The article over-downplays the need for sentinel values. Surely Rust has Option that also spreads into C++ these days as std::optional. But for plain C using -1 or negative values to denote sentinels or error code is rather nice idiom.
The argument will be more valid if array indexes will be 1-based like in Fortran/Matlab/Julia as then 0 becomes extremely nice sentinel values. But C is C and needs -1.
Yet Elm due to its simplicity does not need a lot of examples. Language itself is small and blessed way to architecture things consist of few patterns. Then things are composable. This is ideal for LLMs.
The price for that is verbosity. What in other languages are hidden behind async and complicated libraries in Elm has to be done explicitly resulting in boilerplate. But that is never a problem for LLMs.
Then Elm compiler has one of the best error messages. This helps agents a lot.
Then Time Machine debugger is another big help for agents as they have access to the full execution trace of the program. The trace is much smaller than would be necessary for other languages and typically fits into content window.
Java allowed to handle out-of-memory rather well if one wanted to even 25 years ago. Basically one allocated a buffer on a startup taking 5% of memory that the application was supposed to use and made all threads to catch the oom exception. When handling that the buffer would be released, GC would be forced and a special flag would be set asking app to cancel any memory-intensive tasks until enough memory would be released and the buffer can be allocated again. It worked extremely well.
Microsoft just followed VAX/VMS that does not overcommit. And there is a noise on Linux mail lists to implement process builder pattern which VAX had like 50 years ago…
Interesting idea. On the other hand on the latest SSD with hardware encryption the raw disk speed under Linux can be over 5 GB/s so on my laptop with 64 GB of RAM the full restoration from disk takes like 45 seconds. With LUKS it is like 2 times slower. Which is not a problem at all. So I do not see much value in memory encryption in suspend.
On my laptop with Fedora I just configured Linux to hibernate to disk after 15 minutes of suspend. Powering memory off ensures that bugs like this Debian-specific would not matter.
Plus what Debian extension to Linux tooling does although nice in theory, but in practice if one really worries about cold-boot attacks, then all keys and important documents has to be wiped out from memory, not only LUKS keys.
So hibernating is really the only proper way to protect against cold boot.
I worked for a big company that switched from 1password to Keeper. The transition was smooth and I do not see why it shouldn’t be as long as IT knows what they are doing.
Many such IDs are designed for local physical verification, like proof that the
mobile phone owner is above certain age or has a valid driving license, they are not designed for remote verification.
I wonder are there any compilers that recognizes switch-in-loop pattern of interprets and optimizes it to be branch-predictor friendly using multiple indirect jumps?
For executables on Linux there are things like bubblewrap or firejail. One can also use a restrictive container. But those are strictly weaker than browser sandboxes.
The most secure way presently is to use qubes-os that allows to use a very hardened VM to run individual applications.
Modern solar work nicely in UK in May-August when wind is weakest due to long hours and cooler weather. However one needs more expensive panels that also work on a cloudy days.
Then in UK somebody calculated that a house needs 1MWh battery to last over winter using only solar panels that a typical suburb house can install. In 5-10 years that would cost 40K USD making it rather realistic to have. This ignore availability of industrial-scale wind which is the strongest in winter.
The full access to the docker socket from a user account is typically used on a development machine where malware has many other opportunities to become a root.
User namespaces significantly rise the risk of exploits and many setups disable them. One may argue that Docker should have used them when they were available, but that would break too many useful setups involving privileged containers.
The argument will be more valid if array indexes will be 1-based like in Fortran/Matlab/Julia as then 0 becomes extremely nice sentinel values. But C is C and needs -1.