You can audit your dependencies for crates with security vulnerabilities reported to the RustSec Advisory Database, also block unmaintained crates, and enforce your license requirements using SPDX expressions with cargo-audit and cargo-deny.
You can ensure that third-party Rust dependencies have been audited by a trusted entity with cargo-vet.
And you should have taken a look at where those 3M locs come from, it's usually from Microsoft's windows-rs crates that are transitively included in your dependencies through default features and build targets of crates built to run on windows.
Sure they are AGI. Just let one execute in while (1) and give it the ability to store and execute logic rag-like. Soon enough you're gonna have a pretty smart fellow chugging along.
This has always made queries unpredictable in many scenarios and it should be a feature to turn nulls off entirely and swap them out with Option<T> instead.
I don't care about some scores going up. Newer models need to stop regressing on tasks they were already good at. 4o sucks at LLVM and related tasks were as legacy GPT 4 is relatively ok at it.
What if the DRM/license was based around offering binaries built with 8/16/32/64 bit limits in data types and max records per table, each being its own edition and priced accordingly? Eg yearly license of $8/160/3,200/640,000.
It's very creative! LOL
But in practice most my tables that are uncapped end up with IDs are 64bits and i suspect not being the only one.. 32b is in fact quite small ~ 4B rows.
And so you would pay for the largest tier as it sounds like you have big data needs? ;P Whereas my company--which only had tens of millions of users and millions of dollars a year in revenue--certainly never had any tables with more than 4 billion rows... (not that I think this licensing model works or makes any sense at all, to be clear).
Ultimately security is incompatible with backwards compatibility. All OSes in prod today need to be rebuilt from the ground up to be secure for the next century. That means throwing out a lot of code too. It's the cost to pay.
It’s not just power users either. Regular Windows users howled with outrage when they had to enter their password to permit software to do a privileged task.
Not necessarily “all the safeties off.” I’d define that as like, running as root always.
It’s more about not being locked out of actual admin access to my own computer.
I expect to have at minimum a developer mode that allows me to enter my password to allow me to run whatever code I want without OS vendor blessing. Heck, add a small coding challenge to unlock it. Whatever.
It kind of sounds like you're advocating the type of security where the computer is secure against its owner, can't be programmed by its owner, doesn't support modifications to the OS, and so on. Is that right, or so you envision a highly secure system that can be controlled by its owner?
Compartmentalization is only a part of the solution. Once you have that finished, you still need to deal with the actual vulnerabilities in guests, which will contain your secrets and be exposed to the internet, one way or another.
In what way are [1] not “full OSes”? They’re minimal templates, but afaik they still run systemd, the kernel, etc. needed to boot the standard Linux systems they are.
If you set it up, users can run anything themselves. Just use the start menu and the apps will automatically run in the corresponding VMs (shown as windows with colored borders).
I set up Qubes OS for and with technical, less-technical and non-technical people and I very much disagree. It only works well for those who are prepared and motivated to learn, and even then, it sometimes can be frustrating.
The copy-pasting between VMs, mentioned in a sibling, requires four steps: (1) copying to the source VM's clipboard, (2) copying to the global clipboard, (3) copying to the destination VM's clipboard, and (4) pasting to the destination. The shortcuts become part of your muscle memory after some use, but until they are, that is just one way in which Qubes gets in the way of productivity.
There are a bunch of minor quirks, often specific to the hardware, which the user needs to learn about and find workarounds for. But if they do, Qubes is probably the most seamless way to work with tons of (well-isolated) VMs. For example, SecureDrop [0] is based on Qubes and does seem to work well for journalists for securely receiving and working with documents from anonymous sources.
Everything that works on Linux will generally work on Qubes, apart from the GPU-heavy applications [0], which will be addressed in the future [1]. Copying and pasting works fine [2]. OK, music production may not be possible at the moment [3].
Can't comment on music production since I don't produce music (could be the need for realtime).
Discord runs fine both in-browser and in application. Raptor Lake seems to have zero issue with video voice chat, whereas Comet Lake can drag a bit in large rooms without a GPU. Qubes OS makes it dirt easy to multiprofile from all around the world.
I don't really game like others do; eye candy doesn't draw me in, but solving interesting puzzles/challenges does.
Copy & paste is superior in Qubes, skill issue sorry not-sorry. GIT GUD!
We really should, if for no other reason than to silence those who think that every Linux/BSD box connected to a network is being rooted every 5 mins because they are written in C.
That's if they ever get around to bringing such a Rust-based OS up to enterprise level rather than spouting off about this belief on HN all day every day.
Is there an appliance or offline service to setup a private CA, do secure remote attestation, and issue certificates only to authenticated peers? Also preferably with fido2 support for administrative purposes.
There is a contradiction on the first page. If "ballots are signed by the voter credential" then there is no vote privacy.
Electronic voting system must be prohibited across the board. Every system is vulnerable, electronic system are all remote controllable, I much prefer to have a person within the jurisdiction to go after than someone outside of it.
I don't understand howhy it's ever made out to be more complex than that.
You can ensure that third-party Rust dependencies have been audited by a trusted entity with cargo-vet.
And you should have taken a look at where those 3M locs come from, it's usually from Microsoft's windows-rs crates that are transitively included in your dependencies through default features and build targets of crates built to run on windows.
reply