Oxide and Friends cover image

Oxide and Friends

Latest episodes

undefined
May 9, 2023 • 1h 39min

The Network Behind the Network

Bryan and Adam are joined by Oxide colleagues Arjen, Matt, John, and Nathaneal to talk about the management network--the brainstem of the Oxide Rack. Just as it ties together so many components, this episode ties together many many (many!) topics we've discussed in other episodes.We've been hosting a live show weekly on Mondays at 5p for about an hour, and recording them all; here is the recording from May 8th 2023.In addition to Bryan Cantrill and Adam Leventhal, we were joined by Oxide colleagues Arjen Roodselaar, Matt Keeter, John Gallagher, and Nathanael Huffman.This built on work described in many previous episodes:Cabling the Backplane Prior to going all-in on a cabled backplane with blind-mated server sleds (i.e. no plugging, unplugging, mis-plugging network cables). We (Bryan) espoused an "NC-SI or bust" mantra... at least in part to avoid doubling the cable count. With the cabled backplane, the reasons for NC-SI disappeared (which let the many reasons against truly shine).The Pragmatism of Hubris in which we talk about our embedded operating system, Hubris (and it's companion debugger, Humility). Hubris runs on the service processors that are the main endpoints on the management network. Matt's work controlling the management network switch (the VSC7448) is in the context of Hubris, as is John's work communicating with the sleds over the management network.The Power of Proto Boards showed and told about the many small boards we've used in development. Several of those were purpose built for controlling and simulating parts of the management network.The Oxide Supply Chain Kate Hicks joined us to talk about the challenges of navigating the supply chain. Mentioned here in the context of "supply-chain-driven design": we designed around the parts we could procure! Tip: stay away from "automotive-quality" parts when the auto industry is soaking them all up.Holistic Boot in which we talked about how (uniquely!) Oxide boots from nothing to its operating system and services. Over the management network, we can drive server recovery by piping in a RAMdisk over the network and then (slowly) through the UART to the CPU.Get You a State Machine for Great Good Andrew joined us to talk about his work on a state-machine driven text-UI and its companion replay debugger. We mentioned this in the context of John replaying the long upload process in seconds rather than hours to fix a UI bug.Major components of the management networkMatt's VSC7448 dev kitMatt's remote tuning setup via webcamManagement network debuggingManagement network debugging
undefined
May 2, 2023 • 1h 41min

Blue Skies Over Mastodon (with Erin Kissane and Tim Bray)

Erin Kissane joins Bryan and Adam to talk the new social network "Bluesky" through the lens of her blog post "Blue Skies Over Mastodon". Long-time friends of Oxide and social-media aficionados Time Bray and Steve Klabnik also helped shed light on technical and social aspects of the net network.Blue Skies Over Mastodon (with Erin Kissane and Tim Bray)We've been hosting a live show weekly on Mondays at 5p for about an hour, and recording them all; here is the recording from May 1st, 2023.In addition to Bryan Cantrill and Adam Leventhal, we were joined by special guest Erin Kissane and long-time acquaintances of the show Tim Bray and Steve Klabnik.Some of the topics we hit on, in the order that we hit them:Erin's blog post Blue Skies Over MastodonMastodon blog (5/1) A new onboarding experience on Mastodon]Tim's blog post from November Bye Twitter"Buy the rumor, sell the news"Hellthread"Skeet" is to "Tweet" is to "Toot" (aka "Publish")skyline.gayBluesky blog Composable ModerationLobstersPhanpySo you've been publically shamed by Jon RonsonIf we got something wrong or missed something, please file a PR! Our next show will likely be on Monday at 5p Pacific Time on our Discord server; stay tuned to our Mastodon feeds for details, or subscribe to this calendar. We'd love to have you join us, as we always love to hear from new speakers!
undefined
Apr 18, 2023 • 1h 22min

Rust Trademark: Argle-bargle or Foofaraw?

The Rust Foundation caused a fracas with their proposed new trademark rules. Bryan and Adam were lucky enough to be joined by Ashley Williams, Adam Jacob, and Steve Klabnik for an insightful discussion of open source governance and communities--in particular as applied to Rust.Rust Trademark: Argle-bargle or Foofaraw?We've been hosting a live show weekly on Mondays at 5p for about an hour, and recording them all; here is the recording from April 17th, 2023.In addition to Bryan Cantrill and Adam Leventhal, we were joined by Ashley Williams, Adam Jacob, and Steve Klabnik.Some of the topics we hit on, in the order that we hit them:SuccessionThe Simpsons (explaining the title of this episode)The WireThe Wire at 20 PodcastThe Register: Rust Foundation Apologizes for Trademark PolicyJomboy (our aspiration)Ice WeaselPamela ChestekBryan's talk from Node Summit 2017: Platform as a Reflection of ValuesLinux Foundation form 990Rust Foundation BoardRust Foundation participation rulesIf we got something wrong or missed something, please file a PR! Our next show will likely be on Monday at 5p Pacific Time on our Discord server; stay tuned to our Mastodon feeds for details, or subscribe to this calendar. We'd love to have you join us, as we always love to hear from new speakers!
undefined
Apr 4, 2023 • 1h 1min

Cabling the Backplane

Bryan and Adam are joined by Doug Wibben and Robert Keith to talk about the mechanical design of the cabled backplane of the Oxide rack that allows for "blind-mated" server sleds--no network and power cables to plug, unplug, and mis-plug! Watch the chapter art for relevant pictures.We've been hosting a live show weekly on Mondays at 5p for about an hour, and recording them all; here is the recording from April 3rd, 2023.In addition to Bryan Cantrill and Adam Leventhal, we were joined by Oxide colleague, Robert Keith, and special guest, Doug Wibben.00:00 03:02 09:52 11:09 12:16 12:58 ...
undefined
Mar 28, 2023 • 1h 8min

Get You a State Machine for Great Good

Andrew Stone of Oxide Engineering joined Bryan, Adam, and the Oxide Friends to talk about his purpose-built, replay debugger for the Oxide setup textual UI. Andrew borrowed a technique from his extensive work with distributed systems to built a UI that was well-structured... and highly amenable to debuggability. He built a custom debugger "in a weekend"!Some of the topics we hit on, in the order that we hit them:tui-rsCrosstermThe reedline crateEpisode about the "Sidecar" switchElm time-travel debuggingReplay.ioDevtools.fm episode on Replay.ioAADEBUG conferenceCalifornia horse meat lawThe (lightly) edited live chat from the show:MattCampbell: I'm gathering that this is more like the fancy pseudo-GUI style of TUI, which is possibly bad for accessibilityahl: we are also building with accessibility in mind, stripping away some of the non-textual elements optionallyMattCampbell: oh, coolahl: Episode about the "Sidecar" switch: https://github.com/oxidecomputer/oxide-and-friends/blob/master/2021_11_29.mdMattCampbell: ooh! That kind of recording is definitely better for accessibility than a video.uwaces: Were you inspired by Elm? (The programming language for web browsers?)bcantrill: Here's Andrew's PR for this, FWIW: oxidecomputer/omicron#2682uwaces: Elm has a very similar model. They have even had a debugger that let you run events in reverse: https://elm-lang.org/news/time-travel-made-easybch: I’m joining late - 1) does this state-machine replay model have a name 2) expand on (describe ) the I/o logic separation distinction?ahl: http://dtrace.org/blogs/ahl/2015/06/22/first-rust-program-pain/zk: RE: logic separation in consensus protocols: the benefit of seperating out the state machine into a side-effect free function allows you to write a formally verified implementation in a pure FP lang or theorem prover, and then extract a reference program from the proof.we're going to the zoo: lol i’m a web dev && we do UI tests via StorybookJS + snapshots of each story + snapshots of the end state of an interactionig: At that point you could turn the recording into an “expect test”. https://blog.janestreet.com/the-joy-of-expect-tests/we're going to the zoo: TOFU but for tests 🥰uwaces: Are you at all worried that you are replicating the horror that is the IBM 3270 terminal? — I have personal history programming on z/OS where the only interface is a graphical EBCDIC 3027 interface — the horror is that people write programs to interact with graphical window (assuming a certain size).ahl: https://docs.rs/serde/latest/serde/#data-formatsahl: SHOW NOTES Bryan as "semi-elderly" engineerMattCampbell: didn't Bryan write a blog post on this?MattCampbell: http://dtrace.org/blogs/bmc/2008/11/16/on-modalities-and-misadventures/uwaces: https://www.replay.ioahl: https://devtools.fm/episode/9ahl: e.g. https://altsysrq.github.io/proptest-book/intro.htmlwe're going to the zoo: https://github.com/AFLplusplus/LibAFLig: Are you using proptest, quickcheck, or something else?nickik: This really started with Haskell https://hackage.haskell.org/package/QuickCheck Its also cool that it does 'narrowing' meaning it will try to find an error, and then try to generate a simpler error case.endigma: how different is something like this from what go calls "fuzzing"Riking: Fuzzing does also have a minimization stepwe're going to the zoo: https://github.com/dubzzz/fast-checkRiking: Property-based testing tends to be structured differently in philosophy, while fuzzers are more aligned to "give you a bag of bytes"nickik: http://www.quviq.com/products/erlang-quickcheck/endigma: yeah I can tell its a different structure, but the overall goal seems similarwe're going to the zoo: they are nonexclusive approaches to testingpapertigers: I think Kelly was doing a bunch of tests at Joyent based on quick check and prop test. First time I encountered itwe're going to the zoo: libafl provides a #[derive(Arbitrary)] macro that will provide the correct values for a structuwaces: Lots of stuff in Rust existed first in Haskell (build.rs, quote!, Derive macros, Traits, ect….)…nixinator: https://tenor.com/view/%C3%B3culos-escuro-exterminador-terminator-arnold-schwarzenegger-gif-14440790we're going to the zoo: “what do these means” depends on who you ask lolwe're going to the zoo: fast-check is 🔥 for TypeScriptendigma: if the tested function is deterministic and the test is testing arbitrary input and testing against the result to be derivative in some way of the input function by some f(x), don't you end up re-implementing the tested function to provide the expected result? how does the author choose what properties of a system to test without falling into a "testing the test" pit?we're going to the zoo: Rust: “Here comes the Haskell plane!”nixinator: Isn’t rust == oxidationendigma: yesendigma: in a scientific sensenixinator: Iron oxide 🙂 lolnixinator: Very good!GeneralShaw: Is prop test a way of formal verification? Is it same/different?ahl: https://dl.acm.org/conference/aadebugig: I mean, Haskell is an academic rese...
undefined
Mar 21, 2023 • 1h 39min

Does a GPT future need software engineers?

Bryan and Adam and the Oxide Friends take on GPT and its implications for software engineering. Many aspiring programmers are concerned that the future of the profession is in jeopardy. Spoiler: the Oxide Friends see a bright future for human/GPT collaboration in software engineering.We've been hosting a live show weekly on Mondays at 5p for about an hour, and recording them all; here is the recording from March 20th, 2023.In addition to Bryan Cantrill and Adam Leventhal, speakers on MM DD included Josh Clulow, Keith Adams, Ashley Williams, and others. (Did we miss your name and/or get it wrong? Drop a PR!)Live chat from the show (lightly edited):ahl: John Carmack's tweetahl: ...and the discussionWizord: https://twitter.com/balajis/status/1636797265317867520 (the $1M bet on BTC, I take)dataphract: "prompt engineering" as in "social engineering" rather than "civil engineering"Grevian: I was surprised at how challenging getting good prompts could be, even if I wouldn't quite label it engineeringTronDD: https://www.aiweirdness.com/search-or-fabrication/MattCampbell: I tested ChatGPT in an area where I have domain expertise, and it got it very wrong.TronDD: Also interesting https://www.youtube.com/watch?v=jPhJbKBuNnAWizord: the question is, when will it be in competition with people?Wizord: copilot also can review code and find bugs if you ask it in a right wayag_dubs: i suspect that a new job will be building tools that help make training sets better and i strongly suspect that will be a programming job. ai will need tools and data and content and there's just a whole bunch of jobs to build tools for AI instead of peopleWizord: re "reading manual and writing DTrace scripts" I think it's possible, if done with a large enough token window.Wizord: (there are already examples of GPT debugging code, although trivial ones)flaviusb: The chat here is really interesting to me, as it seems to miss the point of the thing. ChatGPT does not and can not ever 'actually work' - and whether it works is kind of irrelevant. Like, the Jaquard Looms and Numerical Control for machining did not 'work', but that didn't stop the roll out.Columbus: Maybe it has read the dtrace manual 😉JustinAzoff: I work with a "long tail" language, and chatgpt sure is good at generating code that LOOKS like it might work, but is usually completely wrongclairegiordano: Some definite fans of DTrace on this showag_dubs: a thing i want to chat about is how GPT can affect the "pace" of software developmentsudomateo: I also think it's a lot less than 100% of engineers that engage in code review.Wizord: yes, I've had some good experience with using copilot for code reviewag_dubs: chatgpt is good at things that are already established... its not good at new things, or things that were just publishedWizord: very few people I know use it for the purpose of comments/docs. just pure codegen/boilerplayeschadbrewbaker: "How would you write a process tree with dtrace?" (ChatGPT4)#!/usr/sbin/dtrace -s BEGIN { printf(""%5s %5s %5s %s\n"", ""PID"", ""PPID"", ""UID"", ""COMMAND""); } proc:::exec-success { printf(""%5d %5d %5d %s\n"", pid, ppid, uid, execname); }TronDD: That's interesting as expensive, specialized code analysis tools have been varying level of terrible for a long timeJustinAzoff: I did an experiment before where I asked it to write me some php to insert a record into a database. so of course it generated code with sql injectionchiefnoah: It's ability seems to scale with how many times someone has done the exact thing you're trying to do beforeJustinAzoff: but then I asked if sql injection was bad, which it explained that it was. then I asked if the code it wrote me was vulnerable to sql injection. it then explained it wasColumbus: It misses empirical verification; forming a hypothesis, testing it, and learning from the result. There have been some attempts to implement this by feeding back e.g. command output into the promptJustinAzoff: so then the crazy part, I asked if sql injection was bad, why did it give me code that was vulnerable to sql injection. It the went on to say that the first thing it gave me was just for example purposesJustinAzoff: so no wonder people get into "prompt engineering" since it's clear that you need to do things like ask for code that does something, and is secure, high performance, does not have buffer overflows or sql injection vulnsMattCampbell: In my test case ("Write a Win32 UI Automation provider in C++"), all it did was produce plausible-sounding crapag_dubs: pattern matching over very very large data setsclairegiordano: Bryan just said this and I wanted to write it down, re GPT-3: "the degree that it changes its answers when you tell GPT-3 to think like someone else"JustinAzoff: or even just, "do that, but better"ag_dubs: i think a lot of the awe of gpt is recognizing how simple our own strategies are instead of how complex the AI's strategy ischadbrewbaker: "How would Bryan Cantrill re-write this script?" (ChatGPT4)#!/usr/sbin/dtrace -s #pragma D option quiet dtrace:::BEGIN { printf(""%5s %5s %5s %s\n"", ""PID"", ""PPID"", ""UID"", ""COMMAND""); self->indent = 0; } sched:::off-cpu { self->indent = 0; } proc:::exec-success { this->curpid = pid; this->curppid = ppid; this->curuid = uid; this->indent = self->indent; } proc:::exec-success /execname != ""dtrace""/ { printf(""%*s"", this->indent * 2, """"); printf(""%5d %5d %5d %s\n"", this->curpid, this->curppid, this->curuid, execname); } proc:::exec-success, sched:::on-cpu /this->curpid == pid/ { self->indent++; }antranigv: that's pretty hit on!chiefnoah: Yup. Most people are not doing things that haven't been done before. A significant portion of software is just building blocks of librariesWizord: intelligence is compression, in some sense.dataphract: "critique the epoll API as though you are Bryan Cantrill"ag_dubs: a brain would be much stranger!!Wizord: the ability to reduce a large dataset to a coherent set of rulesantranigv: "Explain the issues of epoll, write as if it's a Bryan ...
undefined
Mar 17, 2023 • 59min

On Silicon Valley Bank with Eric Vishria

Eric Vishria of Benchmark and Oxide CEO, Steve Tuck, join Bryan and Adam to talk about Silicon Valley Bank, its role in the startup ecosystem, and the short- and long-term effects of its collapse.We've been hosting a live show weekly on Mondays at 5p for about an hour, and recording them all; here is the recording from March 17th, 2023.In addition to Bryan Cantrill and Adam Leventhal, we were joined special guests Eric Vishria and Steve Tuck.(Did we miss your name and/or get it wrong? Drop a PR!)Curated chat log from the show:davidf: Sharing this here because I loved every bit of it: My Startup Banking Story by Mitchell Hashimotoewen: 'The teller looks at the paper, then looks at me, then looks back at the paper, then asks ""Are you the HashiCorp guy?"" ' 😮 (Definitely agree that post looks relevant, and is worth reading; thanks for sharing. There's quite the impedance mismatch between ""traditional banking"" and ""startup"" approaches to things. Which I suspect in part explains how SVB was so widely used by startups.)"antranigv: Question: Are there any reasons why the US is behind in these banking things? all countries in the EU and developing countries have solved these problems decade(s) ago.statuscalamitous: my personal, barely informed take: we built this infra earlier, so we have more legacya172: It sounds like what SVB was providing that was so rare was a kind of business as a service.statuscalamitous: my favorite "scare a developer" story: the way ACH payments work. that's right, SFTP!antranigv: I think you mean FTPS? did they move to SFTP? 😄drkamoz: I think the opposite is also true, without the infra, Africa’s been very early to adopt mobile banking https://www.bbc.com/worklife/article/20131217-east-africa-a-mobile-banking-hubdrkamoz: Can you explain sweep funds?Eric Likness - carpetbomberz.com: 6 months of runway some place else. Not what Peter Thiel was telling people.antranigv: What was his response?arjenroodselaar: Eject! Eject!ahl: this was a fun summary: https://svbhallofshame.wordpress.com/ahl: https://www.fdic.gov/news/press-releases/2023/pr23016.htmlantranigv: This Venture Debt is intriguing, specially for startups who have a good background but are having a hard time... kinda? I guess?ahl: Acquired: Benchmark Part Iahl: Acquired: Benchmark Part II: The DinnerIf we got something wrong or missed something, please file a PR! Our next show will likely be on Monday at 5p Pacific Time on our Discord server; stay tuned to our Mastodon feeds for details, or subscribe to this calendar. We'd love to have you join us, as we always love to hear from new speakers!
undefined
Feb 28, 2023 • 1h 34min

Rack-scale Networking

Bryan and Adam are joined by a number of members of the Oxide networking team to talk about the networking software that drives the Oxide rack. It turns out that rack-scale networking is hard... and has enormous benefits!We've been hosting a live show weekly on Mondays at 5p for about an hour, and recording them all; here is the recording from February 27th, 2023.In addition to Bryan Cantrill and Adam Leventhal, speakers included Ryan Goodfellow, Levon Tarver, Ben Naecker, and Arjen Roodselaar.LinksIntel Tofino SeriesP4 (programming language) - Wikipediap4lang/p4c: P4_16 reference compileroxidecomputer/p4: A P4 compilerThe quote crate: Rust quasi-quotingRIFT WG - Routing In Fat Trees | IETF Community WikiHere's (much of) the live chat from the show:ahl https://github.com/oxidecomputer/oxide-and-friends/blob/master/2021_11_29.mdahl That's the Sidecar switch episodebcantrill https://p4.org/admchl What does "at line rate" mean?Riking Line rate = As fast as the packets could possibly come. 1Gbit, 10Gbit, 100Gbit, etcadmchl Do you need ASICs to hit that speed? I assume x86_64 is not going to be fast enough for these specialised operations?levon Yes, the Tofino 2 is the ASICbcantrill You need ASICsbnaecker Yes, you really can't do these kinds of operations on a general purpose CPU.rng_drizzt Yeah, you need specialized silicon here.JustinAzoff Right, also often across all ports at the same time in both direction. a 48 port 10gbps switch will have a line rate of 960gbps (10 ** 48 ** 2)duckman So the advantage is being able to offload compute to the switch?bnaecker Yes, and specifically that you can separate the data plane (operations on the packets) from the control plane (decisions about what operations to allow or make).tahnok What's TCAM?levon Ternary Content Addressable Memorybnaecker https://en.wikipedia.org/wiki/Content-addressable_memory#Ternary_CAMsryaeng Sure beats logging into a number of Cisco switches and making changes at the console.admchl This is my favourite episode in a long time, this is all really fascinating.rng_drizzt the first Sidecar episode was nearly 1.5 years ago 🤯 , right after we cut the first revlevon That episode blew my mindduckman This sounds like a big deal on the scale of ebpfduckman Or biggerbnaecker It is extremely useful for understanding the processing pipelines. As long as you only run single-packet integration tests 🙂od0 just want to go out and find things to write P4 code forJustinAzoff <@354365572554948608> yeah one way to think about that sort of thing is that xdp can be used to run little programs on a nic, where p4 is kind of like that, but running on effectively a nic with 48+ portsbcantrill https://github.com/oxidecomputer/p4SyntheticGate sidecar is the "codename" of our switch boxSyntheticGate "gimlet" is our server sledbcantrill https://github.com/oxidecomputer/propoliswmf So you have P4 and OPTE in the hypervisor at the same time?bnaecker OPTE is in the host kernel.arjenroodselaar The P4 runtime Ry described only exists in the test bed, where it high level simulates the switches. OPTE is part of the production environment.arjenroodselaar The rough difference between P4 and OPTE is that P4 works on individual packets without much concept of a session (so it can't reason about TCP streams, packet order etc, so no firewall like functionality), while OPTE aims to operate on streams of packets.JustinAzoff So you can run 100 VMs on a test system and wire them up to your virtual switch compiled by x4c?arjenroodselaar Correct.bcantrill OPTE == Oxide Packet Transformation Engineadmchl Gimlet?rng_drizzt Compute serverrng_drizzt The Sidecar switch is actually just a PCIe peripheral to a Gimlet.bnaecker The Gimlet managing the Sidecar is often called a "Scrimlet" for "Sidecar attached Gimlet"Riking and "how do i reconfigure this giant network without hosing my ability to reconfigure this giant network"ShaunO can identify with that - we seriously struggle to keep our own products inter-operating, let alone anyone else'slevon It can feel like a Sisyphean task.a172 Setup a much smaller/simpler network in parallel that is accessible from "not your network" that gets you to the management interface.levon It's a whole new world when you can look at the actual table definitions in P4rng_drizzt Owning all the layers here is immensely beneficiallevon Those DTrace probes have been very helpfulbnaecker Those probes turned out to be everywhere. They are are in: SQL queries, HTTP queries, log messages, Propolis hypervisor state, virtual storage system, networking protocol messages, the P4 emulator, and probably more that I'm forgetting about.levon For those unfamiliar with the DTrace tool, or the rationale behind leveraging DTrace over other tracing / debugging tools: https://www.cs.princeton.edu/courses/archive/fall05/cos518/papers/dtrace.pdfbcantrill https://github.com/oxidecomputer/progenitorahl some notes on rust codegen: https://github.com/ahl/codegen-templatearjenroodselaar DDM! Bring us home!a172 it astonishes me how many "cloud" type architectures are built on v4 only or v4 first.a172 IPv6 is older than Wi-Fia172 It solves real problems. PLEASE use it.nyanotech yessss fina...
undefined
Feb 14, 2023 • 1h 18min

Memory Safety with Yael Grauer

Yael Grauer joined Bryan, Adam, Steve Klabnik, and the Oxide Friends to talk about her recent Consumer Reports article on memory safety and memory safe languages. How do we inform the general public? How do we persuade practitioners and companies? Thanks for joining us, Yael!In addition to Bryan Cantrill and Adam Leventhal, we were joined by special guest Yael Grauer, and Steve Klabnik.Some of the topics we hit on, in the order that we hit them (experiment in turning the show live-chat into notes):Nahum: https://www.backblaze.com/blog/the-3-2-1-backup-strategy/ if anyone wants to read up on the 3-2-1 Backup strategy. 👅Cyborus: can we get a link to the talk?Nahum: https://www.youtube.com/watch?v=Q9s2NxILBK8Nahum: https://digital-lab-wp.consumerreports.org/wp-content/uploads/2023/01/Memory-Safety-Convening-Report-.pdf via https://digital-lab-wp.consumerreports.org/2023/01/23/new-report-future-of-memory-safety/Nahum: https://en.wikipedia.org/wiki/Pegasus_(spyware)Cyborus: "can we talk" => "hey. you. have a panic attack. anyways i got a cool sandwich"AaronW: "of course we should have seatbelts" 😄MattCampbell: but then you've got the C die-hards who say that Rust itself is too complexAaronW: https://twitter.com/markrussinovich/status/1571995117233504257?s=46DanCrossNYC: People used to say the same thing about PL/I and recently the COBOL people have been saying the same thing. Nothing new under the sun.statuscalamitous: https://blog.yossarian.net/2023/02/11/The-unsafe-language-doom-principleDanCrossNYC: People who still want to treat C as a high-level assembler are saying the same stuff the PL/I people were saying when I was young.Eric Likness - carpetbomberz.com: In support of Yael, Ralph Nader wasn't/isn't an automotive engineer and he could still argue for lowering safety risks to car buyers. It's advocacy.cdaringe: As an ocaml user, i was hoping revery would take off https://github.com/revery-ui/reverystatuscalamitous: https://press.princeton.edu/books/hardcover/9780691174952/the-tyranny-of-metricsSaethlin: Wake up babe, new 0xide reading assignment droppedAaronW: Labelled like a can of pringles -- "20% more malloc() free()!"Nahum: Relevant to rules based accounting: https://www.schneier.com/blog/archives/2023/02/hacking-the-tax-code.htmldrew: Rigorous definitions of “unsafe code” just wont cut it igig: 40% less direct pointer arithmetic than the leading brand of operating systemsa172: How does principle based accounting even work? Like, how do you define if something violates the principle or not, without just turning it back into rules based?Eden: Checkboxes are meaningful for operational checklists. Aviation and medicine use them pretty heavily. Not so meaningful for systemic work like developing a new aircraft or a new surgery.Eden: So I guess a rules-based approach works for lines of code, but breaks down for project-level decisions such as which language to use.Saethlin: The S in IoT is for securitybenstoltz: ifixit repairability score for HW should have an analog for SW/FW.DanCrossNYC: That's precisely what the pl/i folks acted like 25 years ago.sam801: c++ will live on thru carbon, cppfront, and val.DanCrossNYC: Prediction: carbon is doa.Saethlin: I'll believe it once anyone uses thoseig: I think the other part is there's some really important pieces of software that everyone uses daily which use memory unsafe languages. Our web browsers, and our operating systems.AaronW: I live in a condo and I still unplug expensive electronics during a thunderstorm. Maybe it's because I had many electronics fried when I was young, and my first language was C++.Eric Likness - carpetbomberz.com: Same with answering a landline during a thunderstorm.DanCrossNYC: Had to stop training during thunderstorms in the Marines.Eden: My day job is security. 😉 I rail against compliance checklists on a regular basis because a lot of auditors insist on the checkbox rather than proper security consideration. For example, PCI-DSS requires password rotation, which everyone has known for decades leads to users picking worse passwords.alilleybrinker: https://www.usenix.org/system/files/sec22summer_alexopoulos.pdfstatuscalamitous: https://security.googleblog.com/2022/12/memory-safe-languages-in-android-13.htmla172: Google and Mozilla are making pretty good strides in migrating their browser to Rust. Still a ton of work to go, but entire systems have been moved to Rust.JamesBrock: "Lindy" https://en.wikipedia.org/wiki/Lindy_effectstatuscalamitous: https://security.googleblog.com/2021/04/rust-in-android-platform.htmlDanCrossNYC: Another issue with C/C++ in particular is that UB causes latent bugs to surface years later.alilleybrinker: In the paper linked above, the average lifetime looks to have been about 3.5 years.Saethlin: I learned Rust faster than C++alilleybrinker: Related, you might be interested in EPSS: https://www.first.org/epss/DanCrossNYC: Rust requires a bit of humility. For veteran C programmers, that can be a gut punch.srockets: “Compiler says no” is something that Haskell was proud of, but Rust is the first language I’ve seen that managed to get popular despite of italilleybrinker: Humility also requires a lot of Rust https://github.com/oxidecomputer/humilityEden: I do like the checklist item that every change must be...
undefined
Feb 7, 2023 • 1h 41min

Oxide and the Chamber of Mysteries

Members of the Oxide team join Bryan and Adam to talk about our journey through compliance (spoiler: we passed!). Oxide and Friends: February 6th, 2023 We've been hosting a live show weekly on Mondays at 5p for about an hour, and recording them all; here is the recording from February 6th, 2023.In addition to Bryan Cantrill and Adam Leventhal, speakers on February 6th included Arjen Roodselaar, Nathanael Huffman, Robert Keith, Eric Aasen, and Josh Clulow,Some of the topics we hit on, in the order that we hit them:If we got something wrong or missed something, please file a PR! Our next show will likely be on Monday at 5p Pacific Time on our Discord server; stay tuned to our Mastodon feeds for details, or subscribe to this calendar. We'd love to have you join us, as we always love to hear from new speakers!

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.
App store bannerPlay store banner

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode