CS unrolls an ancient scroll

This is great news of applied computer science and potential great impact [nod to Matias ๐Ÿ˜‰] on future archeological work in deciphering the history.

https://scrollprize.org/firstletters

For those who haven’t been following, an ancient scroll has been meticulously scanned using various methods, and the data has been released as open source.

A cumulative prize of $1 million is up for grabs for anyone who can successfully interpret the text from the available data. And the best part? Everything is being done in a truly open-source spirit.

And even greater is that anyone can still be involved or just learn about, as everything is open source.

So for anyone wanting to go into applied machine learning, algorithms and data processing, this is a great way in ๐Ÿ™‚

If you’re keen on updates and insights, I recommend following Nat Friedman on x-Twitter. He offers quality insights on the progress and more. ๐Ÿ™‚

Safety critical Rust (finally) qualified

Rust is one of the prime candidates for safety-critical systems.

And it looks like it is finally coming of age ๐Ÿ™‚

After long and arduous work, Ferrous systems have released open source safety-critical qualified Rust compiler.
Check below announcement for more information:

https://ferrous-systems.com/blog/ferrocene-open-source/

But what is qualified tool

Those who are involved in safety critical work โ€” and I claim no expertise here โ€” know that one of the bigger ‘pains’ is to have qualified safety-critical tools to use.

For a ‘regular’ developer most of the tools are taken for granted like compilers, operating systems, frameworks, etc. Bugs and undefined behaviors1 are expected to exist and even used as ‘optimizations’2.

While determinism, quality, and reliability are desired, they often take a back seat to features, speed of delivery, and user experience.

But if you work on safety critical systems, it is vice-versa.
One of your biggest needs is a proof of deterministic behavior.

And there is a simple analogy.
If a houseโ€” or even more critically, a skyscraper โ€” lacks a stable foundation, it’s only a matter of time before something catastrophic occurs.
You need and want proof (as much as feasible) that your foundations are stable. And you generally want that reputable company with reputable build process makes your foundations.

That is what qualification means in practice.
You want a tool that you can rely on where you will not be nasty surprised in a worst possible moment3.

And now Rust got its ‘reputable’ badge for use in safety critical systems.

Speed-up move to modern languages

There is also another reason why I’m Optimistic on Rust and new modern languages.

C and C++ are great languages for their uses, performance and low-level. C is a glorified assembly, and C++ gives you million ways to write bad or wrong code and only few good ones.

To use C and C++ in safety critical environment, you are severely restricted how you can apply those languages. Just check MISRA or AUTOSAR4 rules for writing automotive-grade quality code.

And even then you must use different set of tools (static and dynamic analyzers, linters, etc) just to make sure that you haven’t done offset +1 in memory access, or to implicitly do wrong typecast.

Long time ago I considered myself as a ‘quite good’ at C++, but then the more I learned, the less I knew 5 ๐Ÿ˜€

If you need to put so many restrictions and constantly invent different ways how to stop people making almost invisible mistakes in a language, that means that you need to reconsider do you really need to step into that mine-field6.

And all of the hoops significantly slow the actual development time.

So lets see what future will bring7 ๐Ÿ™‚

  1. https://en.cppreference.com/w/c/language/behavior โ†ฉ๏ธŽ
  2. https://alexpolt.github.io/undefined.html โ†ฉ๏ธŽ
  3. https://www.motortrend.com/news/nhtsa-tesla-autopilot-investigation-shutoff-crash/ โ†ฉ๏ธŽ
  4. https://www.autosar.org/news-events/detail?tx_news_pi1%5Baction%5D=detail&tx_news_pi1%5Bcontroller%5D=News&tx_news_pi1%5Bnews%5D=39&cHash=e4f521f7b674bdfd7c1fade308cf2ea8 โ†ฉ๏ธŽ
  5. “Within C++, there is a much smaller and cleaner language struggling to get out” – Bjarne Stroustrup โ†ฉ๏ธŽ
  6. Of course, C and C++ are highly used languages and have a great applications (just look in CERN or Linux kernel). But they should be not and are not applicable everywhere as the learning curve is high and space for errors even higher โ†ฉ๏ธŽ
  7. Greetings to team Trust at VCC doing great work for production grade Rust in actual car ๐Ÿ™‚ โ†ฉ๏ธŽ

Beauty of Zenbleed and its walk-through

Last week (23w30) I stumbled upon such a ‘great’ vulnerability, but also the great explanation (and I’ve read a ‘few’).

Explanation of Zenbleed is here https://lock.cmpxchg8b.com/zenbleed.html.
And I highly recommend it to anyone interested in learning some of the ‘magic’ of modern CPUs on a ever-expanding 40+ year old x86 instruction set.

And a bit of jealous how clean and clear the walk-through is written ๐Ÿ™‚

Old is new again (at least on the web)

I came across a comprehensive analysis of all the โ€˜inovationsโ€™ in full-stack development, which can be found at https://www.bitecode.dev/p/hype-cycles. It brought back some fun memories ๐Ÿ™‚

Every few years, I found myself needing or wanting to create a website. This involved trying to use “best” tools and frameworks for the job that everyone was hyping at the time

Yet, each time, I found myself gravitating back to good old WordPress, with a sprinkle of jQuery or a lightweight framework.

Why?

Well, I felt โ€˜stupidโ€™ that it took so much time to set up a simple CRUD website using these supposedly “modern” tools.

The rule: simple task needs simple tools, always ๐Ÿ™‚

Surprising lack of spam comments

And surprising popups of Crypto ones

So far I have this blog running for less than a year.

There are couple of things that I’ve expected to see:

  • Significant number of logging attempts – Check
  • Significant number of spam comments – Not check

Despite this, I have noticed that the spam comments that do get through are surprisingly sophisticated and appear almost human-like. These comments typically promote Binance or other crypto addresses, as on example below:

I presume that it is some form of automated bot trackback spam that assigns random ‘comment’ text to a trackback link.

Purpose could be multiple: SEO backlinking, visit tracking, pure spam, etc.

But still fun to see the ‘praise’ in the comments ๐Ÿ™‚

George Carlin VS state-of-the-art AI

My current take on recent AI development is that it is getting more and more useful.

BUT, in the end, it is still a glorified, but novel statistics [1].

And whenever AI learns from human input, I find funny/insightful/dark quote from George Carlin:

Or in other words, current crop of AI cannot escape law of large numbers [3].

Especially in today’s world, you need very-very-very valid input sources vetted, by of course, error prone humans.
Even reviews for the simplest of stuff you can buy cannot be trusted as they are bought in bulk.
And as misinformation efforts are running loose in the wild, it is hard to keep sources clean.

Even for pure technical domains such as programming, ChatGPT has been banned by StackOverflow [2] due to high percentage of only looking correct answers.

And some fun chat-bot responses from history characters ๐Ÿ™‚

https://twitter.com/RealESonneborn/status/1615794316504440839

Conclusion

So until AI can learn different real-life models instead of shoveling data into hundreds of billions of (statistical, black-box) parameters with insane compute power needs, it will just be useful statistics.

But there is a lot of room for research in how even today’s AI works, even on much smaller scale models.

References

[1] – https://towardsdatascience.com/no-machine-learning-is-not-just-glorified-statistics-26d3952234e3

[2] – https://meta.stackoverflow.com/questions/421831/temporary-policy-chatgpt-is-banned

[3] – https://www.investopedia.com/terms/l/lawoflargenumbers.asp

Weekly breakdown – 22w49d1

Programming

https://faultlore.com/blah/c-isnt-a-language/

Have you ever had luck/cry/luck to maintain C++ ABI compatibility between different linkable codebases, and found it fun? ๐Ÿ™‚

The more I worked with C, the more quirks popped up. Some fun, some not-so-much.

This text is a must read to anyone trying to maintain compatibility between platforms with useful insights from the wild.

And very rare praise to Microsoft as de-facto kings in platform backward compatibility.

https://stackoverflow.com/questions/7825055/what-does-the-operator-do-in-c

While we are still on C language and its quirks, what ??!??! operator does in C? ๐Ÿ™‚

I would not be surprised if this popped up as a question on ‘good’ interviews, which I would like to steer clear.

Recommended Tools

https://github.com/include-what-you-use/include-what-you-use

I came across this tool long time ago and found it quite handy, especially when working in C++ codebase.

Why? It has potential to one-time reduce your compile time insanely, by just removing include lines that have zero references from current code.
This is quite handy in C++ to limit number of translation units to be compiled, especially when small change in one header triggers big-but-unnecessary re-compilation chain.
And there is insane amount of header-only libraries or code-heavy headers that will exponentially fast increase compile time if not being careful what you include.

News

https://www.theregister.com/2022/10/31/opinion_column_relevance_in_business/

Interesting opinion about staying relevant with FOSS.

Weekly breakdown – 22w37d3

Security

https://darknetdiaries.com/episode/115/

Listen to the podcast episode and replace mentions of games with i.e. cars.
It should raise a lot of eyebrows.

It is really not hard to image black market for all kinds of:

  • Standard: Enabling features
    Example with BMW’s subscription for more smart headlights, or Tesla’s back seat warmers.
  • Scarier: Disabling features
    Usual theft protection, but also removing any safety limitations, like speed limit, alcohol checks, hands-off-steer check, etc.
    Even now you can buy speed limit disabling feature for even most expensive electric bikes with top-of-line security features that allows you to go from limit of 25 km/h to over 40 km/h where only limit is the battery capacity.

All of this already exists, but at the moment, is not the most scalable business.
To ‘pimp-up’ your current generation cars, you would need to go to a ‘guy’ or a shady shop to make changes.

But the cars are becoming ‘smarter’. Over-the-air updates and all new fancy features allows you to make changes remotely from any part of the world.

And there lies huge black-market opportunity for finding bugs and loopholes, as no software and protection is perfect.
Just check yearly Android bug-list and their severity, even if it is owned developed by all-mighty Google.

If there is a sprawling market for cheats for 50$ games, imagine an opportunity for ‘cheats’ in 50000$+ car.

It is not hard to imagine a 100% online subscription service that will allow you to receive all kinds of un-official โ€™improvementsโ€™ applied automatically to your car.

Thanks goes to Patrik Thunstrรถm for sharing this podcast gem and fun discussion ๐Ÿ™‚

Programming

https://calebhearth.com/fan-out-vs-fan-in

Another way how to look at code complexity and how to prevent it during design or in refactor.

As with everything, it should not be followed blindly, as the original complexity could end up moving into ever-evolving wrapper classes.
Check Law of Demeter for more information.

Big tech monopoly

https://cfenollosa.com/blog/after-self-hosting-my-email-for-twenty-three-years-i-have-thrown-in-the-towel-the-oligopoly-has-won.html

One more take on how big tech companies have taken over internet from original intent.
If you have ever found legitimate mail ending up in spam folder of your free mail service out of sudden, or not delivered, this is primary reason.

Old but gold: When the product is free, you are the product.

Fun

https://github.com/IdreesInc/Minecraft-Font

For the ones with kids or feel like one ๐Ÿ™‚

Fragile Manifesto

Go-to manifest, more often than not ๐Ÿ™‚