There is a great meditation in Zen and the Art of Motorcycle Maintenance about the differences between riding and driving. Being open to the elements, in and a part of nature, is visceral. Bubbled in a car, our surroundings are observed more than experienced. That's always resonated for me.
That’s a book I’ve been taking my time with. Read a bit every few weeks. Found the part about visual memory mechanics resonated: I have to spread everything out and see it when doing mechanic work.
No to doing books via audiobook because I see the words in my head and it’s massively distracting. Cool if it works for others I guess but like the mechanic excerpt above… not for me.
The transition to 7200 VXRs as core routers really hit a tipping point around 2000. They could handle millions of entries in the FiBs and really led to a relief in pressure. Subsequent devices had to match that.
On the IPv6 side; by 2002, nobody was really experimenting with A6 records any more, and EUI64 was needless. Both were parts of IPv6 designed to facilitate "easy" renumbering, so that single prefixes could be replaced with larger ones. But the ISPs weren't complaining any more about table size.
Although they do have a category for best editing, it's hard to call it an award for "best film editor" when it doesn't control for the overall quality of the film. For example, with the Oscars, it's extremely common (2/3 of the time) for a film that wins best picture to also win best editing.
Drop 10 hours of footage to the competitors on day 0, assign judges random groups of completed films on day N.
Maybe let each editor request one reshoot in the first week, a committee aggregates similar requests, all editors get all the reshoots once they're finalized.
Maybe include storyboards and a rubrik for what story the film is supposed to share and how we're meant to feel, but maybe not.
I think this may actually be two different things. Much like how being good at coding doesn’t mean it’s fun to watch you code. Though there are “performance” coders where it really is!
I don't think it's nefarious but it is sabotage. There's long been an implicit assumption that optimization should be more important than safety.
Yes, languages do lack good mechanisms to mark variables or sections as needing constant-time operation ... but compiler maintainers could have taken the view that that means all code should be compiled that way. Now instead we're marking data and section as "secret" so that they can be left unoptimized. But why not the other way around?
I understand how we get here; speed and size are trivial to measure and they each result in real-world cost savings. I don't think any maintainer could withstand this pressure. But it's still deliberate.
> Now instead we're marking data and section as "secret" so that they can be left unoptimized. But why not the other way around?
Worse cost-benefit tradeoff, perhaps? I'd imagine the amount of code that cares more about size/speed than constant-time operation far outnumbers the amount of code which prioritizes the opposite, and given the real-world benefits you mention and the relative newness of concerns about timing attacks I think it makes sense that compiler writers have defaulted to performance over constant-time performance.
In addition, I think a complicating factor is that compilers can't infer intent from code. The exact same pattern may be used in both performance- and timing-sensitive code, so absent some external signal the compiler has to choose whether it prioritizes speed or timing. If you think more code will benefit from speed than timing, then that is a reasonable default to go with.
I bought this latest Heaney book while I was in Ireland recently and it lives in my nightstand, along with the other Heaney books in the series (his letters, and his translations). They are an endless marvel and constantly make me ponder. Part of the attraction for me is that Heaney is simultaneously a peerless transcendent writer, but also is very everyday. He came from a working class, or maybe lower middle class, background and stuck to Belfast and Dublin and lived a relatively humble life. When I think of Yeats I can only see him in Tweed suits, visiting country estates with servants, and making posturing speeches in the Irish Senate. Yeats was an expert commentator, but removed from many of the experiences and lives he documented. Heaney really lived them. It's so much more relatable.
> Yeats was an expert commentator, but removed from many of the experiences and lives he documented
Yes! I actually studied Yeats as my Leaving Cert History Special Topic and had a gra for him for many years. But as I get older and see him more in historical context his success does seem to be partially a political artefact and his involvement in the founding of the Irish state bestowed upon him a beatificence that perhaps outshone even his brilliance and made him seem more timeless than perhaps he was. But then again, 1913, Byzantium, No Second Troy … it’s hard to find more strident and articulate polemicals
So they open the source ... how do I know that's what's running on the voting machine? There's really no good practical solution to this problem. What matters more is that there is a voter-verified paper audit trail and that this record is actually counted. At least by spot check risk-limiting audits, but ideally just count every vote manually to verify.
> There's really no good practical solution to this problem.
Remote attestation via trusted execution environments is a thing. It is not a theoretical one either. See, for example, Graphene OS's Auditor app[0]. Solving this for voting machines in particular would be a matter of good design, not of solving fundamentally hard problems.
No, this absolutely is not how forward secrecy works in TLS. Forward secrecy protects against a break in the signature algorithm, but not in the key agreement algorithms.
Both the FFDH and ECDH key agreement algorithms are vulnerable to quantum crypt-analysis; someone capturing traffic today could later break that agreement and then decrypt the data. An attacker would have to capture the entire session up to the "point of interest" though.
This is why FFDH/ECDH are being augmented with Post-Quantum secure KEMs.
Watching Hank Green's YouTube video where he found out that his cloudy pee was cancer leaving his body, he was surprised that doctors don't tell you to expect it. It can be such a morale boost.
Interestingly, there's a whole category of H1B visas just for fashion models. H-1B3, which is for models with "distinguished merit and ability".
A famous supermodel can most likely get an O1 visa, for people of extraordinary ability. But agency models more commonly work on H1-B. Melania Trump is a famous example. These visas are tied to an employer and there's less portability. It's a two tier system.
Personally I think that there is some harm here. Agencies bring in young women from relatively poor countries and they are put in conditions where abuse, even sexual assault, is common and can face pressures to tolerate conditions and shoots that a local person with a safety network would not.
H1B visas don't require employers to post jobs; this PERM process comes later when someone seeks an employment sponsored green card.
Visas could be allocated in some kind of priority order, but salary alone would probably concentrate visas to just the relatively high-paying tech sector, leaving other professions out entirely.
I'm not sure that's good; the US also needs people with expertise in science, industrial and agricultural control systems, clean power, and more. But these professions tend to earn a fraction of what a software developer makes. Other countries have gone with points systems that try to balance for this.
> But these professions tend to earn a fraction of what a software developer makes.
Then the market says it doesn't need them. Fix market mechanics so hiring another tech worker isn't worth multiples of things people say society should value. I.e. maybe there is too much upside in software sales since copies are free to the IP owner, liability is limited, lock-in is often impractical to escape, etc.
Completely open borders migration between all countries would be the biggest such market correction. If every development job was open to every qualified developer in the world, I suspect software salaries in the US would be much lower.
But they would still be higher than a chemist's salary. This has nothing to do with open borders. If you use money as a proxy, some professions will come out ahead. That's just market dynamics. The only way to avoid that is to create carve outs or normalization by profession.
I don't see how you get there. It's harder to move chemistry work than simple laptop use so chemists in the US would have less pay equalization than developers.
Why should we work to lower salaries in professions where we agree the salary is already depressed enough to lose new entrants to an easier and higher paying profession? (I think I can say this since I'm a lazy STEM drop out developer who makes more than twice what I estimated for my preferred path that I also found more challenging.)
reply