Security implications? This is a win for distributed security - it's a "vulnerability" in the sense of the end of a movie where the evil overlord's plan falls apart.
> This vulnerability could be used by an adversary to compromise confidential computing workloads protected by the newest version of AMD Secure Encrypted Virtualization, SEV-SNP or to compromise Dynamic Root of Trust Measurement.
I don't know whether the people who write this upside-down corpo newspeak are so coked up on the authoritarian paradigm that they've lost touch with the reality, or if they're just paid well enough by the corpos to not care about making society worse, or what. But I'll translate:
This "vulnerability" might be used by the owner of a computer to inspect what their computer is actually doing or to defend themselves against coercion aiming to control the software they're running.
These stories remind me of a story from Discover Magazine https://www.discovermagazine.com/technology/evolving-a-consc...
A researcher was using a process to "evolve" a FPGA and the result was a circuit that was super efficient but worked in ways that were unexpected: part of the circuit seemed unconnected to the rest but if removed the whole thing stopped working and it would only work at a specific temperature.
Of course. When I go to places like that, it's because I want to consume. When I go to a store, when I open the store app, it's because I want to see products. That's the whole point. In those cases, it's not advertising, it's information.
The problem with computers today is you get advertised to no matter what you do. Can't boot goddamn Windows without it finding an excuse to show you stupid Taboola ads. Can't open a simple website without being literally flooded with ads all around the "content". This "content" is just an incidental abstraction, an arbitrary square on the screen that ads mold themselves around like parasites. It doesn't matter what the "content" is, it could be anything that draws in users, the real product is their attention being captured by the ads.
I really, really want to believe this but I don't think I can. Over the past several years there has been an unquantifiable but subjectively enormous shift in the atmosphere of the cryptocurrency world. At one point it shifted from being about paranoid hackers and techies trying to create a way of doing transactions that was free from trusted third parties to being essentially a space for grifters to shill shitcoins and idiots to buy them. Bitcoin went from being a thing with a radical, revolutionary purpose in the world to being "look, price graph goes up," and this fills me with a deep sense of foreboding.
It increasingly feels like we are in a time when anything with any potential to harm the Regime (such as web, bitcoin, etc) just gets defanged and absorbed into the system. In a few years, your web browser will probably transmit the details of your mandatory TPM chip to facebook, netflix, etc so they can uniquely identify all devices with complete precision and deny access to unapproved (user-controlled) computers. Microsoft already only allows users to install other OSes/bootloaders on new computers by their good grace. The keys are theirs, not yours.
With bitcoin we already have KYC/AML ruthlessly enforced at every onramp/offramp. It is already very hard to transact between fiat and crypto without presenting some form of government-issued identification, and it will only get harder as time goes on, I don't see how you could reverse this process. And that culture shift is important because the people whose voices are most dominant within the "crypto sphere" today don't seem to give a shit, really. The crypto people we have now seem to lack the deep, fundamental commitment to human freedom, privacy, and security that was the animating force behind the creation of bitcoin. I desperately want to believe that it still survives and I'm just not seeing it somehow. But I simply can't.
Fun fact and one of my dinner party anecdotes; I have the accepted answer for one of Ross Ulbricht’s (Silk Road’s Dread Pirate Roberts) SO questions that got him busted.
The common thread about those non-spam transactional e-mails you mention is also that they're usually barely above plaintext. They usually contain some minimally styled table, and some of the company colors. Maybe their logo somewhere. That's in stark contrast from the spam these same companies send, which is where all that "Real Money To Spend on a graphic designer" goes. Compare e.g. the spam PayPal sends you vs. the e-mails confirming payments you've made. In my experience, this is pretty universal.
And speaking of universal heuristic, in my experience, the quality and relevance of content is strongly inversely correlated with the quality of design. The prettiest websites out there are ones that deliver negative value. The best designed (according to modern trends) user interfaces are the ones with worst ergonomy, wasting user time the most.
And yes, the subset of spam that's most recognized - ED pills, reproductive organ enlargement, members of royalty looking for help managing their finances - they tend to be very simply designed. But their distinguishing feature isn't simplicity of design. It's the carelessness. Typos, bad grammar, highly visible formatting mistakes, etc. When, on occasion, one of that "old school" spam messages tries to pose as a legit transactional e-mail, you can see through the deception by noticing the carelessness in replicating the design of the company being impersonated.
The number of extra tools used in this article boggles my mind.
Are you writing a simple library? Create a setup.py. Copy paste an existing setup.py and modify it to suit your purposes. Now you have a working, pip installable python package.
Want to publish to PyPI? Use twine. It's standard and it's simple.
You don't need complicated tooling for simple projects.
Regarding SQLite's performance, some things I've found very useful:
Use WAL mode (writers don't block readers):
PRAGMA journal_mode = 'WAL'
Use memory as temporary storage:
PRAGMA temp_store = 2
Faster synchronization that still keeps the data safe:
PRAGMA synchronous = 1
Increase cache size (in this case to 64MB), the default is 2MB
PRAGMA cache_size = -64000
Lastly, use a modern version of SQLite. Many default installations come with versions from a few years ago. In Python for example, you can use pysqlite3[0] to get the latest SQLite without worrying about compiling it (and it also comes with excellent compilation defaults).
I completely disagree. I use a Mac for work and basically never leave the terminal and browser. The "finder", which is a terrible name btw, is a completely useless file explorer. For everything a shortcut is needed, and they never make sense. Opening a file? Some key + down. What does Enter do? Renames a file. Okay, deleting a file? I don't know I forgot again. Want to drag and drop? Be real careful that the too-smart-for-its-own-good touchpad doesn't think you are pressing too hard, and don't spend too much time scrolling on top of a folder or it will autommatically expand. But hey at least you have Favorites right? What a wonderful idea, favorites in a file explorer, let's see what they are: first off you have airdrop, which I never enabled and never will. Then you have Recents. What is this about? They are not recent files created via command line, but some random collection of files that Finder thought they knew better about what to call recent, a complete waste of your time. Next you have Applications: What a wonderful idea, to list programs in the file explorer, even though they cannot be interacted in the usual way not have any file navigation to be seen. I guess the only purpose is to be able to drag files into this folder so easily impressed children are amazed by not having seen an installer running. Next you have the desktop favourite, which is important since I don't know any other way of acessing the desktop and it is quite a fitting name for the place only used for screenshots to be created in basically. Finally you have documents and downloads, which are the only real favourites of the bunch. Next you have an ad for the Apple cloud service, and finally you have tags, which I suppose let you aggregate files by color for children that haven't been taught about folders yet. Done with your work? Closing it just hides all windows, to really close the app you have to select Quit from the navigation bar. So at the end of the day I have to select my favorite windows and manually close all others.
If there is any consistency is that I can rely on having a bad experience and anything other than using the touchpad to switch between the same two apps will be better done on another OS.
When I read content like this, I can't help but be reminded of Bryan Cantrill's talk at USENIX entitled "Fork Yeah! The Rise and Development of illumos" from 2011 [1].
Some personal favorites:
> You actually don't need to be open-minded about Oracle. You are wasting the openness of your mind.
> What you think of Oracle, is even truer than you think it is. There has been no entity in human history with less complexity or nuance to it than Oracle.
> You need to think of Larry Ellison the way you think of a lawnmower. You don't anthropomorphize your lawnmower, the lawnmower just mows the lawn, you stick your hand in there and it'll chop it off, the end. You don't think "oh, the lawnmower hates me". The lawnmower doesn't give a shit about you, the lawnmower can't hate you. Don't anthropomorphize the lawnmower. Don't fall into that trap about Oracle. [...] The lawnmower can't have empathy.
> I worry for Gen Z because they're tiny-mobile-device native. And the only usable tiny mobile devices are walled gardens.
Without the ability to grow up playing with system level software, combined with the software industry's unwillingness to pass on institutional knowledge to younger generations, I fear we are already on a path towards a civilization that loses a lot of the technological capability we currently enjoy.
I recommend Jonathan Blow's talk "Preventing the Collapse of Civilization"[1] for an unsettling view of how far we have already traveled down that path.
If you're interested, check out the paper called "How to Use Indistinguishability Obfuscation" by Sahai and Waters. They were able to prove some very surprising things -- including how to hide a private key by way of iO.
> This vulnerability could be used by an adversary to compromise confidential computing workloads protected by the newest version of AMD Secure Encrypted Virtualization, SEV-SNP or to compromise Dynamic Root of Trust Measurement.
I don't know whether the people who write this upside-down corpo newspeak are so coked up on the authoritarian paradigm that they've lost touch with the reality, or if they're just paid well enough by the corpos to not care about making society worse, or what. But I'll translate:
This "vulnerability" might be used by the owner of a computer to inspect what their computer is actually doing or to defend themselves against coercion aiming to control the software they're running.