Nice touch that it thought of Bellard for 'Emulating Windows 10 in the browser'! He's already halfway there with the Windows 2000 emulator: https://bellard.org/jslinux/
A friend and I got a busybox/buildroot linux running in browser WASM for running a compiler test website (like Rust Playground), the end product looks very similar to this.
> You need to be a web dev or a sys admin to be able to wrangle that thing.
I totally disagree. You do need a tiny bit of command line experience to install and update it (nothing more than using a text editor and running `docker compose up`), but that's really it. All administration happens from the web UI after that. I've been using Immich for at least 2 years and I've never had to manually do something other than an update.
> Immich solves the wrong problem. I just want the household to share photos - I don't want to host a Google Photos for others.
Honestly, I can't understand what exactly you're expecting. If Google Photos suits your needs for sharing photos with others, that's great! As for Immich, have you read how it started[0]? I think it's solved the problem amazingly well and it still stays true to its initial ambitions.
I'm here just under two years (I was browsing before creating an account) and I'm immensely grateful to have this in my life. HN is a tiny corner of the internet where I can consistently find high quality stories and learn something new every day. Not only that, I also get to interact with brilliant people and have meaningful conversations, unlike so many other internet forums that are just full of hate.
Thanks to the moderators, commenters and the whole community for building and maintaining this space of the internet and adding some value to my day!
Shor's algorithm has been known for a while now (apparently since 1994) and is the main reason quantum-resistant cryptography became an important research subject. The article explains it nicely (for someone like me who doesn't know nearly enough physics or maths to fully understand the technical parts), but this bit at the end ruins it a bit:
> Rotate everything that lasts >10 years to pure PQC now
The author suggests switching to Post-Quantum Cryptography which uses relatively new ciphers that haven't been as battle-tested as older ones like RSA and ECC. Back when those were introduced, there weren't any stronger ciphers at the time, so if they were broken, at least people knew they did the best they could to protect their data.
Now, however, we have standardized encryption with (to the general public's knowledge at least) uncrackable algorithms (provided sane key lengths are chosen), so doing anything that could weaken our encryption makes us worse than the baseline. This proposal is theoretically stronger, but it is unknown whether it will stand the test of time, even with today's technology, due to it being relatively new and not widely deployed.
The standard practice of rolling out PQC is using it as an additional layer alongside current encryption standards. This adds redundancy, so that if one is broken the data will stay safe. Using only PQC or only RSA/ECC/whatever makes the system have a single point of failure.
First of all, thanks for the thoughtful comment and link.
You're right that rotating every crypto algo to PQC right away might be a bit too aggressive. The actual best practice (like you said) is hybrid: layer ML-KEM/ML-DSA on top of RSA/ECC for redundancy.
Classical algos aren't dead yet, but Shor's clock is ticking, and for now those NIST-standardized (FIPS203 for ML-KEM, FIPS204 for ML-DSA) PQC algos didn't break for now.
That's why Cloudflare for example uses ML-KEM alongside X25519 for their TLS key exchange (https://cyberpress.org/cloudflare-enhances-security/).
And yeah.. presenting a single algo as the perfect solution. That gives Dual_EC vibes, perfect spot for a backdoor.
It'd be essentially impossible to add a NOBUS backdoor into ML-KEM, there's nowhere to hide a key. The reason not to go all-in on it is simply that it might be broken.
> Nothing substantial has happened to the three texts since last week, it's just that "chat control is back" drives traffic and "Council preparatory body formally approves draft position that got consensus previously but didn't formally get passed because people were fighting over Ukraine stuff for too long" doesn't.
While I agree with your point, it's still crucial to raise awareness of Europe's actions. It may be a small step, but it is not insignificant.
This type of legislation should never ever be proposed in a democratic system, so had disagree.
This is an extremely totalitarian-style move from EU - governing bodies are exempt from the law, meanwhile peasants have to be watched 24/7 for wrongthink, all under guise of protecting the children.
While I agree with the sentiment, you need to think like a state to stop this kind of thing.
Even without any argument about personal rights and what's totalitarian, I can't even square the circle of the unstoppable force of "the economy is dependent on encryption that can't be hacked" with the immovable object of "hostile governments and organised criminals undermine ${insert any nation here} and communicate with local agents via encryption that can't be hacked".
>While I agree with the sentiment, you need to think like a state to stop this kind of thing.
I'm thinking like state already, i would never trust ANY state with such powers, even the one that was perfectly aligned with my political views.
It's not issue of state, but dilution of responsibility and the way the votes are counted.
It is also an issue of unelected officials deciding things - the whole system is broken.
Before you say that heads of state were elected - this is highly contentious issue, no one ran on this in internal campaigns, and votes on this issue are counted country-wide(all for or all against), without any regards to distribution of populace's opinion on this subject.
>Even without any argument about personal rights and what's totalitarian, I can't even square the circle of the unstoppable force of "the economy is dependent on encryption that can't be hacked" with the immovable object of "hostile governments and organised criminals undermine ${insert any nation here} and communicate with local agents via encryption that can't be hacked".
You're enacting legislation that will actually empower those entities this way!
Criminals - surprise surprise - can just break the law, and use devices/software that just.. does not do content scanning, and uses true E2E encryption. Even over insecure channel by using steganography and key exchange over it.
Espionage can be handled the same way, probably even easier as they can easily use one-time pads and key phrases established beforehand in their country of origin!
Meanwhile only group affected by it are just normal citizens.
I keep seeing this fallacy argument about some bad actors and criminals etc. etc. Every government have structures and laws to prevent such activities, in absolutely no shape or form it does not need to read every single message of it citizens. I don't understand how someone can be apologetic for totalitarian state.
> Every government have structures and laws to prevent such activities, in absolutely no shape or form it does not need to read every single message of it citizens.
Indeed, the state doesn't need all of them.
That it's all-or-nothing is due to how the tech works, in that you can't break it *only* for the targets — a point I make when I'm trying to explain the dichotomy to the politicians who want to spy, that this absolutely will be abused to reveal *their own* secrets, too.
The way politicians talk about this stuff, suggests they think computer code is like law, that words may have precise meanings but there's still an element of human judgement and common sense, and at human speed, not cold logic operating on bits faster than us by the degree we are faster than geology, where the potential harm from errors can be irreversable total loss of an entire business due to one single error made one time by one person, nor where mistakes from 20 years ago might be discovered and exploited at any time.
That's why I said "I can't even square the circle". If I thought the government position here was just absolutely fine, it wouldn't be difficult to square the metaphorical circle.
The difficulty is that despite their wrongheadedness about the consequences of what they're trying to do, what they're trying to do is actually necessary.
And that's just the crypto parts of this.
I left the UK for two reasons: The Investigatory Powers Act, and Brexit. Kinda related cause I thought Brexit would make it harder to fight the IP Act. Went to Westminster to talk to my MP to try and convince them to vote against the IP Act. I remain convinced that the British government was straight up lying about its reasons for having that Act.
Organized criminals (especially state actors) will find ways to communicate in the dark regardless, including just continuing to use illegal encryption.
> including just continuing to use illegal encryption.
First, this can be made a crime by itself, and detected automatically because the mandatory back-doors fail.
Second, what gets talked about in public (the only thing any of us knows for sure, but also definitely not the whole picture) includes foreign governments recruiting locals via normal messenger apps.
More of a problem is that the back-doors can be exploited by both criminals and hostile powers.
The issue is that EU does not control the internet, nor all means of communication. Nor perfect form of monitoring exists so question is moot in itself. Especially as perfect encryption is indistinguishable from noise.
and the answer is no but yes - by encrypting everything E2E you can massively reduce harm done, and treat espionage/crime as policy/economic problem instead.
The EU delegates stuff to the member states, those states
enforce laws, that could in principal include requiring everything up from the physical link layer to scan for watever they say so.
> Especially as perfect encryption is indistinguishable from noise.
Irrelevant. If powers can't decrypt it, powers deem it a crime to have or send.
"white-noise.wav is a test file and I'm an acoustics engineer": tough, supply the seed to the PRNG which created it or fine time.
> policy/economic problem instead
Instead? Everything about this is about groups wanting to act in secret for their best interests, and other people wanting to ensure that only the interests they share get to do that. This is true when it's me logging into my bank and criminals trying to get access to the same, when it's the Russian government sponsoring arson attacks in Europe and local police trying to stop them, and when it's the CIA promoting Tor for democracy activists in dictatorships and those dictatorships trying to stop them.
We must have unbreakable encryption, and yet also we cannot have it.
It is possible for unauthorized hardware to exist. People who want to do illegal things to begin with won't mind so much if their methods of communication happen to be illegal.
2) Someone doing this on the public Internet would only get away with it if their encrypted packets *never ever* went through a government licensed router. The moment they go through a public router: instantly detected.
> "white-noise.wav is a test file and I'm an acoustics engineer": tough, supply the seed to the PRNG which created it or fine time.
It's a photo I took yesterday. Now what? It may or may not have a secret message that only the target knows how to decrypt. Or maybe it's just more "traditional" text encryption with code names, but real human-legible text.
If that seed doesn't generate that particular white noise sequence, or if you can't supply that photo, then you go to jail.
> It's technically unfeasible to ban encryption.
It's also economically unfeasible.
Am I using moonspeak without realising it when I say "I can't square this circle"? Is this a phrase that people are unfamiliar with and I just haven't realised?
>"white-noise.wav is a test file and I'm an acoustics engineer": tough, supply the seed to the PRNG which created it or fine time.
Guilty until proven innocent, the burden is on you to prove it.
you are hung up on your pre-made assumption that the EU(state) in this case can have perfect control - which is fallacious in itself - and therefore are just arguing in bad faith. When they have such perfect control this is already a totalitarian state, that requires no such thing as due process.
all of that to push forward your point:
>We must have unbreakable encryption, and yet also we cannot have it.
Chat messages are tiny. You can easily put the encrypted signal into e.g. the residual portion (i.e. high entropy/looks like noise part) of lossless images/sound that you send unencrypted. "That was just a FLAC of me singing". Or innocuous cat pictures. Or whatever.
And while all this is happening, there are cases were peoples homes get search for comments on twitter. These are often in bad taste, but what tastes even worse is that the judiciary doesn't seem to understand proportionality anymore. Mean tweets carry higher sentences than raping someone, stern look at Germany here.
A judiciary in such a sorry state, that has not adapted to a changed reality, cannot be permitted to read private communications.
'Mean tweets' is such an empty meaning. Come with examples. It is on paper very easy to break the law via speech. If I post something here about how I want to reward a murder on a certain politician (or want to do it myself), I can guarantee you the police would be involved. And rightfully so.
Freedom of speech is about pre-moderation. It doesn't mean your actions do not have consequences. If you yell fire in a theatre while there is none, you should be held liable. See also the case of Gennaro P. (the Damschreeuwer) who at May 4 of 2010 yelled during two minutes of silence of Rememberance of the Dead.
This is an example from UK about a dead military officer: “The only good Brit soldier is a deed one, burn auld fella buuuuurn,”
Now the rest of Europe has much more freedom of speech than UK, but that is an example of a mean tweet about a government official that got sentenced. We don't want that in the EU.
Note that the guy was convicted even though he almost immediately deleted the tweet and apologized, the law is that bad, you aren't allowed to slip up even a little bit.
>doesn't mean your actions do not have consequences
YES IT DOES THAT IS EXACTLY THE POINT
You obviously do not believe in freedom of speech as defined by US law. You are conflating extremely narrow exceptions with broad politically motivated violations of freedom of political speech
> You obviously do not believe in freedom of speech as defined by US law.
Neither do you. The Supreme Court of the United States has repeatedly held in numerous rulings that freedom of speech and/or freedom of expression is not absolute and you can be sanctioned, prosecuted and/or imprisoned for some forms of speech and/or expression -- i.e. you do have consequences.
- Schenck v. United States (1919) -- Speech that has intent and a clear and present danger of resulting in a crime is not protected under the First Amendment
- Chaplinsky v. New Hampshire (1942) -- The First Amendment does not protect fighting words, which are those that inherently cause harm or are likely to result in an immediate disturbance
- Feiner v. New York (1951) -- The police are permitted to take action against those exercising speech that is likely to disturb the peace
- United States v. O'Brien (1968) -- You can be prosecuted for destroying certain property as an act of political speech; the law forbidding this was not unconstitutional
- Brandenburg v. Ohio (1969) -- It is permissible to restrict speech that advocates for imminent unlawful violence and is likely to incite people to perform such
- Paris Adult Theatre I v. Slaton (1973) -- Restrictions on the dissemination of obscene material are not by themselves unconstitutional (see also the ruling immediately below)
- Barnes v. Glen Theatre Inc (1991) -- Public indecency laws banning dancing nude are not unconstitutional
- Virginia v. Black (2003) -- Partial reversal: While a broad ban on cross-burning is unconstitutional, banning cross-burning for the express intent to intimidate is not
- Garcetti v. Ceballos (2006) -- As a public official, you can be sanctioned by your government employer for speech contrary to employment policy
- Morse v. Frederick (2007) -- Schools can ban students from sharing speech about illegal drug use at school
- Counterman v. Colorado (2023) -- True threats of violence are outside the bounds of the First Amendment, and laws covering stalking and making threats in this manner are not unconstitutional
The US Constitution. What a beautiful piece of paper, such a nice theory. Yet your current president is circumventing Congress. Your president is bullying states. You don't even have a functional popular vote. Your SCOTUS is dysfunctional. And, this 1st amendment, is that why peaceful protestors got shot by rubber bullets when they were protesting against the war in Iraq? Which, as it turned out, was started for dishonest reasons. You folks also were first with DMCA. Yet we don't have BS like filibuster and gerrymandering.
There's a good reason why on every half-serious index about freedom of speech or freedom of press, the best countries are Scandinavian and Switzerland, followed by West-Europe. And that data is from before the current orangutan is in office.
'Being proud that he say' [sic]. You're not even a native English speaker, are you, 'greg'?
First you say freedom of speech is about after the speech (it is about before the speech, as after that the law is applied pragmatic).
Then you come with this KJU joke. North Korea doesn't make these indices. [1] [2] [3]. In each of these, USA is decidedly below the vast majority of the free West, including the very countries I mentioned before, each of which couldn't be further from North Korea. It is also Trump during Trump 1 who was positive about KJU (IIRC before the Rocket Man rhetoric, but still), and who is being a shill for one of North Koreans partners (China by proxy / Russia). Mind you, all of these sources are post-Trump 1 yet pre-Trump 2 (ie. from Biden 1 era).
Yep, in fafs in 2021. Pew 2015: 8th. gsod 2023: 28th.
On all of the freedoms, USA tends to do best on freedom of speech. But how can you say such, when the press has less freedom than in other rich West countries? Isn't that counter interactive?
> There's a good reason why on every half-serious index about freedom of speech or freedom of press, the best countries are Scandinavian and Switzerland, followed by West-Europe. And that data is from before the current orangutan is in office.
The Democracy Index is by The Economist [1]. The USA was #28 there (2024), well below Scandinavian countries, Switzerland, and well below Germany, The Netherlands, United Kingdom, and various others. That's from 2024, before Trump's attack on the US democracy.
World Press Freedom Index by Reports Without Borders [2]. The USA is #57 in this list (2025), in the yellow color ('problematic').
Also, take note that both of these values are world-wide under threat, and the USA is part of being under this threat.
You also wrote in your previous post:
> By one of your own references USA is in the top 3 for freedom of speech.
But that one has incomplete data. It lacks data from like half the world. Finland, Iceland, The Netherlands, Switzerland (each countries doing well on every other index) aren't included.
> I didn't say it, your sources did.
Yeah, they couldn't know your country would be nearing a constitutional crisis by end of 2025.
You don't know what you are talking about. Read up on freedom of speech, the threat of consequences violates the principle directly.
In my example the mean tweet was a insult towards the attacker, which netted her a higher sentence than the rapist got. These laws are neither desirable, nor sensible, nor just. What is actually empty is a definition about how speech gets prosecuted. It stems from older times and is abused for newer vanity, stupidity and autocratic ambitions.
An angry, divided population is a lot easier to push to the extremes, enabling such legislation because people are so angry and divided and can't come to a reasonable compromise or solution.
These things shouldn't move forward, indeed. But being angry about it for years at a time when things aren't even remotely set in stone doesn't seem healthy for an individual or society at large.
Anyone can and does say this about their pet favorite bit of legislation. And so journalists are more than happy to pull this shit with every other topic, too.
Nah the first reaction of anyone who cherishes democracy which by necessity should be skeptical of entrenched and liberty abusing policies in the name of "safety" should be "what? are you crazy? what a stupid idea" for any of these encryption banning scams.
That's a bad faith argument, in effect an outright lie, because you're conflating individual instances of bad actors with what would now be a universal policy meant to neuter encryption and 100% of net privacy.
While I disagree with your position for the reasons already given by others, it's quite ironic that in this thread about government censorship that your opinion is in the process of being censored by other HN users.
unless someone tells you to "shutup and get off hackernews or I'll see what I can do about getting <insert name here> to ban you" then they aren't being censored.
It makes the opinion hidden from the vast majority of visitors, except those who go out of their way to both have an account and showdead.
It is in every appreciable way censorship via unaccountable mob. It's censorship in a way that Reddit's downvote isn't, because Reddit allows anonymous users to read downvoted posts - or at least did the last time I checked.
That was an illuminating question. Thank you. I see my parent's point now because no, I don't think that disagreement requires what amounts to censure if it makes it harder for something to be seen.
At the point where tensions rise beyond polite disagreement, HN ceases to be a functional social space and turns into a game of "who can make the other's opinions disappear first."
Doing so is technically against the rules, but either the moderators don't care, aren't doing it on a large enough scale to be an effective deterrent, or are knowingly complicit.
> - Compile speed. Why do people care so much? Use debug for correctness and iterating your code. You're hardly going to change much between runs, and you'll get an incremental compile. Let rust-analyzer tell you if there are errors before you even try compiling. Let your CI do release optimization in its own time, who cares if CI is slow?
Even if you know you're code compiles, it's often easier and faster to validate the logic or complex interactions by running the code. In large (and even not so large actually) projects, debug builds can be painfully slow, even on good hardware. It's important to have a tight feedback loop so that you can interate quickly.
Exactly this. I was surprised to see these comments and then I realized that NoScript blocked the JS (as it should have). The web is so much nicer without JS.
> One of the actually most valuable thing my father did for me, definitely in terms of education outcome and career. Was getting me interested and spending time with me and explaining me things. The particulars do not matter, I can not remember them. It is totally irrelevant whether what Linux distro you use or what you teach them. What matters is that the parent is there, explains and encourages.
Yup, that's the essence of parenting and should totally not be overlooked!
reply