In my eyes they are not fair, because while they tax consumption, they very disproportionately affect buying power the less wealth you have. For a millionaire, paying let’s say 30% more for new shoes is not going to meaningfully change how much money they’re left with. If I’m poor and I need new shoes (because you can’t just afford a new shoes when you want them so it by necessity implies you’re in desperate need of them), that extra 30% means one less grocery trip. Or heck, even 30% on groceries potentially means one less grocery trip.
Which is to say, being poor is expensive, and sales tax only makes it more expensive, while literally not affecting the bottom line of those in higher income brackets.
But wealthier people tend to consume more. The top 10% of earners account for~50% of consumer spending. It's more like the low income person pays $5 of sales tax on a $50 pair of shoes, and a high income person pays $50 of sales tax on a $500 pair of shoes.
Haven't you read Capital? Marx's core premise which nobody actually working in economics denies is that the nature of wealth is to consolidate in the hands of the few. So while wealthier people may consume more, that does not factor into "fairness" because they are hoarding their wealth, amassing power over others, and using it disproportionately to maximize their pleasure, power, influence, etc at the cost of the suffering of others.
But I take it from your glib comment you'll disagree or deny that.
LOL. Do you actually think that person has read Capital or much of anything economics related? These types of internet arguments don't happen among equally equipped participants. People can just say random shit on the internet it turns out. They do it all the time.
At what point to we have to stop playing pretend with people who never participate in good faith? I get the argument that there are ignorant observers who might learn something. But I've not actually seen any sort of data to support anything like that.
For me it was just about calling out bullshit premises where I see them. I don't mind taking 10 seconds to do it every single time.
Maybe my methods were too subtle here, but the point was simply to illustrate that the OP's comment had no connection to reality, with receipts (citing sources)
This is not exactly correct. They wouldn’t need to emulate SPTM, since SPTM is already running. And to be very correct, SPTM is a “process” running in a separate privilege level to the regular privilege levels found on arm processors.
The reason it’s a pain is because pre M4 the bootloader gave you complete control over the CPU, including the Apple-exclusive extensions like GLx, the special privilege levels e.g. SPTM is running at. Since M4 the bootloader handles that, so asahi team has to either cope with being dropped after GL is already initialized and locked down, or running in a mode with all of Apple extensions disabled.
So it’s not a problem for running Linux, but it’s a problem for running macOS with a thin abstraction layer to intercept talking with devices like the GPU, which made reverse engineering for them significantly easier.
Afaik this isn’t quite correct either. From what I could gather from the CCC talk and forum posts:
The Apple specific instructions to talk to the SPTM are only usable in the GL2 privilege level, not EL2 where you end up after booting non-Apple code.
The problem is the macOS kernel uses these custom instructions to manage its own page table mappings, and when being virtualized in EL2 it just crashes since these instructions are now invalid.
The solution is indeed to emulate the SPTM interface and instructions just enough for macOS to not crash, that way it can be virtualized for reverse engineering. The emulated SPTM could just pass through the mappings, ignoring all of the security checks the real one would normally do.
I was able to find quite a bit of existing SPTM analysis online (I believe from iOS security research) so this issue isn’t insurmountable by any means.
From our knowing how it works [0] it’s just a mechanism for the kernel to give up some privileges and add extra security checks when modifying page tables. Sounds easy to emulate to me: just don’t do the checks and modify the page tables directly. Do you have some reason to believe it can’t be emulated?
If for some reason it’s difficult, the relevant kernel code could also be hooked or patched.
It’s very neat but I’m sorry, you can’t advertise yourself as a designer while prominently showcasing very obviously AI-generated graphics. The wallpaper and the avatar immediately undermine everything else, I can’t take you seriously seeing those
So you can’t take me seriously based on the use of a tool that almost definitely is used on a daily basis by everyone in my industry? Or would I be taken more seriously if I took a moral stand like you, and failed to adapt to my changing profession?
I would generally file questioning and criticism under “neutral”, in some very specific cases “positive” or “negative”. Are you interpreting “negative” as “anything not strictly positive”?
> Questions can be neutral but questioning is probably negative
The ethos of HN is to err on the side of assuming good faith and the strongest possible interpretation of other's positions, and to bring curiosity first and foremost. Curiosity often leads to questions.
Can you clarify what you mean by distinguishing between "questions" and "questioning"? How or why is one neutral while the other is probably negative?
I'll also point out that I'm questioning you here, not out of negativity, but because it's a critical aspect of communication.
> In what world does "criticism" not default to "negative"?
Criticism is what we each make of it. If you frame it as a negative thing, you'll probably find negativity. If you frame it as an opportunity to learn/expand on a critical dialogue, good things can come from it.
While I understand what you're getting at and get that some people are overly critical in a "default to negative" way, I've come to deeply appreciate constructive, thoughtful criticism from people I respect, and in those context, I don't think summing it up as "negative" really captures what's happening.
If you're building a product, getting friendly and familiar with (healthy) criticism is critical, and when applied correctly will make the product much better.
Regarding your distinction, I'm still confused. In a very literal sense, what is the difference between "questions" and "questioning" in your mind? i.e. what are some examples of how they manifest differently in a real world conversation?
It's just a subtle difference in implication that depends on exact wording. Don't read too much into what I'm saying there.
It's hard to argue that asking questions isn't neutral, but being questioning implies doubt and it says so in the dictionary to back me up, it's not really more complex than that.
Frankly I think all that wishy washy "ethos of HN" crap is the problem. Leads to nothing but boring, pointless, fawning comment (and hyper passive aggressive copy pasting of the "rules" from a few of the usual suspects).
Constructive criticism and healthy debate is entirely possible without violating the guidelines, and happens quite a bit.
If people can’t figure out how to have conversations that aren’t “boring, pointless, fawning” while honoring the community guidelines, they:
1. Need to try harder
2. Or they should probably not be commenting here
The rules/ethos are not perfect, nor does the community always succeed in its goals. But I’ll take the dynamic here every day vs. sliding into the kind of toxic sludge fest that has infiltrated just about every social network.
This place is barely holding the hordes at bay as it is. I’m grateful for the guidelines and the collective will to abide by them as much as possible.
I’m talking about in place of a fetch call, you could simply import a json response from an endpoint, there by bypassing the need to call fetch, and you’ll get the response as if it’s imported.
It won’t replace all GET calls certainly but I can think of quite a few first load ones that can simply be import statements once this happens
Yes, it uses QEMU under the hood for VMs and runs LXC containers. But also, since recently, you can run docker images in it. Very handy, especially since it has 1st class remote support, meaning you can install only the incus client and when doing `incus launch` or whatever, it will transparently start the container/vm on your remote host
Why haven’t you threatened to sue yet? They very clearly violated the MIT license by getting rid of your copyright, which is literally the only requirement MIT imposes. Go after them, don’t let the corporation get away with
He literally says in the post he reached out to Linus directly and to this day haven’t gotten a response. He also himself was (trying to) upstream patches for years, usually ending up similarly getting stonewalled
I don't see the word "reach" or any relevant mention of "Linus" in either the "shaming" post or in the resignation post.
Even if there was, I'm not sure I trust the word of such a drama-seeker directly, so it's reasonable to a evidence of on-mailing-list appeals adding CC (as Danilo did), and if that fails mention of contacting Linus off-list in that specific subthread.
I don't know networking all that well. In my mind, I have 50 devices connected to my router behind NAT. My Mac, My Apple TV, my iPhone, My PC, My Linux Box, My partner's versions of all of those. My video games. Etc
From outside there's 1 IP address. With IPv6, every device would get it's own address outside. Why do I want that? That sounds less private to me. Am I mis-understanding something? Lots of traffic on one IP address sounds more obfuscated than all separate.
With IPv6, every device has multiple IP addresses. One or more addresses that are rotated* to prevent you from being tracked easily, and one that's derived from your device's MAC address so you can make your devices easily accessible from WAN by opening ports in your firewall if you want to.
You could disable the rotating addresses, or disable MAC-based ones by using DHCP, but there's usually no point.
As for why you would want something like that: a whole bunch of software and hardware breaks because of NAT. Consumer NAT has some monkey patching inside of it rewriting some protocols to make them work again (which also allowed random websites to open arbitrary ports to arbitrary addresses in some Linux routers a while back, because NAT overrules firewall settings to work) but there are still limitations.
For instance, if you're having issues with your Nintendo Switch, Nintendo will tell you to forward every single port to your Switch (https://en-americas-support.nintendo.com/app/answers/detail/..., hope that IP address doesn't get reassigned to an unpatched device later). Multiple Xbox consoles behind the same NAT requires tricking them into super-restricted-NAT mode to work, or enabling UPnP which allows devices to open ports in your firewall without any authentication.
NAT just kind of sucks. IPv6 wasn't ready for deployment when NAT gained popularity, but all of the reasonable problems have been solved over a decade ago.
*=default rotation happens daily, but your OS may allow you to pick a shorter duration. I've found out the hard way that setting this to five minutes will fill up Linux' route table real fast after a few days.
No, it doesn't. At least the last time I checked unless you go out of your way to implement a non-standard configuration IPv6 is a disaster for personal privacy for the typical multi-user household.
Then again, the "typical" multi-user household is likely logged in to most things via SSO with Google or Facebook and probably has approximately zero fingerprinting mitigations in use so perhaps it isn't worth worrying about?
If you aren't the typical household then given 2^64 addresses and a Linux box serving as a router you've got quite a few options available. Including various creative reinventions of NAT that don't break basic functionality.
> IPv6 is a disaster for personal privacy for the typical multi-user household
Why? With privacy extensions (which are normally enabled for user devices), then all someone can do is look at the prefix. This is identical to looking at the IPv4 address in a NAT setup, and it hasn't been that much of a privacy disaster.
> This is identical to looking at the IPv4 address in a NAT setup
It is not identical unless the OS uses a new IP for every new outbound connection. I believe that would qualify as a (very) nonstandard configuration.
> it hasn't been that much of a privacy disaster.
Indeed, it was tongue in cheek which is why I went on to point out SSO. The reality is most people aren't willing to sacrifice convenience to retain even a shred of privacy.
If you are one of the few who care then you can implement one of the many possible non-standard solutions.
Even disregarding fingerprinting, a single household doesn't have enough traffic from separate devices/users to the same servers to really matter from a privacy standpoint.
If my PC uses the same IP as my partner's to talk to Google, it hardly matters for our privacy if they mix up the attribution of traffic between the two of us.
Speak for yourself. I also don't want it to be readily apparent how many different devices I have, or when I'm using which one, or how many people are in the household, or when who is home.
Granted any service that I consistently interact with is likely to be able to figure out at least some of that information if they put in some effort. But I don't want to be freely providing a complete picture for zero effort.
Creepy data aggregator stories pop up on the HN front page regularly so hopefully I don't need to explain why I feel this way.
Yeah, I mean, I share those concerns in general, but my efforts are mostly centered around aggressive ad/tracker-blocking (moderate DNS-level blocking at the network level, more aggressive at the device level + browser-level blocking) and the avoidance of non-privacy-focused services, e.g. avoiding the popular social networks entirely, and using privacy-supporting pay-for services.
Using the same IP for all of my devices, for me, generally falls into the same bucket of anti-fingerprinting techniques that are used by the Tor Browser like letterboxed resolution that I don't find practical for general use. If I want to actually prevent fingerprinting by IP, resolution, etc. then I'll actually use the Tor Browser.
It depends what you're trying to defend against. The rotation hinders associating an address with a particular device. If someone looks at the network prefix to see if people are in the same household, then that's exactly the same as looking at the IPv4 address to determine the same thing.
> From outside there's 1 IP address. With IPv6, every device would get it's own address outside. Why do I want that? That sounds less private to me. Am I mis-understanding something? Lots of traffic on one IP address sounds more obfuscated than all separate.
Having recently enabled IPv6 for my home network, the "why" was that a) IPv6 to IPv6 connections are nominally more efficient than those that have to traverse NAT and b) it enables connectivity to/from IPv6-only internet devices.
The privacy upsides of a single IPv4 IP for a household are, to me, more marginal than the above benefits.
Which is to say, being poor is expensive, and sales tax only makes it more expensive, while literally not affecting the bottom line of those in higher income brackets.