<stikonas>oriansj: I am now able to build M2-Mesoplanet with M2-Planet but something is a bit broken in M2-Mesoplanet and it does not self-host <stikonas>./bin/M2-Mesoplanet -f ./M2libc/sys/types.h -f ./M2libc/stddef.h -f ./M2libc/$ARCH/Linux/unistd.h -f ./M2libc/$ARCH/Linux/fcntl.h -f M2libc/stdlib.c -f ./M2libc/stdio.c -f ./M2libc/bootstrappable.c -f M2libc/bootstrappable.c -f M2libc/string.c -f cc.h -f cc_globals.c -f cc_reader.c -f cc_core.c -f cc_macro.c -f cc_env.c -f cc_spawn.c -f cc.c -o M2-Mesoplanet <stikonas>yes, and also oriansj's lightning talk is also available there ***sm2n_ is now known as sm2n
<oriansj>stikonas: or possibly I broke #include trying to get a rough flag for if stdio.h was listed <oriansj>gbrlwck: thanks for letting me know they finally uploaded it <gbrlwck>you're welcome, but that was actually stikonas ;) i was not yet able to locate it! could someone share the link? <oriansj>pity civodul mistook the .5MB Mes.c root with the few hundred byte stage0 root <oriansj>but I guess it could be considered the proper start of Guix once it is able to run Guix. <gbrlwck>oriansj: omg you talked fast there! but honestly: good talk for the little time you had! <gbrlwck>so i watched a couple of talks yesterday (including jannekes talks form the previous years) and i wonder: is one of our goals to raise awareness in regard to computing security in general? <Hagfish>my hope is that the reproducible builds people see the importance of this work (as they are somewhat dependent on it) <Hagfish>and similarly we can point people to the clear benefits of reproducible builds <Hagfish>i suppose the third leg to this stool is source auditing / developer reputation <Hagfish>(and i'm assuming that "bootstrapping" includes auditable hardware too, but maybe that's a strand that needs to grow more) <stikonas[m]>yeah, auditable hardware might also be included in bootstrapping <gbrlwck>stikonas: you mean verifiable designs or tamper-free devices? <stikonas>well, one option is FPGA designs which is somewhat like stage0-posix vs stage0 in software bootstrapping <riv>what about ben eater's computer <riv>he sells a breadboard computer kit <riv>so that's something that's relatively easy for people to replicate <riv>,maybe it will need more ram though <stikonas>riv: yeah, that might be good for some early stages of stage0 <stikonas>although, it's not one of the supported arches in stage0 yet <stikonas[m]>Hmm, Ben eater's computer has only 64 bits of ram... <oriansj>well 64bits is enough scratch memory for hex0 but the hex1 table is much to big for that (4-8bytes x 256 entries) <oriansj>gbrlwck: when I speak about bootstrappable hardware, I think about hardware you could make at home with just a little bit of money. <gbrlwck>oriansj: hardware powerful enough to replace our current computing stacks? <gbrlwck>and... make at home: from microprocessors through die to PCBs? or just assembling ready-made, trusted PCBs? *gbrlwck is wishing a nanometer scale solder and etch kit for the holidays <gbrlwck>i guess securing the (whole) computing stack is hard, at least as long as it's hard to impossible to verify whether some hardware is exactly what somebody designed (and nothing more). i read a paper suggesting that it is possible to detect even tiny hardware trojans, but the authors were looking for discrepancies and only checked one single (crypto) chip.