard problem in its own right, because the traits need to be general, but not so general that they are useless because of abstraction overhead. I’m not even sure what the right set of traits are, but I do think there are some missing.
-
-
david_chisnall
8 months ago
|
link
| on:
Remote attestation is coming back. How much freedom will it take?
Conversely, how much will it provide?
The big win for freedom with remote attestation comes from confidential cloud computing. This lets me rent a server in someone else’s data centre and get a strong guarantee that they haven’t tampered with the program I want to run. I can then choose to provision it with encryption keys that let it access encrypted data and have strong guarantees that the cloud provider can’t see the data.
Once you invert the usage model, all of these technologies become things that protect freedom, rather than restricting it. For example, Signal uses this exact technology to allow you to recover an account if you lose your phone, while providing the kinds of rate limits on PIN attempts that you’d normally be able to enforce only with a physically secured device.
-
That’s an interesting thought I hadn’t considered before, but I’m somewhat skeptical, considering that have ton of people using Google cloud services that report you to the police for CSAM without human oversight. Because the debate is lost on “think of the children”, I don’t see how we’ll actually have confidential cloud computing even if it becomes technologically feasible. I also don’t see the industry getting behind using remote attestation in this way that helps freedom. But I can see some knock on effect from companies wanting their cloud computing to be secure and confidential, and this trickling down to more common users.
How do you imagine this tech spreading in a way that is pro-freedom?
-
We (Azure) are actively working on shipping this (and have already launched some things in this space with others announced). Governments are always a bit conflicted, but generally politicians don’t like the idea that we could get at their financial or medical information simply because their bank or hospital uses our services. Similarly, regulators in these sectors want strong legal and technical guarantees that anyone using cloud services is protected against insider threats at the cloud provider.
You can now deploy container instances to Azure and have them run in AMD SEV-SNP VMs, where all memory is encrypted in use and where you get a remote attestation over the container image hash, so that you can be sure that we haven’t tampered with the contents. I wrote about our vision for this last year.
-
-
I’m not sure the example he gives here is necessarily dynamically typed - in a language where you have interfaces and classes, you could simply have a subclass of “callable function” that keeps track of argument counts like the example. I admit it’s more tricky because functions tend not to be “first-class classes” (for lack of a better term).
But, the example is there - the author shows that it’s possible and probably easier to do such things in a dynamic language. Why the disappointment?
I would hazard a guess that such things aren’t exactly common because typically such run-time reflection-based magic is inscrutable and difficult to debug, especially for people who didn’t write the magic themselves. There’s the folk wisdom surrounding metaprogramming that “you should not use it unless you absolutely have to” in language communities that support it in some form or another (eg, macros in Lisps, monkey patching in Ruby, even reflection in Java).
I thought the same thing. The more expressive your static typing system is, especially in the direction of things such as structural typing, the more you gain the ability to substitute an object for another, as long as it fulfills the same contract. You generally cannot substitute an object for a function because statically typed languages prefer to separate the two in the type system, but there’s nothing that would theoretically stop a statically typed language from enabling this feature if it designed its fundamental “type tree” differently. But, implicitly, most people don’t seem to think it is worth it.
In C#, you can use IL weaving with something like Fody to insert code before or after any arbitrary method, solving the use case of the Replacer in a somewhat different manner.
Whenever you write Reflection code in C#, it’s partially like you turned off the type system. You are treating the typing as data and analysis of that would require a “higher order type checker”. It’s a bit surprising that meta-programming tends to be avoided even in dynamic languages, because you would think the downside is lesser.
The downsides to the readability are the same in dynamic and static languages. Except in typed languages, “turning off the type checker” is considered an additional downside because it is a sign you’re working against the grain of the language.