Make sure you watch the Big Blue, in the original French (not US, has the wrong soundtrack) version, but with the original(!) English speech, not the dubbed-to-French version.
Smoke free perhaps but not nicotine free by far. I live in Denmark and have a teenage son, he tells me that 90% of girls at his year are hooked on illegally imported and unregulated vapes, much stronger in nicotine than cigarettes, and in some cases loaded with fentanyl and other drugs. We have had the first couple of deaths of 15-year olds already.
Meanwhile, the parents' generation and politicians are looking at the declining cigarette sales (and declining tax revenues) and are busy declaring victory and self-congratulating, with no idea what is coming.
It is not that long ago that smartphones would die from moisture exposure if you left them in the bathroom while taking a shower. I had a girlfriend around 2001 who spent all her savings on a shiny new Nokia 8250, got drunk and barfed on her jacket. The phone was in the pocket, and the moisture from the wet jacket completely killed it, she cried about it for weeks. I also remember my mother dropping her iPhone 6 in the harbor while getting off a boat, it got picked up but was dead. Last year I was out hiking in the rain, and my aging (5+ years old) iPhone 11 got water inside it and started dying soon after (I'd been sailing/swimming with the phone and had exposed it to salt water, apparently that will wear down the seals if you do it enough.)
In other words, I absolutely see the need for waterproof phones, even for ordinary people doing ordinary things, and am never going to buy one that isn't.
In Denmark, wind mills were initially quite popular, because locals owned them and benefited. The iconic wind farm Middelgrunden on the waters outside of Copenhagen is 50% owned by a co-op.
Good point, an int3 is not going to be faster than a syscall, and if they implement the sandboxing policy in guest userspace is seems it would be quite easy to disable.
I think the point here is optimizing for the common case, the untrusted code is still running inside a VM, so you can still trap malicious or corner cases using a more heavy-handed method. The blog post does mention "self-healing" of JIT-generated code for instance.
It is possible to restrict the call-flow graph to avoid the case you described, the canonical reference here is the CFI and XFI papers by Ulfar Erlingsson et.al. In XFI they/we did have a binary rewriter that tried to handle all the corner cases, but I wouldn't recommend going that deep, instead you should just patch the compiler (which funnily we couldn't do, because the MSVC source code was kept secret even inside MSFT, and GCC source code was strictly off-limits due to being GPL-radioactive...)
The follow on posts describe where I plan to run the binaries. the idea is to run in a guest with no kernel and everything running at ring 0 that makes the sysret a dangerou thing to call. we don't have anything running at ring 3 also the syscall instruction clobber some registers all in all between the int3 and syscall instruction i counted around 20 extra instructions in my runtime. ( This is a guess me trying to figure what would happen). That is why the int3 becomes faster for what i am trying to build. The toolchain approach suffers from the diversity of options you have to support even if ignore stuff you guys encountered. Might be easier with llvm based things but still too many things to patch and the movement you tell people used my build environment it meets resistance.
I am currently aiming for python which is easy to do. The JIT is when i want to do javascript which i keep pushing out because once i go down there i have to worry about threading as well. Something i want to chase but right now trying to get something working.
I have been developing local AI on Apple devices since 2019, and they already had great AI support via Accelerate and MPS back then. Contrast to the Windows DirectML fiasco, which was basically just finger-pointing between MS, Intel and AMD all saying “it works on my machine” for years, I would say that Apple was always far ahead and did invest where it actually mattered to developers and users.
When I lived in the US I was surprised about how casually everyone treated DUI. In Northern Europe, where I am from, driving after drinking is socially unacceptable in Generation X and younger.
Same experience here in Canada. I used to think it was something rarely done until I started spending a lot of time at bars in my university days. Every night, I saw countless people driving home drunk, and often the same people too. Even though the bartenders knew and were legally liable, they never said a thing unless they were stumbling down drunk.
reply