Here's the thing. Building trust and then leaving stuff in has been around forever. The fact that it becomes cheaper does not matter that much (since protection against it is also getting better), but it required you to have a bunch of extremely talented people who has spent much of their life diving into given topic.
Such driven people are usually even hard to buy, they usually would rather get by with enough income and work on interesting projects with interesting people that get some uninteresting work for tons of money. This still does not stop them from working for Malice. But ethics do. Even if not right away, if people see that what they are doing is not quite OK, the talent stops eroding. People quit, productivity drops. That was a good dynamic. Which now will be gone.
It might not be cheap entertainment forever but it will be cheap cv stuffing for a long time, which has already been a major source of low quality contributions before the aipocalypse.
You can run amd64 binaries inside an aarch64 Linux virtual machine. Although they're not supporting Rosetta for macOS apps from macOS 27, the Rosetta support in Virtualization Framework will remain.
That's a less efficient protocol than 9pfs and virtiofs, even if you subtract the encryption.
An example of improving efficiency: virtiofs has a relatively recent feature to map pages from host memory directly into guest memory, but that's a lot of risky acrobatics if your priorities are reliability and isolation...
... but it's not supported by Virtualization Framework's built-in virtiofs "folder sharing". (sad face)
... but someone could build it on top of the new macos 27+ custom virtio device support. (intrigued face)
Containers (those popularised on Linux by Docker) are built on Linux primitives like cgroups and namespaces, so they're running directly on the same kernel, same VFS, often the same FS, etc. Their isolation properties rely on (a) all those Linux features working as expected, and (b) the container runtime setting them up properly.
Depending on your threat model, that's fine, but a lot of people (including me) will say that containers are not a security mechanism.
But macOS requires[1] virtualisation for containers anyway; the security is just a bonus.
The surface of an OS is definitely larger than that of many hypervisors, which is e.g. why browsers often provide their own much narrower sandbox.
On the other hand, in other scenarios, people trust the security boundaries of their working as expected all the time, no? This is the basis of e.g. Android app isolation (every app runs under its own Linux UID/GID), and true multi-user Unix systems trusting the OS's security boundaries to hold have decades of history.
Different threat models. Your typical Android device (and Linux server for that matter, at home or at scale) is not usually running security-sensitive general workloads for multiple tenants in the same OS instance. :-)
I don't think that's right. The threat model for Android for example could well be a malicious third party leveraging a vulnerable app to gain access to your banking app on the same device. There's definitely (meant to be) a security boundary between apps.
These are all security boundaries of a kind, some more effective than others, balancing priorities according to threat model. Running every app on your phone in a hardware virtual machine would be... an expensive choice.
Alan Cox had a pre-netbook netbook smaller than a VHS tape at linux.conf.au 2001, and milled about chatting with colleagues and fanboys while his kernel builds scrolled by in the background. Everyone would gawk at the strange little machine.
It was Japanese, naturally.
At linux.conf.au 2007 we chose a smaller conference bag, designed to carry your electrical accessories and nick-knacks... it turned out to be the perfect size for the new EeePC (and later the MacBook Air 11").
Speaking of which, is there ever going to be another IRL linux.conf.au? I really miss those, and the good old LUG meetups. I'm surrounded by Microsoft people at work day in and day out and I'm desperate to reconnect with my kind.
A few things contributed to its demise: less industry money sloshing around for travel and sponsorships, a growing sense that "Linux" didn't represent the entire community, and a pandemic.
Which left "Everything Open" launching weaker in every sense.
But I don't think Linux or Open Source feel sufficiently radical or inspiring to sustain that kind of community-building (local or global) these days... maybe a "Fuck AI" tech conference. :-D
Nah, not film rates [1], video: NTSC is 30fps and PAL is 25fps because the cathode ray tube scan rate was built around AC power cycles. When low fps truly Hz. Sorry.
[1] generally 24fps because that is culturally what film looks like and people get very weird whenever anyone tries to fuck with it
I'll allow your joke, but NTSC is 60 fields per second, and PAL is 50. Certainly a large portion of content came from film and in PALworld would be shown as even and odd halves of a frame, or in NTSCland as 3 halves of a frame, then two halves...
But actually interlaced content exists too. Each field is independent, there's no frames to speak of.
Early video game systems based on NTSC/PAL ran at 60 fps or 50 fps, but ran off-spec signals to always hit the same half of the display lines (odd or even). 4th gen systems (genesis/mega drive and snes/sfc) had a few games that used interlaced output; later systems had many, running PAL@60Hz became a common option too.
Not only was it built around AC, the technology at the time only allowed for roughly 1/2 the AC cycles rate. People think there was some great reasoning behind 30fps. It was just what was available, essentially.
Hrm, yes-we-scan and printervention are built on SANE and CUPS respectively, which makes sense. But running them in a whole wasm-emulated Linux kernel and userland seems... like a lot.
> I must apologise that I haven’t so far open-sourced any part of this that I don’t have to.
With some blather about commercial opportunities. Which is a weird thing to say without linking to the bits that must be shared (under the terms of the various licenses).
There’s separately a /credits page where I’ve done that, linked from the footer. Perhaps I should link it from the apology too. Tell me if you think I’ve not shared what I have to.
If you just need a single scan every now and then and have an old scanner, I can see this being handy. Installing Linux, battling Windows drivers or buying Vuescan (great as it is) might be enough to make most just give up and take a photo of whatever document they where going to scan.
It is a little much, but if it can be made to "Just Work" by booting a Linux kernel in the browser that it pretty cool and impressive. I'm still a little on the fence about my browser having USB support, but this could be handy for dusins of people.
RE'ing drivers and porting them is one of those things that AI turns out to be really useful for, and there have been a few of such projects posted here already. But of course the author has to drive it in that direction rather than let it just glue stuff together.
If they reverse engineered the drivers then why do they need a virtual cpu and a Linux kernel to run them. Is this reverse engineering or just installing software in a weird environment?
Speaking of not just gluing stuff together with usb/ip could one make a virtual WebUSB host kernel module that could be used by the Linux kernel USB stack? They most likely would not want to do that because then all of the code would be GPL and would have to be shared with the public.
> Giving someone in government the ability to block someone's payments and trusting they won't abuse it might be fine as long as good people remain in power, but do you really want to bet the entire nation's ability to live life on that?
Banking and finance companies honour foreign government sanctions. Ask Francesca Albanese.
Libertarian comparisons of government and non-government behaviour always devolves into angel counting.
It's probably just garden variety disrespectful behaviour.
Purposeless agent spam won't be cheap entertainment forever, but you're right that later stages of industrialised abuse will be scary and unpleasant.
reply