This is correct, but not what most people think. For example, memory leaks could be considered bugs and it is easy to leak memory memory in safe rust on purpose.

Memory leaks are usually not disastrous for security, mostly an issue for availability, sometimes.

Explain how a use after free could occur in safe rust, because to my knowledge, that is exactly the kind of thing rust does protect against.

I don’t think you are wrong, but here is a bit of my perspective.

Rot has been occurring in the industry for over 10 years now. There are now fewer qualified network engineers than around the turn of the century and companies are less willing to spend money on upgrades of network infrastructure (6500 is still relevant…). Also, many ISPs, at least in the US, have merged resulting in fewer diverse networks.

The upside now at least, is that ports are easily 100g, so you could argue that we need less network equipment and fewer engineers, but I’m not sure how much that offsets the problems. And 100+g ports don’t help you properly run a network, except maybe make it a smaller problem if you need fewer ports.

There isn’t a reason you can’t use those same services for downloading any content you want. If you are using a front end of some kind, you can just try sourcing the content yourself and using a music streaming app. It’s been awhile since I’ve looked into it, but there was subsonic. Also, most of the video servers like emby and plex also support music.

KVM/Qemu and Hyper-V also have snapshots, but hyper-v has a dumb name for them that I always forget.

I really wanted this feature, but when I actually used it, I realized that it’s not quite as useful as I would have hoped, at least for the use case of just a “small” rust script.

A workflow I often have is to start hacking away at a problem with bash or some other scripting language, but then my command starts getting too long and unwieldy so I copy my command into a file to keep going. But with rust, you don’t really do that, so I never progress to copying my command into a file.

Why would anyone get arrested? There is no requirement for a business to operate in Texas or for people in Texas. And it is almost a certainty that Google and Apple have clauses saying they can not serve anyone for almost any reason.

How does that answer my question, how do NFTs help an organization prove that a key belongs to them?

NFTs and blockchains are an entirely virtual construct that can’t affect the real world, or take trusted, non-key inputs from the real world. That’s not 100% true, but it is mostly true.

So really, you need a way to tie or bind a key to an identity or organization. You could perhaps sign some data, such as a domain name with a key on a chain, but that doesn’t prove anything. Anyone could sign anything with any key, so you need to approach the problem from the other direction.

You can install the key directly, or the hash of the key into DNS, verifiers can retrieve the key from DNS, then resolve it to the full key if necessary. You can then use the key to verify signatures of signed data.

Why DNS? Because that is currently the most standard way to identify organizations on the internet. Also, much of the security of the internet is directly bound to DNS. For example, getting certificates for websites often entails changing a DNS record at the request of an issuer to prove that you own the domain in question.

This is not an idea I invented just now, there are multiple DNS record types that have been defined for literally decades at this point which allow an organization to publish keys to DNS. Among the first is this: https://www.rfc-editor.org/rfc/rfc2535#section-3 Not completely related, but it is a key of some kind published to DNS.

I don’t think NFTs provide any useful functionality in helping organizations prove that a key is theirs, at least nothing much better than a simpler solution which already exists.

How can an organization prove that a given key is theirs using NFTs?

I wouldn’t recommend it due to complexity, but clevis is a thing. It permits a machine to automatically unlock on boot when various environment conditions are met.

The signing keys could be published to DNS, for better or worse.

It will be funny to see the ietf tls wg realize that they only have a tenuous grasp of control over the protocol. The very complexity that makes tls suck can be used to just ignore them, create their own suits, disable or not implement the trash they are peddling.

It’s kind of crazy to see them basically ignore DJB and justify it with a technicality. This could go badly for them in the court of public opinion.

Honest question, what are you using that is only available from snap?

Snap is almost universally despised with host, flatpack and appimage usually being preferred.

You seem reasonable and don’t deserve the downvotes.

Evaporative cooling is mostly used in hyperscale facilities, so most places you would ever visit would usually be cooled the typical way.

It’s cheaper because running a compressor costs quite a lot of power, even modern efficient systems still cost more to operate than pumping water out of the ground at near zero cost.

It is also difficult to find information on this topic since these large companies want to keep this information on the down low, that they are consuming a disproportionate amount of ground water.

In a lot of the US, individuals depend on ground water for their needs with their own pumps. It has started occurring that large facilities are built and it starts affecting nearby residents. Sometimes it causes a significant drop in water quality. Over time, they might not be able to get water from their existing well because millions of gallons were extracted for cooling a data center.

The public would be probably be extra pissed if they found out about this.

Water isn’t a renewable resource, especially not if the source of water is underground aquifers.

This is a long post, but these matters could be of grave importance.

The reason water isn’t always renewable is that statistically, most of the water on earth ends up in the oceans where it gets “trapped”. Sure, some of it evaporates and rains, but most of the rain is over the ocean. Some rain obviously makes it back to land, but most of it still stays in the ocean.

It’s extra bad if you pump water out of the ground from what are called aquifers. The water in the ground has taken thousands of years to build up, so pumping it out for dumb reasons is not a good idea. We could argue about growing food with ground water, but most people might consider squandering ground water where it is optional to do so, to be short sighted.

At least some data centers pump water out of aquifers for the purposes of evaporative cooling. This is a method of cooling that is the same as “swap” coolers. It works by taking advantage of the fact that when a liquid undergoes a phase transition, there is a large exchange of energy.

This is a similar effect to how people can be cooled off by sweating. The sweat evaporates and it leaves the skin cooler, because when the liquid evaporates, heat is taken out of the skin.

Back to data centers, some pump water out of aquifers, and intentionally evaporate the water to remove heat out of whatever media is used for cooling chips/servers.

Why do they use this method of cooling? Because it’s cheaper. Typical hvac systems involving compressors consume power and power costs money. So in effect, they are consuming water, an essential and non-renewable resource, in order to avoid having to pay for electricity to cool their servers in a more sustainable way. Evaporative cooling is not necessary to cool a data center. Data centers have been and still are cooled by typical hvac systems which do not consume water in this manner.

A common retort is “can’t the vapor be condensed back into water?” Yes, but they don’t because that would cost money. As mentioned earlier, creating the vapor consumed heat. To create water, energy would need to be spent to take the heat back out of the water. This is an unavoidable fact of thermodynamics.

Also, do not confuse evaporative cooling with what some people call a “water” loop. In such a loop, water is being used to move heat from one location to another, in a loop, similar to how water cooled PCs work. This is often done because air has a poor heat capacity, so the size ducts needed to move an adequate amount of air could be too big to be practical, so in these systems, the heat is transferred into water, usually to be sent to a heat exchanger (radiator/heat sink). The water does not undergo a phase transition in a typical water loop. The water merely is hotter when it leaves the so called “air conditioner” and cooler when it leaves the heat exchanger, heading back to the AC. The compressors in the AC units are what is doing the heavy lifting in these style systems.

I don’t think calling hallucinations a bug is strictly wrong, but it’s also not working as intended. The intent is defined by the developers or the company, and they don’t want hallucinations because that reduces the usefulness of the models.

I also don’t think we know that it is a fact that this is a problem that can’t be solved in current technology, we simply have not found any useful solution.

Ghostty has scrollback, I have no idea what that person is talking about. I think it is missing scroll bars, but you can scroll using the mouse wheel or shift+pgup/dn. The buffer is also not very big by default but I think it can be changed via config file.

It is generally considered a bad idea to use envs for passing secrets in general since envs for process n are available to other processes which have access and permission.

Comparing python to rust, rust has far fewer breaking updates than python, and thats a fact. Feature updates can and do break older code in python, whereas in rust this is simply not allowed with few exceptions.

The language is allowed to change in compatible ways with editions. Every few years a new edition is released which allows otherwise breaking changes to be implemented, but the old and new code can still work together. Developers can rev the edition version when they want. I also think cargo might be able to help upgrade to a new edition as well.

Rust isn’t perfect, but python fails to learn the lessons that even perl implemented decades ago.

To be honest, I never heard of it, and it is interesting, but the language isn’t the only factor, it’s the ecosystem as well. It says it’s an alternative to C, so I will just assume it can consume C libraries. But that still leaves you with using C libraries, which is not a great position to be in if you are looking to not use C.

If you are looking for something that is actually in use, but not rust, look into Zig. Still would need to use a lot of C libraries, but it at least looks like it has momentum. Not to mention they seek to completely replace libc, which would actually be useful and an achievement, since that is the biggest problem C actually has.

I am a rust fan myself, but if you are new to programming it’s not a great place to start due to its’ learning cliff.