Lightnews — Scholar-powered news

nrc @ncameron.org · 3h

At this point I think there are so many places code can panic, that a simple system like that wouldn’t help much. A better system could exist but you’re looking at some kind of dependent types at that point

Reposted by nrc

nrc @ncameron.org · 11h

It's been a while, but I've written another blog post - on panicking and what Rust programmers should do about panicking: www.ncameron.org/blog/to-pani...

To panic or not to panic

From a user's perspective an uncaught panic in a Rust program is a crash. A panic will terminate the thread and unless the developers have taken some care, that leads to the program terminating. This ...

www.ncameron.org

2 8 39

nrc @ncameron.org · 8h

If the vulnerability were well-hidden and the crate was well-trusted, etc.

So really, being cautious about crates (or indeed any intermediate position), is just YOLOing it but with security theatre

3

nrc @ncameron.org · 8h

gap between versions being released and alarms being sounded, any crate can execute arbitrary code on your machine, and all it takes is one crate maintainer having a turn to the dark side, or someone threatening their family, etc., and BOOM. And tbh, I bet that time gap could be long

1 1

nrc @ncameron.org · 8h

which is actually not too bad if you've really got your eyes open to the risk. But most software projects have a risk appetite somewhere in between, and there is not a good solution for that. A lot of folks are using tools and trying to be cautious about crates, etc. But there is inevitably a time

1 1

nrc @ncameron.org · 8h

One of the big issues with supply chain security is there is no good compromise position: you can be totally paranoid about it and minimise your deps and review every version in detail (which is both a lot of effort and goes against the grain of effective/idiomatic Rust use) or you can YOLO it,

1 3

nrc @ncameron.org · 11h

It's been a while, but I've written another blog post - on panicking and what Rust programmers should do about panicking: www.ncameron.org/blog/to-pani...

To panic or not to panic

From a user's perspective an uncaught panic in a Rust program is a crash. A panic will terminate the thread and unless the developers have taken some care, that leads to the program terminating. This ...

www.ncameron.org

2 8 39

nrc @ncameron.org · 1d

Can you say why you trust it? IME it means trusting a bunch of people I don't have reason to trust and also a bunch of crates (or versions of crates) which don't have coverage (unless coverage has got a lot better recently). Which is not to say you shouldn't trust it, but I'm curious why you do

1 1

nrc @ncameron.org · 1d

I used to be pretty relaxed about it, and now it seems like everything is on fire and we've collectively got our heads in the sand (mostly this is a change of opinion, but partially also a change in the environment)

6

nrc @ncameron.org · 1d

Rust programmers, do you worry about supply chain security? I.e., that a dependency might contain a bug or malicious code?

5 1 10

nrc @ncameron.org · 4d

South Wellington in particular did awesome, proud to live here! And a good show on Māori wards, though honestly I’m sad that there were any no votes at all. The rest of Aotearoa needs to do better, much better on that front

3

nrc @ncameron.org · 4d

Proud of you, Te Whanganui-a-Tara, mostly good voting, even if we did let a few of the cookers in. Could have been better (if there was a better mayoral candidate, if Chung et al didn’t get back in, and so forth), but could have been a lot worse.

2 1

nrc @ncameron.org · 4d

☹️

Reposted by nrc

rev. howard arson @theophite.bsky.social · 4d

i've got over 70k kills in the "meeting buddha on the road" minigame. it's tough at first but once you master the spin kick you can get the hammer you need to break the wheel of samsara pretty quick

Josh Fruhlinger @jfruh.bsky.social · 4d

”im addicted to this Buddhism game” —things someone who is good at buddhism would say???

9 38 250

nrc @ncameron.org · 4d

I like the borders! If they had used a gradient on the background but not the design element, I think it would work nicely, but there’s gradients everywhere! All going in different directions!

nrc @ncameron.org · 4d

And the icons look bad - too busy, too distracting. They’ve started with a design then made it as minimal as possible then added a bunch of gradients, so it’s both character-less and busy.

1

nrc @ncameron.org · 5d

Liquid Glass review: the overall look is nice, some of the effects and layering need more polish, way too many animations and flashes and they feel too attention grabbing. Overall feels like a good idea but needs another few months of iteration

1 1

nrc @ncameron.org · 7d

That's a good idea!

nrc @ncameron.org · 7d

Heh, no it's exactly the sort of thing one should use. What I meant was that I was looking for something which might appear in real code one would write outside of a benchmark

1 1

nrc @ncameron.org · 7d

I was trying to do it without 'cheating', black_box does work, but I can't find anything else which does

1

nrc @ncameron.org · 8d

Surprisingly difficult to trick the Rust compiler into not eliding bound checks in a micro-benchmark (even more so in a way which isn't nullified by the CPU's branch prediction)

1 6

nrc @ncameron.org · 8d

I have availability for Rust consulting or coaching. More details soon, and yep my website needs updating. But if you're considering adopting Rust, want your team to use Rust more effectively, or need a drop-in staff engineer, get in touch!

9 19

nrc @ncameron.org · 8d

And I bet people are thinking about how to do a targeted attack. And I bet it will be possible some how

nrc @ncameron.org · 8d

I’ve been thinking a bit about supply chain security, but honestly the equivalent risk from ai seems so much worse. The equivalent of an SBOM is impossible, any concept of trust feels impossible. Like a targeted attack seems really difficult, but a fuck up feels guaranteed

3 6

nrc @ncameron.org · 8d

Hope it’s a great week!

1