Well there's two important things to address there, and they're both a bit long-winded, but bear with me.
First, despite all the discussions of Uber's/Lyft's full-time drivers, there are some proportion of drivers who are just people looking to make an extra buck on their ride home from the airport and whatnot. These drivers really don't expect/require a lot of money, and are just padding their income driving somewhere they were already going. I had a friend with a six-figure income who would do Uber rides in San Diego just because it was an easy way to cover gas occasionally. This is important because it changes the market for taxi drivers - suddenly a regular and lucrative set of rides (to and from airports) have clientele who expect much cheaper rides - even if the cost those clients expect to pay can't support an individual working full time at that rate. But even if full-time drivers attempt to avoid the platform, the market has substantially changed - they can no longer get the same price for their rides. Now, this may just be a market correction, but let's look at the second factor...
Uber and Lyft and burning VC money to power their operation - Uber lost ~$1.1 billion dollars in Q1 2019 [0], and Lyft lost ~$1.14 billion in Q1 2019 [1]. These sorts of numbers tell us that Uber and Lyft are generating demand for an artificially low price for a service, which all but guarantees that the market for sustainably-priced taxi rides will be destroyed. Why would a customer purchase a ~$20 taxi fee when a VC-subsidised ~$10 ride exists?
The contention that Taxi drivers can "just not use Uber/Lyft" is pitting the depth of the pockets of taxi drivers against the pockets of Uber/Lyft's backers - it's not a reasonable expectation that taxi drivers can afford to wait out venture-capital subsidizing an unsustainable business model which destroys their livelihood in the meantime. According to the Federal Reserve in 2016, 46% of Americans reported that they would be unable to cover a $400 expense if some emergency came up [2]. I don't think we can look at Uber and say "Taxi drivers could choose not to use it" - it's looking at the choice to use the platform in absence of the context of venture capital and the support which exists for low-skilled workers against predatory employment practices.
Craigslist sellers decide on the price, how to exchange goods and money, etc. Uber and Lyft are not free marketplaces where drivers can offer a ride for a price they believe to be fair for their services - the platform owners decide the prices and the drivers are forced to accept that rate in order to get rides.
I'm a bit confused on the comment "Modern phones (and all the flagship phones) have had separation between their basebands and APs for years; a modern smartphone baseband is essentially a USB peripheral."
As far as I can tell [0], the flagship phones (i.e. everything except the iPhone) are pretty heavily invested in the Qualcomm integrated baseband CPU + general purpose CPU [1]. And unless something has changed radically in recent years, the baseband CPU has had direct DMA access to the same memory as the main CPU, and thus any vulnerabilities or backdoors in the baseband CPU have the ability to directly access memory.
With the rising prevalence of devices like the LimeSDR [2] putting the ability of intercepting and communicating with the baseband CPU, vulnerabilities in the baseband like this one [3] are even more of a risk than before.
I don't think anyone is arguing that Purism is going to have produced the world's most secure software, but the design space they've put themselves in allows them to be audited internally and externally - something that while you say "Apple and Google have spent a lot of money on it" I can't really verify that it's lead to a quality product. As flaws like Intel Management engine fiascoes have shown [4], even heavily audited code can have terrible flaws. The thing people don't like about the current approach with cell phones is that if the phone is too old you just have to throw it away because no one will update it. Purism is offering you something where you can throw away just the vulnerable modem or wifi card, and keep your phone. Even if you don't know of a flaw, you could purchase a different vendor's M.2 4G LTE card and swap it in, and make your attack surface different than other owners of the Librem 5.
There are other things which Purism will doubtless be way worse at catching/auditing, but honestly this is going to be like Linux: the benefit in terms of security is going to be that you are one of maybe 1,000 people using that device in that specific configuration, and you won't be worth exploiting.
Hygon is just AMD's EPYC CPU [0]. I am uncertain if they will differentiate themselves more as time goes on, but at the moment almost the only difference in the kernel is that it has a different name.
I think you're more likely to see some ARM CPUs which have comparable performance to low-end and mid-range x86 before you see a new x86 competitor [1] - the overhead to making x86 perform well is just so high that I can't imagine anyone new bothering to get into the space. VIA has been in the market forever as the third seller of x86, and despite the theoretical benefits of entering into the datacenter CPU market, they've never made that leap (though I don't know enough about their history to know if they tried).
I'm hoping that ARM becoming competitive in the client CPU space ends up making the cross-compile overheads of enough drivers/kernel stuff that we can start to see some more diversity in the CPU market overall. I'm excited about RISC-V, especially now that they have shipping hardware you can play with today [2]. The Mill CPU sounds super cool in a bunch of ways, but the architecture has made so many decisions that I'm unsure will play out in practice I'm holding my excitement until I see real silicon somewhere [3]
In Rust overflows generally will cause a panic. So "2 + 2" will return 4 or panic if you're on a 2-bit system (they provide .saturating_add() and .wrapping_add() to get code that will never panic)
Thus, you could have caused a denial of service by crashing a rust-based Curl, but the crash would have been modeled and just uncaught.
I am missing something? You can see the hackaday article about this here: https://hackaday.com/2014/02/21/researchers-create-synthetic...
Here is another, earlier iteration also from MIT: https://gizmodo.com/mits-new-plastic-muscles-could-bring-us-...