IRC channel logs
2024-08-12.log
back to list of logs
<nimaje>my interest comes more from a package manager side, you can't have cycles in dependency graphs and you don't want to use some random binaries to build something (and probably they aren't build for the system in question anyway) <aggi>without clean system integration and bootstrapping, you couldn't at least verify what's deployed into production, even when all sources supposedly where freely available with a permissive license <stikonas>mid-kid: you could run bootstrap on prebuilt 64-bit kernel <oriansj>Rutherther: I am here because I *needed* to have a bootstrapping path from Hex to GCC and a community of people who were interested on working on that problem didn't yet exist. So janneke, rekado and myself started #bootstrappable on Freenode (to limit our spam of the guix channel) and now I stay because the work is interesting and everyone here is great. I live seeing all the interesting directions and refinements other people have. <oriansj>andydude: just because someone else did it first, doesn't mean you can't do it better. If it sounds fun or interesting, explore that; worst case is you learn something worth sharing. <pabs3>haven't managed to get time to actually do anything though <Hagfish>i think of bootstrappability as being like the efforts to systematise chemistry with the periodic table, or physics with the standard model, or mathematics with a set of axioms <Hagfish>of course there are limits to all of those endeavours, and maybe most practitioners don't care about the edge cases for most of their work, but if no one was thinking about these questions then we would be stuck with simplistic half-truths about our software, like being alchemists <Hagfish>i also hope that by raising awareness of bootstrappability, we can encourage projects to think more carefully about their architectural decisions. it's too tempting to end up relying on your own (unknown provenance) binaries, but i think that leads to more problems than just a harder bootstrapping path <SupUser>-> Cell phones -> Zero Trust / zone administration / ??? <matrix_bridge><Andrius Štikonas> But since we can build GCC from hex, the question is just whether you can build TV software with gcc <oriansj>SupUser: well we have a guix package to kodi and OBS if that is what you mean <oriansj>cell phones can't provide Zero Trust <oriansj>and Zero Trust zone administration isn't a bootstrapping issue but one of just basic security engineering <andydude>I've been developing a programming language for the past 20 years, so far nothing to show <oriansj>SupUser: Zero trust is a meaningless buzzword; as humans being trusted is required in every system. <SupUser>WHy can't cell phones provide zero trust? <matrix_bridge><Andrius Štikonas> You need to trust hardware manufacturer at the very least <AwesomeAdam54321>SupUser: Cell phones have a baseband processor that runs proprietary code <andydude>AwesomeAdam54321: it's somewhere between lisp and M-expr <andydude>AwesomeAdam54321: the idea was to get rid of fixed statements, but still have some more syntax than just parens <oriansj>SupUser: as for kodi still being around; well it works for what its users need <SupUser>afair kodi is just people sharing tv <SupUser>you could still use the cell phone for other networked things <SupUser>It'd still be a zero trust system from one end to another. <SupUser>I meant for convenience-cheating or free monitoring / etc... <Rutherther>thanks all for the answer to my question from yesterday, it's inspiring to me! <SupUser>I doubt the cellphone's other processor takes over a good rooted device and allows an infection, lol. <oriansj>SupUser: depends entirely on the memory map and is very system specific <andydude>Pretty sure there's more than 2 chips in a cell phone <oriansj>for example if kernel memory is writable from the broadband processor, then game over. <andydude>No, I'm regurgitating articles that claim at least 7 ARM chips in some cell phones <SupUser>You can block that memory write too... <oriansj>here is what I suggest. Find a shared understanding first <SupUser>If you control the bootstrap you control the model regardless of the hardware interconnects is the point. <oriansj>only if you control ALL of the bootstraps; (aka you only run code that you trust) <SupUser>All you need to do is make managed code from one side required.. <SupUser>You should always be able to power off a devices components when you've bootstrapped something. <SupUser>why wouldn't you be able to control power? <oriansj>SupUser: only, if you wired things up that way. Most people don't pull out a soldering iron <oriansj>I know Errata exists and imperfect hardware has holes which one can use to do damage. <nimaje>why do you assume the hardware gives you that control? why wouldn't the hardware be some always on chip that gives you some processor to run your os on? <oriansj>SupUser: we target the lowest levels we possibly can <oriansj>but the lower we go, the more device specific and harder it becomes <oriansj>and drivers are just userspace or kernel space programs implementing an API; there is no magic in them. <SupUser>drivers are the firmware that allows the hardware to operate. <SupUser>if there's no driver will it turn on? <nimaje>you brought up smartphones, which are usually a opaque block of hardware with some chips you simply can't control, maybe make some requests to <oriansj>SupUser: many pieces of hardware work without kernel mode or userspace mode drivers (such as a CPU core) <nimaje>do you need some driver for your motherboard to work? <oriansj>for example if you were to build a 6502 computer with 64KB of RAM; there wouldn't be any firmware at all. Only the bits in the RAM which you toggle in <SupUser>I get what you guys are trying to explain <andydude>I think we should just port webassembly to every platform, get rid of everything platform-specific <andydude>I have yet to see a webassembly impl for UEFI <oriansj>The hardware beats the microcode, which beats all of the firmware, which can trick all operating systems which rule all user space programs <SupUser>u guys got an image / flow chart to look at some of this stuff? <SupUser>Why wouldn't it be able to be claimed? <andydude>How much does it cost to buy the ability to make your own microcode? <SupUser>What's allowing full overrides of a system running @ 100%? <SupUser>Isn't that the whole point of an OS? <oriansj>andydude: about $5K (comes for free having your own designs fab'd) <andydude>oriansj: is that like RISC-V + your extensions, or intel? <oriansj>SupUser: Userspace always waits on the kernel; which always much wait on what the lowever levels are doing <SupUser>Why would something be allowed to just randomly stop/start its own process or even try to loop without interruptions being able to stop it? <SupUser>You're not fully explaining that oriansj <oriansj>andydude: any architecture you want (you just can't claim trademark architecture support) <SupUser>If a user has access to all the hardware why wouldn't the hardware obey? <SupUser>Like silent mode/do not disturb... for instance. <oriansj>SupUser: hardware interrupts are essential to all modern operating systems <SupUser>that gives you 100% override of that microchip <SupUser>Wouldn't that defeat your argument ~partially <oriansj>but unless the hardware directly gives you a way to control it(like pulling a plug or pushing a button); then everything is mediated through software. <SupUser>or whatever, u guys got some pic's u wanna share? <andydude>SupUser: what platform do you want diagrams for? <oriansj>modern hardware lies; it runs things out of order (to get better benchmark results); it claims to completed work before it actually does it. <andydude>SupUser: Even just the simple case of running a program in a process, doesn't mean you have control, you could get an interrupt to switch to a different process <andydude>even if you write the perfect operating system, if your firmware is corrupt, or is missing Intel ME, then you computer automatically restarts after 30 minutes <andydude>I just had an idea, this channel is the solution to a poorly understood problem, we need a new project to document the problem <oriansj>andydude: documentation will only take you so far. Eventually you either lose hope or you get angry and build something worth fighting for. <andydude>I once read an article about RMS fighting with a printer 1-on-1. I wish it went into more detail <oriansj>andydude: imagine all you needed was some documentation to fix your problem and someone else had a copy of it and refused to share with you. <oriansj>he took it as a loss but it started his anger; which really started after 2 AI companies tore his community/home apart. <oriansj>Lisp Machines, Inc and Symbolics Inc (to be precise with Symbolics doing the greater damage) and Stallman then spending the next 2 years suffering to keep them from profitting from that destruction.