E.g. 1080p on a 15" laptop is still sharper than 4k on a 32" desktop monitor. People do work on both modalities, they talk to the one they use, chaos ensues.
And I am immensely unhappy with my 4K@32.
4K@27 is more tolerable... really miss the 5K@27 I had (other than it was a "smart" monitor which annoyed the hell out of me).
Maybe some of them were preventable, but if it was in place attackers would easily adapt to fool the automated systems and we would be back at status quo.
>without reproducible build you can't independently verify anything.
This is myth propagated by reproducible builds people. Byte for byte similarity is not required to detect a Trojan was injected into one.
Distributing software is a lot harder than just building it (with the caveat that people don't want to install build dependencies).
So we rely on centralized distribution (and build).
Because of this we have to assume trust of that entire chain.
When builds are reproducible they are independently verifiable which means you only have to trust the code and not the entire distribution chain (build systems, storage, etc).
Of course if no one bothers to verify then it doesn't matter.
This is sort of how xz happened, no one verified that the release tarballs were what they were purported to be.
Wasn't the vulnerability triggered by a malicious script that was added silently to the tarball? Reproducible builds would have shown that the tarball is not the exact output of the build. Even though the malicious payload was already in the code, the trigger was not and was hidden
>Reproducible builds would have shown that the tarball is not the exact output of the build
That is not what reproducible builds do. Reproducible builds shows that the compiled binary comes from the inputs. You have to use the same inputs as the distro else it will most likely not match. The vulnerability is part of the input which means that anyone else reproducing the build would have a byte exact copy of the vulnerable library and no discrepancy would be found. Reproducible builds would monitor for when the builds don't match.
In this scenario you could compare release tarbells against the git repository, but that has nothing to do with reproducible builds.
If you do reproducible builds for only the binary of the program and not what's around it I don't know if it makes any sense. Related software like the installation script should be checked too against the source. Otherwise that would be like signing the binary but not the whole package.
In case of XZ, the source code was modified, in the install script and not in the binary itself. Checking against a reproducible tarball would have shown the package is not identical, as the trigger was put manually by the maintainer and not checked in the repo. If you had a "byte exact copy" of the repository, it would show immediately it's not the same used to build the package.
Otherwise, reproducible builds are useless if you only check for the binary and not the whole generated package, as XZ has shown, because the malicious code could be somewhere else than the binary.
Nix packages seem to be geared toward reproducible builds of the whole package and not just the binary. So it seems possible to do.
Docker on Mac runs containers in a VM, but the VM is native the cpu architecture and takes advantage of hardware virtualization.
You can of course always use qemu inside that vm to run non-native code (eg x86 on Apple Silicon), however this is perceived as much slower than using Rosetta (instead of qemu).
Yeah eveey time I want to use it I generally need to unpair and pair it again.
Weird stuff like trying to send my clipboard from my phone and it goes the other way.
I bought a 14 Pro when it came out and returned it for a 13 mini because it was too heavy.
They switched the frame from stainless steel to titanium the next year which made the Pro phones noticeably lighter. And now this year the Pros are aluminum like the non-Pros have been for years, which is also pretty light.
The 3 big camera sensors certainly don't help with the weight either, but the good news is they did seem to recognize they were getting to heavy with the 14 Pro.
