> through a combination of gestures and sketches, managed to buy a box of rapid-acting insulin at full price (around €30–40).
Quick tip for people that might encounter such situations:
- Phone to the emergency number. In Europe, it's 112. In France 15 is also working. Explain your situation (they generally do have English support).
- In many European countries, it is a Doctor you will have on the line. They can forward a medical prescription by email to the pharmacy close by.
- Even if you are not insured, the only thing it will cost you is the price of the medicine. For insulin, it variates from 20 to 40€ depending of the country.
- If you are over weekend or in middle of the night, in many EU countries have emergency pharmacy system.
Some dudes somewhere on duty will open a pharmacy for you and you have to come on site.
If you are in France and if you wake them up at 03h00am, you can probably expect the legendary 'frendliness' (irony) of French customer service but at least you will stay alive.
We know how to do reliable vertical landing since the DCXA in 1991. Meaning more than 25y ago [1]
> reliability during missions (test explosions like this one are tests for a reason)
Static fire tests are routine since the 60s, nothing new here either [2].
> We have 15x reduction in payload-to-orbit costs
This is about manufacturing optimization and it has very little to do with rocket safety.
> hey are well on their way to making orbital space flight a commodity
They are not. It is at best marketing speech.
The access to space is at best cheaper but will never be commodity.
The parent post is right on point: Rockets todays are still fundamentally the same giant bomb filled at 85% with explosive that we were making in the 60s. And this is unlikely to change and unlikely to ever be safe.
There is very valid reasons to that: we still did not find anything better than chemical propulsion to go in the last 80 years. It is the only 'working' solution in term of the energy density required to bring us there:
- Ion thrusters have amazing Isp but nowhere the Thrust/Weight ratio required to launch from Earth.
- Nuclear propulsion is good on paper but controversial in practice for pretty obvious reasons.
So we are still stuck.
Stuck with burning 1'000t of highly inflammable Ergols in few minutes to just push any blob in orbit. With very thin engineering margins, way thiner than in airplane manufacturing or currently pretty any other domain.
And that make it unlikely to ever be really "safe" and accessible to the mass.
At least, not before we find a better solution to the problem.
> We know how to do reliable vertical landing since the DCXA in 1991. Meaning more than 25y ago
One could argue the applicability of "reliable" given the project's track record, but it's not really relevant in any case since that program only got up a few kilometers and nowhere near orbital velocity.
Really not convincing that you know what you're talking about if you're taking the DCX prototypes flying up to 3km as meaning that we had landing orbital class boosters sorted out in 1991. That was a hopper vehicle comparable to the original SpaceX Grasshopper prototype.
An orbital class booster isn't a booster that goes to orbit, it's a booster that is part of an orbital rocket stack.
The important distinction is that the DC-X prototype was, at best, supersonic given the low altitude and flight time record, while any efficient booster powering an orbital spaceflight is easily going hypersonic by the time it's returning to Earth.
Still, you ideally just want to launch people and some complex machinery from Earth & produce about everything for in space use from local resources. That makes it possible to heavily optimize Earth to LEO craft for safety and reliability, alleviating most of these concerns.
This is fair but I'm not sure the low hanging fruit is going to be developing technology that can reach earth escape velocity without being extremely sensitive to how well built and prepared the system applying the enormous amount force required is. Even the hypothetical stuff like Spin Launch and space elevators is going to have catastrophic failure modes....
> For the past few decades, building a datacenter has been a well-understood, predictable exercise in utility engineering.
> In modern AI clusters, the network is no longer just infrastructure sitting beneath compute
It always make me smile when someone is presenting these kind of topologies as "New", "Modern A.I" or anything remotely "Revolutionary".
The HPC domain and any decent supercomputers have been doing RDMA networking centered around "all-to-all" and "all-reduce" operations for at least 3 fucking decades now.
They are the main reasons supercomputers are almost always constructed around stupidly complex Torus or Dragonfly network topologies.
MPI itself has these primitives defined from v1.
The only difference now is that it switch from "This niche thing 3 nerds were using for weather simulations" to "this cool thing any hyperscaler NEED to have for *A.I*"
> Additionally, Japan has a very clear and straightforward process to convert HSP Visa (Highly skilled visa) to a permanent residency.
I mean, that's true as far as it goes, but HSP is one special visa amongst many, and they're not all so easy. Also, Japan is currently in the middle of its own dramatic restructuring of the immigration system related to HSP, including a number of new requirements that would drive critics of the US system to apoplexy (i.e. language fluency requirements).
Overall, the Japanese system looks a lot more conservative than the US one, though the sanity and consistency level is far higher.
> HSP is one special visa amongst many, and they're not all so easy.
Japan has a selective immigration system where the profiles JP gov considers as "necessary" are made easy to immigrate, and the others not so much.
One can disagree with the method, but at least it is consistent.
Near that, half of the American tech (and associated GDP) is constructed highly qualified immigrated engineers on H1B visas, and still the US gov openly shit on them.
> US system to apoplexy (i.e. language fluency requirements)
JP mainly just put some Japanese language level requirement on the HSP visas related to roles with communication. That honestly does not shock me.
We agree that the Japanese system is far more consistent. I think it's better!
But let's not kid ourselves: if the US instituted a CEFR B2 language requirement [1] for anyone on an H1B visa to gain residency, it would be an absolute shitshow.
[1] This is the new Japanese language requirement.
Assuming English is the language, CEFR B2 is roughly 75 in TOEFL, such a low standard that community colleges would think twice before admitting such internationals students. In reality H1B tech workers easily blows 100+.
Right, it's obviously your assumption, but you stated the resulting shitshow as an obvious fact—"let's not kid ourselves".
I doubt H-1Bs would oppose taking that test. Many already took English proficiency exams by the time they apply for the visa.
I assume Americans in general would favor this extra requirement too.
And companies, if we decide we care about what they want, really have no reason to oppose the test. There's a large enough number of applicants that they can easily pick from the ones that do speak English fluently.
So to conclude it would be a shitshow because of the politics is likely incorrect, certainly defeatist, and gives up on the actual thing we should strive for, which is to make the H-1B visa better.
> Any institution quickly becomes a corrupt shadow of what it was originally envisioned as once the original people involved move on.
The debian project here acts as a counter-example: The institution governing the project far outlived its original creator and the "debian social contract" clearly helped to that.
Additionally, Infomaniak seems to have registered here as a Swiss "public interest" foundation. This has several implications:
(1) Swiss authority regularly audit the foundation and verify that there is no conflict of interests with the registered chart.
(2) Usage of the money should be done in respect of the chart.
(3) If any of the previous conditions is not respected. The Swiss authorities can step it and dissolve the entire thing or even take control.
I decided against quoting from https://www.debian.org/vote/2026/platforms/srud - current Debian project lead - because it looked like a short out of context quote would misrepresent him and also maybe a fast way to get flagged.
I like Debian, they still make a great OS, and I want to be clear I have no complaints against Chandran who as far as I know is doing a great job in a tough position.
But if you look at the platform he's outlining the current DPL ran with the clear understanding that Free Software is one of a couple of priorities. Something that, in this context, really stands out is he thinks the Debian project culture needs an infusion of new blood and ideas. In fact, this page has a number of absolute classics for how ideological organisations go soft. He wants new people involved, he thinks that the community is too conservative about change and he doesn't say much on the topic but it looks quite possible that he wants to start legitimising Debian as a serious organisation (getting it formally registered and branching out to find more funding). Take all that in context of the idea that they can't find someone who wants to be project lead in order to promote free software.
So again, I personally would love it if Debian kept to their rabid pro-freedom stance, but I would not rely on it as the Debian Devs slowly rotate to a new generation; there is always a high risk that they quietly transition to "Open Source" then go the Mozilla route. The people matter far more than the paperwork.
> I think a legitimate criticism is that it is unclear who std::simd is for. People that don’t use SIMD today are unlikely to use std::simd tomorrow. At the same time, this does nothing for people that use SIMD for serious work. Who is expected to use this?
There is plenty of vectorization that are simple enough to be done with std::simd today and that will still bring any autovectorizer begging on its knees for various reasons.
As an anecdote, I currently got a 8x speedup with std::simd (AVX2 & SVE2) on a rather trivial parser of mine recently that autovectorizer failed miserably to do properly.
Would I have get better result using intrinsics ? Likely, yes.
Did I want to suffer the maintainability and portability pain associated with it for a simple parser ? Certainly not.
For these use case, std.simd does the job.
And will probably do a better and wider job with time when it get enriched by the committee.
The blog brings some valid criticism but really looks like a flame war trying to destroy an already opened door.
(1) Is there more performant solutions that std::simd for vectorization ?
Yes, of course.
The STL evolves slow, its main goal is to provide a generic and portable implementations of a set of algorithms. Not to provide the best implementation in existence.
The best implementation of most algorithms (including SIMD patterns) evolves every 6 month, you can not expect a standard library with 3 different implementation to keep up with that.
(2) Is the future of vectorization ISPC ?
Nope. ISPC has been around for > 10y and is still niche.
There is very good reasons to that: Yes it can generate better code but in most use case, adding a massive dependency of a compiler + an arbitrary LLVM version + a DSL on your project is not worth it.
Specially considering that it is an Intel project and that Intel (almost) abandonned the project multiple time (In pure Intel fashion).
So yes, criticism is easy, and yes std::simd is full of problems.
But I am glad it exists, and thanks to the people that made it happen... Because it is useful, even in the current state.
Production price in Europe is between 3.5-4.5cts/kwh averaged. The rest are mainly transport and taxes.
If the EU currently choose to exonerate industrial consummers from these taxes and offload them on citizen (which honestly make sense from a business perspective), they could currently beat most US states in term of pricing while providing lower carbon footprint/kWh
> A very US-centric perspective. Whereas the folks in Europe do it in 3-4 years
Yes it is.
In most European universities, you will graduate in 3-4y.
And there is simple reasons for that: The funding associated with a Phd in many European country is 3-4y. So if you do not graduate, you actually become a burden for your lab.
They do not, but how does the service you’re using know your passkey is secure? For all they know you’re just some gullible user that clicks through every fishing email you get. You’re dumb, weak, helpless, they gotta protect you from this scary world out there, and maybe yourself as well.
They can’t do that if they allow your passkey to be stored anywhere you control. KeepassXC? The second you type in your master password the keylogger will snatch it, and your entire database with it!
Okay, maybe you’re some hot shot cryptographer, you’re using a TKey (think Yubikey, except you have full control), and there’s no way your secret key leaves it even if your main computer is fully compromised. Well, the service doesn’t know that. All they see is your public key and a matching signature.
So, sorry Mr. Security Researcher, we’re gonna have to be safe, and require you to use approved hardware only. Too many (wo)men children out there must be protected, we have no way to tell you’re not one of them, so it’s remote attestation or you’re out. What’ online buying worth for anyway, when you can just cross the ocean?
---
Just so we’re clear, I agree with you here. But don’t forget there are two kinds of passkeys out there: with or without the evil remote attestation. And many companies will push for the remotely attested kind, using the exact argument I used above, except with a straight face.
Or they will just present a false dichotomy: remotely attested passkeys on the one hand, short easy to guess reused everywhere passwords on the other.
> how does the service you’re using know your passkey is secure
That's my business, not theirs. If my password gets stolen, that's my problem, not my bank's. Same deal if my passkey gets stolen. They're welcome to try to educate me on good security hygiene if they want, but what hardware I use to secure my credentials is not something they should get to decide.
On principle I agree with you. And for me I totally want that, in part because I know how to take care of myself and avoid phishing (I got pwned once, but thankfully it was my company’s honey pot, not actual phishing).
Many people aren’t like us. Give them freedom to chose their password without mandating 2FA, and some will lose money to a password database leak & offline guessing. The policy maker knows this, at which point they have a choice: stricter annoying rules with fewer victims, or looser rules with more victims?
Yes, we can mitigate much of this with education, as can we limit vendor lock-in by mandating that the bank does not require any particular device they do not themselves distribute, for free, to their users. (My bank for instance gave me a little device that has a camera, a small screen and a key pad. Upon payment I use the device to scan some QR-code, the device gives me a one-time code that I type, and done.) My point is, some kind of tradeoff remains.
Also banks kinda have to deal with fraud, which presumably costs them money. Stolen passwords mean more fraud, increased costs… that may be incentive enough to enforce stricter rules. And to be honest I’m okay with that, as long as it is accessible. Which in my case means no phone app of any kind.
Come to think of it, there is one law I would pass: for important stuff like banks, no amount of security justifies a lack of accessibility. If I don’t have a smartphone, I should still be able to do online payments. Same if I’m blind. Or both. When I hear all around me about people being utterly unable to do banking, or worse, accessing government online services, without a locked down Android or iOS phone, I’m horrified.
> they have a choice: stricter annoying rules with fewer victims, or looser rules with more victims?
Yep, there's a reason freedom vs safety (or libertarianism vs authoritarianism) is an axis on many political spectrum charts. This is a very common source of tension in politics. As you can probably guess, I usually find myself on the libertarian side of such debates. Freedom is worth the price.
> Give them freedom to chose their password without mandating 2FA, and some will lose money to a password database leak & offline guessing
To be clear, I have no issue with secure defaults. There's only an issue when you start trying to make it impossible for users to compromise their own security, because accomplishing that requires you to take away their freedom to make choices, which I don't think is an acceptable thing to do to mentally sound adults.
There's plenty of competition in the banking space, so normally I'd be fine letting banks and their customers sort this out on their own. But there's not a lot of competition in the OS space, and allowing banks to limit your choice of OS exacerbates that problem.
The fix I've been floating in my head for some time now for a lot of these types of problems in the digital space is some sort of software freedom law guaranteeing users the right to modify software running on devices they own. It would fix so many issues with the software industry, including probably this one, since many common uses of hardware attestation would probably fall afoul of such a law.
I generally lean towards that too, including for this issue. But we do need to own up to it. Explicitly ask ourselves, what kind of bad consequences, and how much of them, are we willing to put up with in the name of freedom?
Also, some framings make it difficult: the second someone speaks of protecting the children, all of a sudden freedom becomes secondary. Which leaves two counters, which are logically compatible, but tend to be rhetorically exclusive: denying that this new thing will actually protect the children; and asserting that the protection it allegedly provides is not worth the loss of freedom.
The second one is a hard sell, which is why we so often revert to the first one. Take age verification: sure it won’t stop determined underage teens from seeing images of bunny girls. But it will deter some of them. And assuming images of bunny girls are bad for teen health, it means age verification does "protect the children". A little. And voilà, we’ve destroyed the argument that age verification does absolutely nothing, mass surveillance for the win!
> […] which I don't think is an acceptable thing to do to mentally sound adults.
I haven’t thought of the psychological damage over-protectiveness may cause. That’s a bloody good point.
> There's plenty of competition in the banking space,
Given how people in some countries complain that it’s difficult to find a bank that doesn’t require a locked down phone for online payments, I would argue perhaps not plenty enough. I totally agree though that for any bank to require one of two OSes is not good, and for this reason would be tempted to outlaw such requirements (thus reducing corporate freedom, but I care more about individual freedom).
> some sort of software freedom law guaranteeing users the right to modify software running on devices they own.
That is very tempting indeed. Do understand though that such a law comes very close to mandating Free Software everywhere: for this right to be effective, users need access to the source code, and be allowed to let some professional modify that code for them. Any mass produce piece of hardware would effectively have to publish the full code source of their drivers for all to see. I would absolutely love that, but NVDIA would likely lose their marbles over this.
> what kind of bad consequences, and how much of them, are we willing to put up with in the name of freedom?
The way I look it is that when someone uses their freedom for evil, the consequences of that are that person's fault, not the fault of freedom itself. Responding to evil done by one group of people by curtailing the freedoms of everyone, including innocents who have done nothing wrong, is fundamentally unjust. Perhaps in some extreme cases it could be justified, but I'd use a standard similar to how the US supreme court defines "strict scrutiny" when evaluating such measures.
Patrick Henry once said "Is life so dear, or peace so sweet, as to be purchased at the price of chains and slavery? Forbid it, Almighty God! I know not what course others may take; but as for me, give me liberty or give me death!"
Unfortunately yes, for some this is a hard sell. I'm not sure how to convince others of the importance of freedom if they don't already consider it to be important, to me it's an almost fundamental belief that I hold.
>> […] which I don't think is an acceptable thing to do to mentally sound adults.
> I haven’t thought of the psychological damage over-protectiveness may cause
My point was more that taking away a person's freedom for their own protection is the kind of thing you do when they're either children or mentally unsound. Outside of those cases I don't think it's acceptable.
> it’s difficult to find a bank that doesn’t require a locked down phone for online payments
Some of this may be due to regulations making banks partially responsible for things they shouldn't be responsible for (like the customer's phone getting hacked). Responsibility and control go hand in hand. But mostly I think it's just due to lack of demand, which would be solved if running modded OSs were more common.
> Do understand though that such a law comes very close to mandating Free Software everywhere
Yes, exactly. I guess I've been radicalized by Stallman. ;) Though to be fair I do partially disagree with his definition of free software, in that I don't think software needs to be freely redistributable without payment (freedom 2) in order to be libre free.
I understand this a pretty radical proposal, and completely politically non-viable for the foreseeable future. It might even be a bad idea to do all at one even if that were possible. But I think probably there are some smaller steps that could be taken in that direction which would be beneficial even if I'm not entirely sure what those are yet.
Yes, but that’s not the threat model I was alluding to. The threat model was, you get tricked into executing malware, that will steal your passkey (and your entire password database in fact), and log your master password as soon as you use it.
When the passkey is protected behind an HSM (TPM, Yubikey, Tkey…), even a compromise of your main computer can’t steal it. Attackers can still temporarily log in on your behalf, but they can’t do anything with your passkey as long as your computer is turned off. Which means you can un-pwn yourself out of this situation by reinstalling everything (but do keep your HSM!).
Overall, we have several levels of security here:
- Weak password, (potentially reused everywhere). Fished once, pwned everywhere. Not to mention password database leaks.
- Very strong unique password from your password vault (KeepassXC). Note that with automatic login, password managers may provide good phishing resistance. Manual copy pasta is still vulnerable, but at least you only compromise that one account.
- Passkey stored in your password database. Phishing proof as you say, but falls to a keylogger.
- Passkey sorted in a hardware security module. Can’t be stolen ever, save for a vulnerability in the HSM itself, or, if you haven’t set up a password for your HSM, theft.
Clearly that last option is the most secure. Clearly it would be nice if everyone could do that, though we do need a way to recover from the loss or destruction of the HSM (which in the case of the TPM may mean something as mundane as changing your graphics card). Yet often, other ways are more convenient.
Still, I strongly believe companies should not force people into one method or another. Okay, I could maybe tolerate passkeys being forced on me, but not the remote attestation part. Let me manage my own security, with my own tools (preferably open source), thank you very much. There is one use case for which I may approve of remote attestation: work accounts. Because at this point it’s not about the safety of the customer, it’s about the safety of the company itself. It makes sense then that the company (or government agency) impose whatever stringent restrictions on how to access their network. They do have to provide any required tool (company laptop, company palmtop, company dongle…), same way many companies are required to provide individual safety equipment to any of their employees working in hazardous environments.
Yes, I agree that device-bound credentials (DBC?) are a really big deal here. Just wanted to get the story straight.
When it comes to the notion of requiring DBCs without also requiring remote attestation, how do you deal with solving the problem of virtualized credential devices, e.g. swtpm? If some application wants to leverage DBCs, it will make some DBC API call, e.g. call out to a TPM. However, without some sort of attestation scheme, there's no way to verify who/what is on the other end of that API call.
Maybe it's not important for applications to be able to require DBCs without attestation. But at first blush it seems like a valid thing to want.
> Maybe it's not important for applications to be able to require DBCs without attestation. But at first blush it seems like a valid thing to want.
It’s definitely something I would want, but as you hinted at yourself, if there’s no remote attestation, the user can just use a software TPM. So, a company using passkeys has two choices:
- Enforce DBC with remote attestation. This raises the security floor, but enforces device vendor lock-in, and prevent users from selecting unapproved, but potentially even more secure, devices.
- Do not enforce DBC. This lets users use less secure virtualised devices, but there’s no vendor lock-in, and those who want may use the latest most secure device ever.
Which alternative is appropriate is now a social & political problem. My opinion is that for general computers released to the general public, remote attestation is never legitimate. Even with the best of intentions it is fundamentally uncompetitive, and they make it way too easy to go full Evil Corp. Specialised appliances and employees however are different stories.
---
Anecdotally, I have worked on TPM provisioning a couple years back, and I had to warn my hierarchy that doing it the way they specified, the TPM could be impersonated: we checked the signature of the certificate, but failed to compare the certificate root with the manufacturer’s keys. My boss didn’t believe me, until I showed the production code happily provisioned a software TPM, without detecting the impersonation. (Actually, he didn’t believe me even then, I had to go over him to the security specialist.)
This was totally a case of remote attestation. But I believe this particular case was legitimate, because it was a specialised appliance (electric car charging station), that was meant to process payments, similar to a gas station terminal.
TPMS give you the convenience of short passwords (or no passwords) and the security of long keys.
A chip which you can write to and interact with but can't read is valuable; it lets you enforce conditions which you otherwise couldn't. For example, you can protect your sensitive data with a 6-digit pin, secure in the knowledge that the chip will erase the encryption key after 10 failed attempts. If you had full access to the TPM storage, you could brute force that PIN in seconds.
Quick tip for people that might encounter such situations:
- Phone to the emergency number. In Europe, it's 112. In France 15 is also working. Explain your situation (they generally do have English support).
- In many European countries, it is a Doctor you will have on the line. They can forward a medical prescription by email to the pharmacy close by.
- Even if you are not insured, the only thing it will cost you is the price of the medicine. For insulin, it variates from 20 to 40€ depending of the country.
- If you are over weekend or in middle of the night, in many EU countries have emergency pharmacy system. Some dudes somewhere on duty will open a pharmacy for you and you have to come on site.
If you are in France and if you wake them up at 03h00am, you can probably expect the legendary 'frendliness' (irony) of French customer service but at least you will stay alive.
reply