That was mostly not public until now. So apple cooperated. But having the US state demand cooperation publicly? nono, that's gonna hurt the company's reputation. Now they do biggest drama possible, to pretend they actually cared about their customer's data. They care about their reputation, and about their money. Nothing. else.
But kudos to Mr. Cook, its a cool marketing story.
Finally we have a debate on whether or whether not the state should have access to people's personal data. This is what snowden wanted, his goal is reached.
I'm not sure whether the bead will help, but I know that noise suppression that's required by usual regulations (CE label in the EU) doesn't prevent information leakage.
Its more than just cases, you have to "clean" every cable connected to the machine as well. If the laptop had been connected to power, the researcher's job would have been much easier.
We know its syntax is a step backward from C, C++, Java, C#, and even PHP.
Rust has many improvements over C/C++ syntax wise:
* syntactic macros, not "string replacement" macros * scoped macros -- you don't pollute macro space * scoped imports * Nested comments -- no #if 0 trick needed to comment out code that contains block comments * Blocks {} can have a return value, the ; sign is a separator, not a terminator * If the compiler can find out the type of something, it is implied, otherwise you have to provide it. Only in recent C++ this is possible with the auto keyword.
Where is the "step backward" you talk about? Yes, they have abandoned the ? operator but that's no catastrophy, is it?
We know its resource management approach is confusing, even when you understand how it works and how to use it.
The resource management is in fact very useful, and I think the strong mutability requirements are a feature. I don't deny that sometimes its confusing, and that it contributes to rust's steep learning curve. But still, git has a steep learning curve as well, and there its certainly worth the effort, too.
according to its issue tracker it's really buggy
Yes, the repo counts 2302 open bugs, but they track feature requests in their issue tracker too. The actual bugs are much less.
We know there's only one implementation of it
Rust is a young language, and unfortunately there is only one implementation of it. Perhaps later on we'll get more implementations.
We know it took them fucking forever get Rust 1.0 out the door, and even then it wasn't stable.
Parts of rust are stable, parts aren't. If you use a release or beta channel rust compiler you only can use stable APIs. The fact that you see unstable features in the API docs as well is only to inform you what's upcoming.
We know that C++ has continued to evolve and can offer pretty much everything Rust offers.
You can write safe code in C++, but there is no guarantee. And C++ is promised to be backwards compatible. It has to support all the unsafe constructs that were introduced some day, most of them inherited from C. And yes, probably a C++ linter can do most of the job rust does as well, but as of now I haven't heard from a good free as in software linter that is as strict as rustc, and when you have to fix tons of linter warnings, you most times still have to basically do a rewrite of the program already. Then you can also rewrite it in rust.
We know that the Rust community is quite totalitarian, with an intolerant code of conduct and a mod team to take out anyone they don't like.
I agree, and think their "code of conduct" is very harmful to their project and makes people think that everybody who likes rust is an SJW. I claim to like rust and hate SJWs.
We question Mozilla's future
Mozilla is the biggest threat to rust's future, I agree. They had managed to publish a quite stable browser for ten years or so, but since 2014-ish they are acting weirdly, and this does impact rust negatively. I hope that rust will stay stable, and won't introduce breaking changes.
We ignore Rust because it just isn't a viable option!
Well yeah it isn't a viable option for super-big projects just yet, with less than one year of stability. Perhaps in five or more years rust has gained enough maturity and large enough support from the industry that its "too big to fail".
It should be obvious that "compiles" and "doesn't crash" isn't the same thing as "works as intended"
True. In fact, even rust can crash under certain circumstances. For example, when the stack gets too large, or when a heap allocation fails. But all crashes of rust are "safe", meaning that they usually don't allow for data modification. And yes, rust doesn't guarantee freedom from bugs. But it does eliminate whole classes of bugs. On the path to more secure programs we do need languages with more additional safety, not less.
What programmers need to learn is good programming habits and discipline.
And the rust compiler enforces precisely those. Without enforcement (or warnings) you go nowhere. Rust's ownership concepts allows one to do multithreading without any fears. Consider a codebase with 500k lines and multiple threads: do you know when and how some thread accesses a shared resource? Most times not.
So the claim is that Rust isn't a systems programming language? Or is the claim that rust doesn't protect you from bugs like this? I'd say both claims are wrong.
The FCC aren't enforcing it, yes, and I agree that it was not their goal. Still the impact of their decision remains the same.
You can run apps on Android devices. That's the single reason why android devices have separation, even though separation costs more in manufacturing. For routers, separation just isn't an option economically.
If the FCC had cared, it would have required separation, or just left the state as it was, but they didn't do either.
Contact-less payments are dumb, and lead to precisely this kind of abuse. I mean it could be a simple confirmation, a single swipe on the screen or something (when talking about smartphone based payments). And contact-less keys can simply have a button you have to press before unlocking.
If apple will ever help, they will do it in secret, and claim in public they still can't break in. Everybody gets what they want: the FBI can spy, apple loses no customer to "privacy phones", and the people think their data is private. Too bad the justice system is public.
C# is Microsoft's copy of Java. Its garbage collected and runs in a VM. Just like java. They even had a language called J# for a while (guess what its a copy of), but abandoned the project.
Java and C# and the like fill a nice niche. Nobody really wants to touch javascript, its more a mess than a language (C++ is a mess too, with std having been very limited in the past, before C++11, and thus every major codebase using their own NIH containers and stuff, but javascript is much much worse). And python has this issue with obligatory indentation.
All the new JVM based languages that are popping up are just syntactic sugar on top of Java. The real concepts can't be shaken, as the JVM is pretty much limited in what it can do and what it can't.
Telling from the examples, Kotlin seems to be a good example: Yet another poor copy of Java with some "obsolete" things like the semicolon removed (why is there so much hate for it?), and you write "fun" instead of "function". So what. I don't think this makes me more productive than Java. Its just for all the people who keep preaching "java is shit" because they've heard it somewhere and now they want to use a "much better" language.
If Kotlin suits, Java is fine for the job as well, and most likely its even better.
But dictatorships are cool as long as the dictator is pro-US right?
I think its a sad truth that some countries aren't really ready for a democracy. In most islamic countries for example, a western like democracy is impossible. The moment the parliament votes for more rights for women, the imams will preach against the government, and by Friday the government is overthrown. The arab spring in syria helped perhaps russia get a weaker position, but mostly it promoted islamic radicalism, which is in my eyes far worse. Assad is a dictator, yes, but at least he kept the state secular, allowing freedom for religious minorities like christians etc. Just look at what happened in india where the hindus took over, they use their political position to promote their religion.
Russia had free votes once, but they became a dictature again. It all just depends on the political and cultural ambitions of powerful people in the country. In european countries the (christian) churches promote democracy, in poland they even helped democracy to be reestablished. Even most muslim organisations at least claim to support democracy. In russia, the church is actively working against democracy. And the oligarchs want to be kept alone as well, nobody wants any scandals to be brought to the public by some over-eager investigator.
For a democracy, the people have to support it, actively. If that's not the case, the US president can do whatever they want, but the country doesn't become a democracy. The most powerful man of the world isn't powerful enough for that.
You don't know how the car industry works, do you? The car lobby is working hard that the next trade treaty cuba makes with any foreign country except perhaps venezuela will contain provisions for enhanced car safety and emmision values. And all those cars will have to be dumped, and new ones bought, that only work for five years each.
Progress has put people out of work all the time, for centuries already. But the economy always found new things people could work on. Think of hospitals. In the past, going to a hospital was something for the rich. Nowadays, many more people have access to health services. Or prisons. They were horrible places. Nowadays human dignity is preserved in first world prisons. We also build "pointless" machines like gravitational wave detectors or particle accelerators, and have whole industries which do nothing else than entertainment (movies, games, TV, etc).
Earth quake warnings in fact were a thing even before the concept of "apps" were invented (yes, probably the apper troll considers this luddite now): https://en.wikipedia.org/wiki/...
So yeah this now gets "upgraded" to the smartphone age: if you don't install this app and register with your email, and let the app monitor your activity, and whatever it does, you won't get an earthquake warning in advance and are probably more likely to die. Yeah, quite cool app.
They just lower the price so that its below all regernative energy, and if we develop the new solar collector that is even cheaper to produce, oil will get even cheaper. The spiral only ends at the price of the extraction of the fossile sources and that's pretty low, we won't get green energy so cheap in this half of the century, especially as extraction will probably get cheaper as well (better technology etc).
The only real option to meet the 2 degree goal is to get all countries together and to not let the stuff out of the earth. Otherwise someone somewhere burns it, whoever it is. Even if you banned all fossile energy in your country, there are many other countries more than eager to buy the oil. Industrial revolution of Africa? The chinese are already preparing it.
The actual payload won't be exchanged the "direct" way, involving communication over port 80 or 443, but instead it will be communicated via WebRTC js APIs. They allow for P2P communication if the website authorizes it.
Yes, I do agree, most of the CVEs base on C/C++'s insufficient protections. They are simply languages not designed for security. Using non-unsafe rust will let the CVE world dry up, at least most of the parts, or push to the hardware boundary (exploiting stuff in the driver etc). But still I think that non-unsafe rust does have an existing runtime overhead, like the force to initialize all arrays even if you later on fill them with a loop, or the constant array bound checks. Perhaps its a good idea to demand hardware vendors to implement some trap-on-out-of-bounds stuff (There are discussions inside the rust community to do it), but until then it is a real non-zero overhead. So Rust will mean problems for most if not all hotpath code. But stuff that's required but not too performance critical (like some font parsing library, it runs only at load time) is the ideal target for rust.
Slashdot Mirror
That was mostly not public until now. So apple cooperated. But having the US state demand cooperation publicly? nono, that's gonna hurt the company's reputation. Now they do biggest drama possible, to pretend they actually cared about their customer's data. They care about their reputation, and about their money. Nothing. else.
But kudos to Mr. Cook, its a cool marketing story.
Finally we have a debate on whether or whether not the state should have access to people's personal data. This is what snowden wanted, his goal is reached.
+1 funny
That's why the GPL is so good for embedded devices, and why so many embedded device vendors hate it.
I'm not sure whether the bead will help, but I know that noise suppression that's required by usual regulations (CE label in the EU) doesn't prevent information leakage.
Its more than just cases, you have to "clean" every cable connected to the machine as well. If the laptop had been connected to power, the researcher's job would have been much easier.
We know its syntax is a step backward from C, C++, Java, C#, and even PHP.
Rust has many improvements over C/C++ syntax wise:
* syntactic macros, not "string replacement" macros
* scoped macros -- you don't pollute macro space
* scoped imports
* Nested comments -- no #if 0 trick needed to comment out code that contains block comments
* Blocks {} can have a return value, the ; sign is a separator, not a terminator
* If the compiler can find out the type of something, it is implied, otherwise you have to provide it. Only in recent C++ this is possible with the auto keyword.
Where is the "step backward" you talk about? Yes, they have abandoned the ? operator but that's no catastrophy, is it?
We know its resource management approach is confusing, even when you understand how it works and how to use it.
The resource management is in fact very useful, and I think the strong mutability requirements are a feature. I don't deny that sometimes its confusing, and that it contributes to rust's steep learning curve. But still, git has a steep learning curve as well, and there its certainly worth the effort, too.
according to its issue tracker it's really buggy
Yes, the repo counts 2302 open bugs, but they track feature requests in their issue tracker too. The actual bugs are much less.
We know there's only one implementation of it
Rust is a young language, and unfortunately there is only one implementation of it. Perhaps later on we'll get more implementations.
We know it took them fucking forever get Rust 1.0 out the door, and even then it wasn't stable.
Parts of rust are stable, parts aren't. If you use a release or beta channel rust compiler you only can use stable APIs. The fact that you see unstable features in the API docs as well is only to inform you what's upcoming.
We know that C++ has continued to evolve and can offer pretty much everything Rust offers.
You can write safe code in C++, but there is no guarantee. And C++ is promised to be backwards compatible. It has to support all the unsafe constructs that were introduced some day, most of them inherited from C. And yes, probably a C++ linter can do most of the job rust does as well, but as of now I haven't heard from a good free as in software linter that is as strict as rustc, and when you have to fix tons of linter warnings, you most times still have to basically do a rewrite of the program already. Then you can also rewrite it in rust.
We know that the Rust community is quite totalitarian, with an intolerant code of conduct and a mod team to take out anyone they don't like.
I agree, and think their "code of conduct" is very harmful to their project and makes people think that everybody who likes rust is an SJW. I claim to like rust and hate SJWs.
We question Mozilla's future
Mozilla is the biggest threat to rust's future, I agree. They had managed to publish a quite stable browser for ten years or so, but since 2014-ish they are acting weirdly, and this does impact rust negatively. I hope that rust will stay stable, and won't introduce breaking changes.
We ignore Rust because it just isn't a viable option!
Well yeah it isn't a viable option for super-big projects just yet, with less than one year of stability. Perhaps in five or more years rust has gained enough maturity and large enough support from the industry that its "too big to fail".
It should be obvious that "compiles" and "doesn't crash" isn't the same thing as "works as intended"
True. In fact, even rust can crash under certain circumstances. For example, when the stack gets too large, or when a heap allocation fails. But all crashes of rust are "safe", meaning that they usually don't allow for data modification. And yes, rust doesn't guarantee freedom from bugs. But it does eliminate whole classes of bugs. On the path to more secure programs we do need languages with more additional safety, not less.
What programmers need to learn is good programming habits and discipline.
And the rust compiler enforces precisely those. Without enforcement (or warnings) you go nowhere. Rust's ownership concepts allows one to do multithreading without any fears. Consider a codebase with 500k lines and multiple threads: do you know when and how some thread accesses a shared resource? Most times not.
So the claim is that Rust isn't a systems programming language? Or is the claim that rust doesn't protect you from bugs like this? I'd say both claims are wrong.
The FCC aren't enforcing it, yes, and I agree that it was not their goal. Still the impact of their decision remains the same.
You can run apps on Android devices. That's the single reason why android devices have separation, even though separation costs more in manufacturing. For routers, separation just isn't an option economically.
If the FCC had cared, it would have required separation, or just left the state as it was, but they didn't do either.
The FCC didn't claim this would happen, and it still happened. Congrats, FCC!
who said this is a good idea the first place?
Contact-less payments are dumb, and lead to precisely this kind of abuse. I mean it could be a simple confirmation, a single swipe on the screen or something (when talking about smartphone based payments). And contact-less keys can simply have a button you have to press before unlocking.
Told my parents to keep their surveillance cams offline and not connected to the internet. TFA is yet another confirmation that this was a good idea.
If apple will ever help, they will do it in secret, and claim in public they still can't break in. Everybody gets what they want: the FBI can spy, apple loses no customer to "privacy phones", and the people think their data is private. Too bad the justice system is public.
C# is Microsoft's copy of Java. Its garbage collected and runs in a VM. Just like java. They even had a language called J# for a while (guess what its a copy of), but abandoned the project.
Java and C# and the like fill a nice niche. Nobody really wants to touch javascript, its more a mess than a language (C++ is a mess too, with std having been very limited in the past, before C++11, and thus every major codebase using their own NIH containers and stuff, but javascript is much much worse). And python has this issue with obligatory indentation.
All the new JVM based languages that are popping up are just syntactic sugar on top of Java. The real concepts can't be shaken, as the JVM is pretty much limited in what it can do and what it can't.
Telling from the examples, Kotlin seems to be a good example: Yet another poor copy of Java with some "obsolete" things like the semicolon removed (why is there so much hate for it?), and you write "fun" instead of "function". So what. I don't think this makes me more productive than Java. Its just for all the people who keep preaching "java is shit" because they've heard it somewhere and now they want to use a "much better" language.
If Kotlin suits, Java is fine for the job as well, and most likely its even better.
But dictatorships are cool as long as the dictator is pro-US right?
I think its a sad truth that some countries aren't really ready for a democracy. In most islamic countries for example, a western like democracy is impossible. The moment the parliament votes for more rights for women, the imams will preach against the government, and by Friday the government is overthrown. The arab spring in syria helped perhaps russia get a weaker position, but mostly it promoted islamic radicalism, which is in my eyes far worse. Assad is a dictator, yes, but at least he kept the state secular, allowing freedom for religious minorities like christians etc. Just look at what happened in india where the hindus took over, they use their political position to promote their religion.
Russia had free votes once, but they became a dictature again. It all just depends on the political and cultural ambitions of powerful people in the country. In european countries the (christian) churches promote democracy, in poland they even helped democracy to be reestablished. Even most muslim organisations at least claim to support democracy. In russia, the church is actively working against democracy. And the oligarchs want to be kept alone as well, nobody wants any scandals to be brought to the public by some over-eager investigator.
For a democracy, the people have to support it, actively. If that's not the case, the US president can do whatever they want, but the country doesn't become a democracy. The most powerful man of the world isn't powerful enough for that.
Those parts I think have to be done by humans AFAIK. Or at least the pilots keep claiming it so that they don't lose their job to automation.
You don't know how the car industry works, do you? The car lobby is working hard that the next trade treaty cuba makes with any foreign country except perhaps venezuela will contain provisions for enhanced car safety and emmision values. And all those cars will have to be dumped, and new ones bought, that only work for five years each.
result in an accident that could make humans more susceptible to disease rather than less.
Zombies? Where is my shotgun when I need it?
Progress has put people out of work all the time, for centuries already. But the economy always found new things people could work on. Think of hospitals. In the past, going to a hospital was something for the rich. Nowadays, many more people have access to health services. Or prisons. They were horrible places. Nowadays human dignity is preserved in first world prisons. We also build "pointless" machines like gravitational wave detectors or particle accelerators, and have whole industries which do nothing else than entertainment (movies, games, TV, etc).
Earth quake warnings in fact were a thing even before the concept of "apps" were invented (yes, probably the apper troll considers this luddite now): https://en.wikipedia.org/wiki/...
So yeah this now gets "upgraded" to the smartphone age: if you don't install this app and register with your email, and let the app monitor your activity, and whatever it does, you won't get an earthquake warning in advance and are probably more likely to die. Yeah, quite cool app.
They just lower the price so that its below all regernative energy, and if we develop the new solar collector that is even cheaper to produce, oil will get even cheaper. The spiral only ends at the price of the extraction of the fossile sources and that's pretty low, we won't get green energy so cheap in this half of the century, especially as extraction will probably get cheaper as well (better technology etc).
The only real option to meet the 2 degree goal is to get all countries together and to not let the stuff out of the earth. Otherwise someone somewhere burns it, whoever it is. Even if you banned all fossile energy in your country, there are many other countries more than eager to buy the oil. Industrial revolution of Africa? The chinese are already preparing it.
The actual payload won't be exchanged the "direct" way, involving communication over port 80 or 443, but instead it will be communicated via WebRTC js APIs. They allow for P2P communication if the website authorizes it.
SOP doesn't really affect this.
Yes, I do agree, most of the CVEs base on C/C++'s insufficient protections. They are simply languages not designed for security. Using non-unsafe rust will let the CVE world dry up, at least most of the parts, or push to the hardware boundary (exploiting stuff in the driver etc). But still I think that non-unsafe rust does have an existing runtime overhead, like the force to initialize all arrays even if you later on fill them with a loop, or the constant array bound checks. Perhaps its a good idea to demand hardware vendors to implement some trap-on-out-of-bounds stuff (There are discussions inside the rust community to do it), but until then it is a real non-zero overhead. So Rust will mean problems for most if not all hotpath code. But stuff that's required but not too performance critical (like some font parsing library, it runs only at load time) is the ideal target for rust.