shivak's comments

A DC busbar can propagate a short circuit across the rack, and DC circuit protection is harder than AC. So of course each server now needs its own current limiter, or a cheap fuse.

But I’m not debating the merits of this engineering tradeoff - which seems fine, and pretty widely adopted - just its advertisement. The healthcare industry understands the importance of assessing clinical endpoints (like mortality) rather than surrogate measures (like lab results). Whenever we replace “legacy” with “cloud”, it’d be nice to estimate the change in TCO.

> > The power shelf distributes DC power up and down the rack via a bus bar. This eliminates the 70 total AC power supplies found in an equivalent legacy server rack within 32 servers, two top-of-rack switches, and one out-of-band switch, each with two AC power supplies

This creates a single point of failure, trading robustness for efficiency. There's nothing wrong with that, but software/ops might have to accommodate by making the opposite tradeoff. In general, the cost savings advertised by cloud infrastructure should be more holistic.

I guess we expected a marvelous interplay of hardware and software, but all we got was fudged numbers.

As you noted, Apple's fsync() behavior is defensible if PLP is assumed. Committing through the PLP cache isn't how these drives are meant to operate - hence the poor behavior of F_FULLSYNC.

But this isn't specific to Macs and iDevices. Some non-PLP drives also struggle with sync writes on FreeBSD [1]. Most enterprises running RDBMS mandate PLP for both performance and reliability. I understand why this is frustrating for porting Linux, but Apple is allowed to make strong assumptions about how their hardware interoperates.

[1] https://www.truenas.com/community/threads/slog-and-power-los...

The first problem is rendering within the guest. If you only have one GPU, then GVT-g [1] virtualizes it with just a bit of overhead. But it's Intel only.

The second problem is getting those pixels onto your screen in the host. SPICE is not as fast as Looking Glass [2], which sets up a shared memory buffer between the host and guest. This has acceptable performance even for modern games.

The OP doesn't seem to utilize these techniques, so I don't think it can plausibly claim to have the fastest configuration - at least not yet.

[1] https://wiki.archlinux.org/title/Intel_GVT-g

[2] https://looking-glass.io

Those images are hashed, not transmitted in original format. On top of that, PSI prevents you from learning those hashes, or how many there are. So you can’t tell if the database contains the hash of, say, tank-man.jpg.

I understand why this shielding is necessary for the system to work. My point is the crypto is being used to protect law enforcement, not the user.

> recruited mathematicians to analyze it, and published the results, as well as one in-house proof and one independent proof showing the cryptographic integrity of the system.

Apple employs cryptographers, but they are not necessarily acting in your interest. Case in point: their use of private set intersection, to preserve privacy..of law enforcement, not users. Their less technical summary:

> Instead of scanning images in the cloud, the system performs on-device matching using a database of known CSAM image hashes provided by NCMEC and other child safety organizations. Apple further transforms this database into an unreadable set of hashes that is securely stored on users’ devices.

> Before an image is stored in iCloud Photos, an on-device matching process is performed for that image against the known CSAM hashes. This matching process is powered by a cryptographic technology called private set intersection..

The matching is performed on device, so the user’s privacy isn’t at stake. But, thanks to PSI and the hash preprocessing, the user doesn’t know what law enforcement is looking for.

Compiling and installing large amounts of system software, a la `emerge world` or `make buildworld`, is great exposure to many system components. `make menuconfig` introduces one to various features of the Linux kernel, and yes, even a humble `./configure` illustrates how the software in question depends on libraries and hardware. I wouldn't casually dismiss the educational value of these experiences, nor the curiosity of those partaking. They're certainly more expository than the digests displayed in a `docker pull`.

I think that’s mitigated by the physical button one has to press every time something is signed.

I’m not sure if the restriction to authentication has substantially simplified the WebAuthn API. The restriction is caused by a speed optimization, not design simplification. If the actual payload was sent to the authenticator, rather than just its hash due to bandwidth limitations, then it seems like the API could be used for signing messages, not just authentication. I do agree that the user interfaces surrounding the APIs will be simpler due to the focus on authentication.

I hoped WebAuthn would allow such general-purpose use of security devices. Unfortunately, in the spec: "To save bandwidth and processing requirements on the authenticator, the client hashes the client data and sends only the result to the authenticator. The authenticator signs over the combination of the hash of the serialized client data, and its own authenticator data." [1]

So, in the foreseeable future on the web, the devices are useful just for authentication.

[1] https://w3c.github.io/webauthn/

He struggled deeply with alcoholism, but the cause of his death has not been announced.

I disagree thoroughly. I've been to both Harvard and CMU, and assisted classes at the latter. CMU SCS undergrads work much harder than Harvard undergrads, and their work is more honest.

Actually, CMU students are perhaps a bit too isolated. This leads to some academic stratification, because the smart kids hang out with one another. There is less support and camaraderie. Lots of promising students struggle at SCS and drop out. The attrition rate, not cheating, is actually the primary academic concern.

Harvard is at the other extreme. The stratification isn't academic, it's social (via finals clubs and such.) Everyone collaborates. There are two common practices I find especially distasteful. Harvard has a very long, class-free study period right before exams. Also, Harvard provides students with Adderall at no cost with essentially no questions asked. A lot of students blow off the assignments then cram with loads of amphetamines. They're smart, so they succeed, but they don't really learn anything.

Yes, but the reason why is not exactly the same. That point is lost on Krugman, who equates gold and Bitcoin on that basis.

His description of Bitcoin is technically incorrect. As described in the original Bitcoin paper, workers are not necessarily "miners" and may be funded by transaction fees.

Bitcoin isn't susceptible to hoarding because, unlike gold, it has no intrinsic value. An alternative explanation for the rise in value: the Bitcoin ecosystem is under heavy development. The value of Bitcoins is possibly soaring in anticipation of this infrastructure i.e. its utility as a currency.

I wouldn't rely on Krugman's blog for serious analysis.