HackerTrans
トップ新着トレンドコメント過去質問紹介求人

YoumuChan

no profile record

コメント

YoumuChan
·4 か月前·議論
But consumer product does not support SDCI (only Epyc Turin supports it), so it does not benefit too much if an accelerator is involved.
YoumuChan
·4 か月前·議論
Should my google search history be part of the commit? To that question my answer is no.
YoumuChan
·12 か月前·議論
I think it is all about audience. There is no one-size-fit-all. Different audience have different threat models and different requirements.

For a corporate using an OS in work phones. The threat model is state/corp-sponsored actors. Trade secret leak is unacceptable. When in doubt, data should be wiped. Now wiping PIN makes total sense and is the only sensible option.

An ordinary person, on the other hand, often deals with non tech-savvy ordinary people. The threat model is different. Most likely plausible deniability is enough. The threat level is low. Those users may accept to trade some data security for a more friendly feature.

The ultimate question is whether Graphene envisions itself an opinionated OS that always follows the "best practice" or a generic OS that allows users to define their own threat models.
YoumuChan
·12 か月前·議論
I hate to say this but I don't foresee Graphene being "mainstream". Most users will stick to the stock ROM. The most "mainstream" custom ROM Lineage is only installed on 0.04% of Android devices as of 2023 [1]. Even if Graphene appears in some mainstream news, I highly doubt any ordinary person can recognize it when they see one.

If the threat model is hiding from random people, I think a hidden profile works very well.

Now let's talk about motivated adversary as you put it. Hidden profile and wiping are not either-or, they can coexist. If one is really targeted by a motivated adversary, it should be apparent in most cases, and the targeted person can choose to enter the wiping PIN instead of the secondary profile PIN.

Now if one is targeted by a really motivated and threatening adversary, I don't think wiping PIN is any better than secondary profile PIN. The moment one chooses to wipe the phone, the adversary could be triggered by the action and harm the victim anyway.

[1] https://9to5google.com/2023/11/20/lineageos-number-of-device...
YoumuChan
·昨年·議論
Like Raft is a "special case" of Paxos, this feels like a "special case" of CRDT.

It has all the flavor of CRDT, but adds a leader and a different way for the total ordering (basically using leader's local lamport clock to break tie).

Throw in leader reelection and some ledger syncing and then give everything some other names, I bet you can have "collaborative text editing on one page".