You are missing a lot on what bitcoin actually is and what it could be (because it can change)... which is hopefully why it will keep an edge on other cryptos.
Holders of gold seek no innovation in the material science of gold.
Would like to hear more of your theory, in my view Bitcoin is a fossil whose community is intent on keeping it a fossil. All energy towards improving the network are focused on Layer 2. Transactions per second will not be increased, max supply will not be increased... the various forks of bitcoin speak to this. Why do you believe Bitcoin can keep an edge?
That whole GME thing is not stupid... institutions are holding 106% of GME stocks... not sure how much non-institutions are holding. What is stupid is what the government is allowing institutions to do.
Holding 106% can be perfectly rational, it happens just because shorts create a loan.
Suppose we have a company and an institution has analyzed the books and knows is worth $10/share, shares are currently trading at $5. Suppose this is an unusually small company and there are only 100 shares outstanding total. Institution buys them all up since it's such a good deal.
Along comes Citadel who decides the company is going bankrupt and decides to sell the company short. Borrows 50 shares from the institution's broker and puts them up on the market. Now the institution sees that 50 more shares are available again at $5. Still the institution knows they are worth $10/share.. it's completely rational to purchase those shares and increase the holding to 150 shares even if the official shares outstanding is only 100 shares. Institution can sell all 150 for $10 a share assuming they are eventually right about the validation and Citadel will be the one that needs to make up the difference.
I appreciate all of your work but I think that you are wrong with this comment... I think that talking about leaving platforms that have monopolies can spur innovation.
For sure there are important and interesting questions there. I'm not asking people not to talk about those!—just to do it in a way that isn't just repeating what always gets said. Otherwise there's a power-law dropoff in information transfer...like telling the same joke or repeating the same word over and over.
There's nothing wrong with repetition per se. There is pleasure in it—it's just a different kind than the pleasure of curiosity. The problem is that we can't have both pleasures at the same time, and HN is a site for curiosity.
This is one of those moderation calls that seems arbitrary and obscure until you take literally that we're trying to optimize for just one thing, and then it follows rather straightforwardly.
(It's really a sweet spot to have only one thing to optimize for—one gets to have fun being radical about following it to all its counterintuitive consequences.)
But that’s only an MTA i hear you cry, Exchange does both MTA & MDA! Bear with me.
Postfix is software to learn from. It might be written in C but the architecture is the epitome of beautiful modular design. It’s not just the meticulous separation of concerns, the care and attention to detail, everything from string handling to memory management is pristinely handled. https://github.com/vdukhovni/postfix
Even at runtime the beauty of the architecture allows for a sysadmin to choose (via master.cf) exactly how the components should be composed to fit their needs. The defaults are crafted for minimum fuss if you just need to get it running ASAP. The software is ergonomic in addition to being artfully crafted.
So what does all this care and attention get you? Only 9 CVEs in 22 years, only 3 of which are code exec, only 2 of which are (maybe) remote code exec, only 1 of which is unauth user RCE - but very hard in practice to exploit.
Maybe it’s just not that popular? It was 1/3 of all SMTP servers on the internet according to a 2019 scan.
So it’s the best MTA ever to exist, but what about MDA? Well, that was the whole point. Compose well crafted components together to build a system. You especially don’t run part of your mailserver’s web interface in kernel space because, well i’m not sure why IIS/Exchange does that :-)
So Postfix does about 1/10th of what Exchange does, and is secure. Very well, do one thing and do it well.
You talk about composing it with other stuff to create a system, but fail to mention if that system will still be more secure than Exchange. Even if each component of the system is individually very secure, that still doesn't tell you much about the security of the system. It's extremely easy to piece together two secure components and obtain 0 security.
Edit: accidentally said 'not secure' instead of 'secure' in first statement, completely changing the meaning. Corrected in-place.
Except this bug is an ssrf in the exchange web interface, so the MTA is equivalently safe to postfix. You could compose exchanges MTA with another MDA and get exactly the same security posture. Except with exchange, which is actually a good MTA.
