> The first is that the format isn't really parseable without using a schema, unlike (say) XML or JSON.
You can parse DER perfectly well without a schema, it's a self-describing format. ASN.1 definitions give you shape enforcement, but any valid DER stream can be turned into an internal representation even if you don't know the intended structure ahead of time.
rust-asn1[1] is a nice demonstration of this: you can deserialize into a structure if you know your structure AOT, or you can deserialize into the equivalent of a "value" wrapper that enumerates/enforces all valid encodings.
> which is that this ends up being complex enough that basically every attempt to do so is full of memory safety issues.
Sort of -- DER gets a bad rap for two reasons:
1. OpenSSL had (has?) an exceptionally bad and permissive implementation of a DER parser/serializer.
2. Because of OpenSSL's dominance, a lot of "DER" in the wild was really a mixture of DER and BER. This has caused an absolutely obscene amount of pain in PKI standards, which is why just about every modern PKI standard that uses ASN.1 bends over backwards to emphasize that all encodings must be DER and not BER.
(2) in particular is pernicious: the public Web PKI has successfully extirpated BER, but it still skulks around in private PKIs and more neglected corners of the Internet (like RFC 3161 TSAs) because of a long tail of OpenSSL (and other misbehaving implementation) usage.
Overall, DER itself is a mostly normal looking TLV encoding; it's not meaningfully more complicated than Protobuf or any other serialization form. The problem is that it gets mashed together with BER, and it has a legacy of buggy implementations. The latter is IMO more of a byproduct of ASN.1's era -- if Protobuf were invented in 1984, I imagine we'd see the same long tail of buggy parsers regardless of the quality of the design itself.
Rehashing some of what's been said and adding to it:
A nuclear chain reaction occurs where more neutrons enter into a fissible mass than leave it, where those neutrons trigger additional fission events.
"Criticality" is the point at which that neutron emission is just balanced: the same number are added as are consumed. This is often fairly stable, and can be further controlled with moderating systems (e.g., control rods, circulating water, or neutron reflectors which increase neutron flow). There's also the matter of "prompt" vs. "delayed" neutrons. The first, prompt neutrons, are emitted immediately following a fission event, the latter occur after some delay, from milliseconds to minutes or longer. The ratio of prompt to delayed neutrons also matters in controlling a nuclear reaction.
A nuclear reaction at criticality is not a bomb, at least not necessarily. What it is however is sustained, which is to say that the nuclear reaction will continue unless circumstances change.
A nuclear bomb, and specifically a fission bomb, requires not only a critical mass but a supercritical one, with a large amount of the material going critical at once. The challenge for the engineer is that nuclear reactions release so much energy that the explosive material itself can be blown apart before enough of it has time to react. So the trick is to transition between subcritical and supercritical masses quickly.
For Uranium-235, the reaction is slow enough that a "bullet-style" design is sufficient. A supercritical mass is arranged in two pieces, which are separated until detonation is desired, at which point one (usually smaller) mass is shot into the other, like a bullet down a gun-barrel. Plutonium-239 is so fissile that this would result in premature criticality and only a small fraction of the material would fission before being blown apart. Instead, an implosion design is used, in which a subcritical mass of plutonium is surrounded by explosive charges which, when detonated, compress the core sufficiently that it does achieve criticality, and the much larger nuclear explosion follows.
The Uranium bullet-style device was considered sufficiently reliable that it was not tested. The Hiroshima bombing was the first detonation of this style of weapon. The Trinity test was to confirm the theory of a plutonium implosion-style design, and Nagasaki saw the second explosion of such a weapon.
In the case of the Hiroshima (uranium) bomb, about 1 g of matter was converted to energy, and about 660 g of a total fissile mass of ~51 kg actually reacted, or about 1.3% of the total mass. Essentially the bomb was already coming apart before any more material could engage in fission. See: <https://old.reddit.com/r/askscience/comments/1546rcv/why_did...>
I believe values are about the same for the Nagasaki weapon.
It's in fact very common to microcode instructions at early iterations of an arch. https://uops.info/table.html is a nice place if certain instructions being slow brings joy to your life.
"Intel added AVX512-VP2INTERSECT to Tiger Lake. But it was really slow. (microcoded ~25 cycles/46 uops)
It was so slow that someone found a better way to implement its functionality without using the instruction itself.
Intel deprecates the instruction and removes it from all processors after Tiger Lake. (ignoring the fact that early Alder Lake unofficially also had it)
AMD adds it to Zen5.
So just as Intel kills off VP2INTERSECT, AMD shows up with it. Needless to say, Zen5 had probably already taped out by the time Intel deprecated the instruction. So VP2INTERSECT made it into Zen5's design and wasn't going to be removed.
But how good is AMD's implementation? Let's look at AIDA64's dumps for Granite Ridge:
There's an easy fix for that. You tell the government how much it is worth for tax purposes. If the government thinks you have underestimated it they reserve the right to buy it at that price.
Nothing here is something that could not be done in other languages. For example in Rust auditing this kind of supply chain attack is even more nightmarish if the project uses crates, as crates often are very small causing the "npm effect".
Another good example is docker images. The way people often build docker images is not that they are build all the way from the bottom. The bottom layer(s) is/are often some arbitrary image from arbitrary source which causes a huge supply chain attack risk.
You had a strong first paragraph, but your second is going too far. A Pixel 6a is $349 and supported until 2027. A galaxy A15 is $175 and supported until the end of 2028 or early 2029. The full feature updates don't go quite as far, but they're still offered for multiple years into the future.
Since Adobe is pushing a more aggressive stance for monetization of Acrobat, I am trying to replace selected PDF workflows with OSS. Here are some of the tools I use.
qpdf
removing passwords, unlocking PDFs, conversion
install in WSL with apt-get install qpdf
remove password with qpdf --decrypt --password="" input.pdf output.pdf
PDF4QT - Open Source PDF Editing
Deleting, Sorting, Extracting Pages
Currently, no choco release available, must be installed manually from PDF4QT/releases
Inkscape, LibreOffice Draw
editing PDFs, adding text
Mupdf
Command line tool and Python package for parsing, filling forms, adding text
SumatraPDF
Viewing of PDFs
pdfplumber
Awesome python package to extract tables from PDFs into data pipelines. Use with Jupyter Lab
>Not only there is sequential array in both the language, it is very often used
In Java only primitive arrays are memory-efficient for iteration; ArrayLists are not because every element is boxed, so even when iterating sequentially a lookup of some random memory address is needed for every element.
They don't need to ask for any backdoor, there are existing solutions already like Pegasus. It was recently used by Polish government ruling party to spy on opposition under the pretense of looking for 'Russian spies'. Considering our not-very-smart government managed to get it, I can bet people who are actually qualified can do much more already.
This was not explicitly addressed in the post, but the big "Kafka antipattern" out there is building "microservice infrastructure" and using a stateful message broker between services where you should be using RPC/look-aside load balancing with deadlines and retries.
Some morons even write books and blog posts about this. The funny thing is this sort of shit is done in the name of scale, but the big folks never operate this way. Large scale infrastructures actively disdain keeping buffers and state in the middle of the request flow. They cannot afford the cost and latency of such systems. They do it the sane way[1].
Microsoft actually has a guide for manual partitioning, which this guide does not follow. [1] The Microsoft guide cleans the whole disk and ensures the 100MB EFI partition is before the 16MB MSR partition.
tl;dr: the server doesn't support that header, but since the response does include a Last-Modified header, curl helpfully aborts the transfer if the Last-Modified date is the same as the mtime of the previously downloaded file.
/tmp> # be kind to the server and only download the file if it's updated
/tmp> curl -s -o /tmp/euro.zip -z /tmp/euro.zip https://www.ecb.europa.eu/stats/eurofxref/eurofxref-hist.zip
/tmp> unzip -p /tmp/euro.zip | from csv | select Date USD | sort-by USD | first
╭──────┬────────────╮
│ Date │ 2000-10-26 │
│ USD │ 0.83 │
╰──────┴────────────╯
(I removed the pipe to gunzip because 1. gunzip doesn't work like that on mac and 2. it's not something you should expect to work anyway, zip files often won't work like that, they're a container and their unzip can't normally be streamed)
this article is full of embarrassing errors betraying a level of ignorance i find astounding in someone writing a newspaper article on the topic; apparently the author couldn't be bothered to read even the introductions to the wikipedia articles on the things they were writing about
— ⁂ —
nyt on the history of paper money:
> in 1723, he got to witness the beginning of a risky new experiment: Pennsylvania had just begun printing words on paper and calling it money. (...) Several colonies began printing bits of paper to stand in for coins, stating that within a certain time period, they could be used locally as currency. The system worked, but haltingly, the colonies soon discovered. Print too many bills, and the money became worthless. And counterfeiters often found the bills easy to copy, devaluing the real stuff with a flood of fakes
those courageous pioneers! how exciting to try such daring innovations, so they would be among the first to discover new problems like paper-money inflation and paper-money counterfeiting!
wp on the history of paper money:
> The first banknote-type instrument was used in China in the 7th century, during the Tang dynasty (618–907). Merchants would issue what are today called promissory notes in the form of receipts of deposit to wholesalers to avoid using the heavy bulk of copper coinage in large commercial transactions. (...) True paper money, called "jiaozi", developed from these promissory notes by the 11th century, during the Song dynasty.[20][21] By 960, the Song government was short of copper for striking coins, and issued the first generally circulating notes. (...) The geographic limitation changed between 1265 and 1274, when the late southern Song government issued a nationwide paper currency standard, which was backed by gold or silver.[15] The range of varying values for these banknotes was perhaps from one string of cash to one hundred at the most.[15] Ever after 1107, the government printed money in no less than six ink colors and printed notes with intricate designs and sometimes even with mixture of a unique fiber in the paper to combat counterfeiting.
oh but maybe franklin didn't know about this thousand-year-long history because it was on the opposite side of the world so it was actually a new experiment for him?
> The founder of the Yuan dynasty, Kublai Khan, issued paper money known as Jiaochao. The original notes were restricted by area and duration, as in the Song dynasty, but in the later years, facing massive shortages of specie to fund their rule, the paper money began to be issued without restrictions on duration. Venetian merchants were impressed by the fact that the Chinese paper money was guaranteed by the State.
okay but maybe the venetian merchants hadn't written accounts of this that franklin had read?
> In the 13th century, Chinese paper money of Mongol Yuan became known in Europe through the accounts of travelers, such as Marco Polo and William of Rubruck.[16][27] Marco Polo's account of paper money during the Yuan dynasty is the subject of a chapter of his book, The Travels of Marco Polo, titled "How the Great Kaan Causeth the Bark of Trees, Made into Something Like Paper, to Pass for Money All Over his Country".[17]
okay but surely in england and the rest of europe this was just a tale of odd foreign customs, not something commonly done in franklin's own time in london, where he'd served his apprenticeship?
> The shift toward the use of these receipts as a means of payment took place in the mid-17th century, as the price revolution, when relatively rapid gold inflation was causing a re-assessment of how money worked. The goldsmith bankers of London began to give out the receipts as payable to the bearer of the document rather than the original depositor. This meant that the note could be used as currency based on the security of the goldsmith, not the account holder of the goldsmith-banker.[30]
okay, so private goldsmiths issued banknotes, but surely at least it wasn't a common practice for state banks to issue banknotes, at least before 01723?
> The first bank to initiate the permanent issue of banknotes was the Bank of England. Established in 1694 to raise money for the funding of the war against France, the bank began issuing notes in 1695 with the promise to pay the bearer the value of the note on demand. They were initially handwritten to a precise amount and issued on deposit or as a loan. There was a gradual move toward the issuance of fixed denomination notes, and by 1745, standardized printed notes ranging from £20 to £1,000 were being printed.
how about the inflation problem from over-printing?
> The first short-lived attempt at issuing banknotes by a central bank was in 1661 by Stockholms Banco, a predecessor of Sweden's central bank Sveriges Riksbank.[33] These replaced the copper-plates being used instead as a means of payment.[34] (...) Three years later, the bank went bankrupt, after rapidly increasing the artificial money supply through the large-scale printing of paper money.
well, maybe at least paper-money hyperinflation was a new problem in the 01600s and 01700s?
> Jiaozi (Chinese: 交子) was a form of promissory note which appeared around the 11th century in the Sichuan capital of Chengdu, China. Numismatists regard it as the first paper money in history, a development of the Chinese Song Dynasty (960–1279 CE). (...) Generally the lower the denominations of the Jiaozi the more popular they became, and as the government was initially unable to properly regulate their production, their existence eventually led to undesirably high rates of inflation.
> Franklin’s paper money contains flecks of mica, also known as muscovite or isinglass. (...) The Philadelphia area is notable for its schist, a flaky mineral that contains mica
okay so mica is the same thing as muscovite?
wp on mineralogy:
> Micas (/ˈmaɪkəz/ MY-kəz) are a group of silicate minerals (...) The mica group is composed of 37 phyllosilicate minerals. (...) The commercially important micas are muscovite and phlogopite, which are used in a variety of applications.
> Schist (/ˈʃɪst/ SHIST) is a medium-grained metamorphic rock showing pronounced schistosity. This means that the rock is composed of mineral grains easily seen with a low-power hand lens, oriented in such a way that the rock is easily split into thin flakes or plates. This texture reflects a high content of platy minerals, such as micas, talc, chlorite, or graphite. These are often interleaved with more granular minerals, such as feldspar or quartz.
well, okay, so it's a rock. minerals are the same thing as rocks, right?
> Rocks are composed primarily of grains of minerals, which are crystalline solids formed from atoms chemically bonded into an orderly structure.[4]: 3 Some rocks also contain mineraloids, which are rigid, mineral-like substances, such as volcanic glass,[5]: 55, 79 that lacks crystalline structure. The types and abundance of minerals in a rock are determined by the manner in which it was formed.
this sort of thing makes me think wp should stop allowing citations to the nyt as a 'reliable source'
it's tempting to blame the article's author, veronique greenwood, for this remarkable degree of unconcern for truthfulness; but the phenomenon of greater concern is not that a single summer intern didn't care whether what they wrote was correct or not, but that the nyt as an institution put her in the position of writing for the newspaper of record and did, seemingly, no fact-checking whatsoever. what does that imply for issues where we can't just look up the original paper, a wikipedia article, or a mineralogy textbook to find the nyt's factual errors? issues like public policy positions of politicians, for example, or information provided by anonymous sources, or original reporting by war correspondents?
(this is a separate issue from institutionalized invasions of privacy like cade metz's doxing of scott alexander at the nyt, gawker's outing of peter thiel and revenge-porning of hulk hogan, and vice's quasi-outing of naomi wu; the issue there is not the falsehood of the information published)
Nate Silver has been blatantly wrong several times during COVID, has been schooled by actual scientists and is now on a personal vendetta against them.
He is ready to fan the flames of science-bashing because his fragile yet enormuous ego has been hurt. That tells all that you need to know about him. (Don't believe me? He has never apologised nor shown a little bit of humility after being corrected. That's who he is.)
There are a number of scans I've come across on archive.org where the person uploading has used jbig2 and there are pages where letters like 'e' get swapped for an 's'.
My general rule when creating pdfs with scans is: If it's mostly text or line drawings and it will be used in a professional setting use png/flate. If it's a photo use jpg (especially if the source is a jpg).
Many major browsers expect CT, and won't accept a certificate from a default CA without it being in CT. Therefore it matters a little less whether such a certificate can be issued, but rather whether it can be accepted by a browser (which many popular ones won't). And therefore it will become relatively noisy and detectable if such a certificate is deployed at any sense of scale.
In essence, a cryptographic proof that the certificate was sent to CT providers needs to be enclosed along with the certificate. That can come via an OSCP staple, or a TLS extension.
The Thorlabs kit looks like a very decent Michelson interferometer that can be used for a lot of demonstrations such as measuring wavelengths and studying the coherence properties of light sources.
However, repeating the Michelson-Morley experiment is not easy since the expected signal is very small. If there was a stationary aether, the relative length difference for the optical path along the earth's motion compared to the path perpendicular would be (v/c)^2 ≈ 1E-8, where v is the orbital velocity of earth (3E4 m/s), and c is the speed of light (3E8 m/s). The arm length of the Thorlabs kit is just a few cm, so the shift would be on the order of one nm, or one five-hundreth of a (green) wavelength. Thermal drifts and vibrations of optics on a typical optical table are much larger than that, especially when trying to rotate the setup. Michelson and Morley achieved the necessary stability by constructing their interferometer on a solid stone slab, and made a near-frictionless bearing by floating it on mercury. The resulting stability is still impressive by modern standards, but the construction technique is not very practical. Nowadays, large and passively stable optics setups (for example telescope mirrors or laser gyros) are usually made from massive pieces of Zerodur which has near-zero thermal expansion.
There is no way you could repeat the Michelson-Morley experiment with that small and floppy Thorlabs EDU kit. The experiment from 1887 had an arm length of 11 m and was interferometrically stable (typical length fluctuations much smaller than the wavelength) while rotating. That would still be a considerable engineering challenge today.
Modern Michelson-Morley experiments [1, 2] don't use Michelson interferometers anymore. Instead, they compare the lengths of crossed ultrastable high-finesse cavities (in vacuum, of course). The big innovation is that, with lasers and electronics, we can measure the cavity resonance frequencies (and therefore also the cavity lengths) to something like 15 digits of accuracy. This corresponds to less than a tenth of the diameter of a Proton, and is something like 100 million times more accurate than you can achieve with a simple Michelson interferometer.
> until you realize you have to build a datacenter yourself
Have you never heard of a colo? Rent 1-2 racks in one of those. And you probably won't need more than 1-2 racks because that's what Stack Overflow runs on.
One guy bought over 4 thousands LED lamps over years, meticulously measured their actual specs and made a huge online catalog https://lamptest.ru/
I follow his project a bit and it looks like consumers are really at loss. Generally there is no reliable way to choose a good led lamp without consulting such catalog. Lamps packaging often lies about actual specs, lamps with the same packaging but manufactured in different years might have different quality etc
It's unfortunately not self-compiling, but has a structure which is very reminiscent of C4 --- another tiny C-subset compiler + stack-based VM which is self-compiling:
You can parse DER perfectly well without a schema, it's a self-describing format. ASN.1 definitions give you shape enforcement, but any valid DER stream can be turned into an internal representation even if you don't know the intended structure ahead of time.
rust-asn1[1] is a nice demonstration of this: you can deserialize into a structure if you know your structure AOT, or you can deserialize into the equivalent of a "value" wrapper that enumerates/enforces all valid encodings.
> which is that this ends up being complex enough that basically every attempt to do so is full of memory safety issues.
Sort of -- DER gets a bad rap for two reasons:
1. OpenSSL had (has?) an exceptionally bad and permissive implementation of a DER parser/serializer.
2. Because of OpenSSL's dominance, a lot of "DER" in the wild was really a mixture of DER and BER. This has caused an absolutely obscene amount of pain in PKI standards, which is why just about every modern PKI standard that uses ASN.1 bends over backwards to emphasize that all encodings must be DER and not BER.
(2) in particular is pernicious: the public Web PKI has successfully extirpated BER, but it still skulks around in private PKIs and more neglected corners of the Internet (like RFC 3161 TSAs) because of a long tail of OpenSSL (and other misbehaving implementation) usage.
Overall, DER itself is a mostly normal looking TLV encoding; it's not meaningfully more complicated than Protobuf or any other serialization form. The problem is that it gets mashed together with BER, and it has a legacy of buggy implementations. The latter is IMO more of a byproduct of ASN.1's era -- if Protobuf were invented in 1984, I imagine we'd see the same long tail of buggy parsers regardless of the quality of the design itself.