> You cannot offer a taxi service in a car that is not fit for the road, and then just shrug when it crashes a people get hurt.
The problem is that there's no overt way to tell whether the "car" (code) you're looking at is someone's experimental go-kart made by lashing a motor to a few boards, or a well tested and security analyzed commercial product, without explicitly doing those processes on your own.
The problem is all the go-kart hobbyists who make moderately popular go-kart designs end up being asked for all sorts of commercial territory requirements.
The people on the consuming end think "reliability is their job!" and try to force all their requirements and obligations onto the go-kart makers, which usually doesn't end well.
> The problem is that there's no overt way to tell whether the "car" (code) you're looking at is someone's experimental go-kart made by lashing a motor to a few boards, or a well tested and security analyzed commercial product, without explicitly doing those processes on your own.
Yes you can, companies just don't like the answer.
To run with that analogy, if you are setting up that taxi company, will you build your fleet by picking up free gokarts around the neighborhood, or by purchasing cars from a known manufacturer who has gone through crash testing etc?
Not particularly different for software. If you need certified quality, you need to pay the providers fairly substantial amounts of money for that.
If you’re using a security package and it isn’t either a shim over an existing API (eg porting a C-library to a non-C language) or it fails to provide evidence of independent audits, then steer clear or it.
Most other domains are generally much easier for the developer to audit.
However I will say in an age of AI, it will become much easier than it already is to inadvertently pull bad packages.
If you ever visit Taliesin in Wisconsin (which has a pretty bland), you should also visit the nearby House on the Rock which is a fascinating and very weird collection of esoteric and kitschy items.
The contrast in attitudes and aesthetics between the two is incredibly stark, and it's very interesting to see the reactions of visitors to each location.
Remember that Wright told HotR owner/designer Alex Jordon that he wouldn't hire him to design a chicken coop.
You are correct; both should be visited. However, get ready for monotony at HotR. Room after room after room of Jordan's curiosity collection.
The Tallesin 1 hour or so tour is definitely interesting to look at from a historical and design perspective, but definitely "art project" not "good engineering" given the poorly supported balconies, the continually leaky roof, and if you're over 6 feet tall you might hit your head in places.
100% that's actually what we found missing/were disappointed in from the Taliesin West "self-guided" audio tour was it was more social/artistic approach of his architectural style, and not at all on the actual architecture and it's effects.
The 88k multi-chip cache/MMU architecture is fascinating, especially how it could be designed with a single cache chip, or a split I/D cache across two or more different chips.
That's what's different about this one. "Enter the Ryzen 9 9950X3D2 Dual Edition, a mouthful of a chip that includes 64MB of 3D V-Cache on both processor dies, without the hybrid arrangement that has defined the other chips up until now."
Seeing what China next door has done with solar and batteries, I wonder if they'll do an electric end-run around oil, similarly to some places in Africa.
This is "Open Hardware" which usually means open PCB or chip schematics, so people can modify or extend the board. OpenWRT is "Open Software that runs on closed hardware".
After checking a couple, Kind of seems like a lot of boards on this "open hardware" list might not actually be open hardware?
by open, we mean that you can flash your own firmware.
- but yes, we will need to check manualy each device/board or improve the Claude Opus prompt to make sure that it's doing a very good research when extracting these devices
Given that a large portion of the population has a HD or higher quality camera in their pocket most of the time these days, most cryptid style conspiracies seem pretty well debunked at this point.
The problem is that there's no overt way to tell whether the "car" (code) you're looking at is someone's experimental go-kart made by lashing a motor to a few boards, or a well tested and security analyzed commercial product, without explicitly doing those processes on your own.
The problem is all the go-kart hobbyists who make moderately popular go-kart designs end up being asked for all sorts of commercial territory requirements.
The people on the consuming end think "reliability is their job!" and try to force all their requirements and obligations onto the go-kart makers, which usually doesn't end well.
reply