As someone who has completely straddled both worlds (Arizona/Texas redneck raised, worked in woke VC/SV companies, with a social circle across the board):
I view it as planting seeds, and harvesting them later. Before that can be done though, a person generally has to understand how entrenched a person is in being a stenographer. I have found on both "sides", there are a certain amount of people that literally do no thinking for themselves at all, and only regurgitate. I've tried for years to work different angles on them, and those seeds mostly still lay dormant and un-sprouted...
“The argument that the two parties should represent opposed ideals and policies... is a foolish idea. Instead, the two parties should be almost identical, so that the American people can throw the rascals out at any election without leading to any profound or extensive shifts in policy. Then it should be possible to replace it, every four years if necessary, by the other party which will be none of these things but will still pursue, with new vigor, approximately the same basic policies.” - Carroll Quigley
I'll never forget having to SSH into Bejing servers because nobody on that side could fix a problem... (working at a Chinese heavy company for a bit)...
I walked away realizing they are still copying the tech (IP theft, etc), but don't understand it nearly as well. The main thing that changed was the time-gaps, and by bypassing safety and other regs/norms, they just get to market first, but with a subpar product, usually with major issues.
I'm not nearly as afraid of this version of the future having experienced that, but of course, that was from a limited perspective.
That said, the sheer amount of $ being pumped into infrastructure of all types in China is a sight to behold, and also woke me up to how much our own government and big business entrenchment is suppressing American ingenuity.
The largest coronal hole in years was streaming to Earth while the earthquake occurred. Link up of coronal hole with Earth’s geomagnetic system is associated with earthquakes. The storm was caused by charged particles from that stream.
My hacky solution for this when working with others has been using git post-receive/commit hooks to execute the org document (babel, pandoc, emacs html export, etc), so anybody with any editor can, if they understand the format, make changes without having to have emacs.
I heavily abuse commit hooks in my hacky CI/CD pipelines though, so ymmv.
Emacs org-mode and babel are what I use instead. Very powerful alternative to Jupyter imho, but of course not for everyone.
I have used commit hooks so that non-emacs users could push updates that still get executed to avoid the emacs tie in though, the biggest issue with it I've found.
As a greybeard sysadmin, this is why I write pure html5/css3 with as little js as possible, and where it can't be avoided, vanilla with no frameworks.
I really have grown to hate most frameworks... (and I don't hate em, but for the devs who push them... it's become the new Java, another bane of linux admins everywhere.)
eBPF is such a supertool that is slept on. I have been working on turning my nftables into it, (on low-latency/high-throughput targets) may I ask how you are using it with Rust?
Sure! I use the aya framework (https://aya-rs.dev) that provides the kernel-side bindings to write the probes in Rust, and the userspace tooling to load it in the kernel, interacts with maps, etc. Quite a joy to work with, and has all the niceties you'd expect from using Rust.
We write XDP apps for custom dataplanes where traditionally DPDK would be used (routers and such). Our upcoming network acls are written this way, so close to your netfilter usage.
I do worry about running so much stuff in kernel space though. Imagine a widespread 0day that hits the kernel, or kernel panics causing kernel crashes that require reboots, the user space priv escalation, etc...
Are you doing fail-open or fail-closed? I've been on the fence on that.
What is the current legal status of eBPF? It used to be that loading any non-trivial eBPF into kernel involved GPL-only stuff, and both the eBPF program and the program that used it had to be GPL.
Well, yes, but this only matters if you distribute the compiled probes: you'll have to distribute the source for the probes. And, thankfully, this is not AGPL where network interaction counts, so:
- a cloud provider writing a dataplane using ebpf does not have to provide the source
- a company selling on-prem software (e.g. esxi) that ships with ebpf probes would need to distribute their source
I view it as planting seeds, and harvesting them later. Before that can be done though, a person generally has to understand how entrenched a person is in being a stenographer. I have found on both "sides", there are a certain amount of people that literally do no thinking for themselves at all, and only regurgitate. I've tried for years to work different angles on them, and those seeds mostly still lay dormant and un-sprouted...
“The argument that the two parties should represent opposed ideals and policies... is a foolish idea. Instead, the two parties should be almost identical, so that the American people can throw the rascals out at any election without leading to any profound or extensive shifts in policy. Then it should be possible to replace it, every four years if necessary, by the other party which will be none of these things but will still pursue, with new vigor, approximately the same basic policies.” - Carroll Quigley
reply