If running low on memory seems to matter less now than it did a couple of decades ago, I'd rather say that's because fast SSDs make swapping a lot faster. Even though virtual memory and swapping were available even on PCs since Windows 3.x or so, running out of memory could still make multitasking slow as molasses due to thrashing and the lack of memory for disk cache. The performance hit from swapping can be a lot less noticeable now.
Of course compression being now computationally cheap also helps.
> Remember, a hash is a "one way function". It isn't invertible (that would defeat the purpose!). It is a surjective function. Meaning that reversing the function results in a non-unique output.
This is a bit of a nitpick and not even relevant to the topic, but that's not the reason cryptographic hashes are (assumed to be) one-way functions. You could in principle have a function f: X -> Y that's not invertible but for which the set of every x that give a particular y could be tractably computed given y. In that case f would not be a one-way function in the computational sense.
Cryptographic hashes are practically treated as one-way functions because the inverse computation would take an intractable amount of time.
Yeah that's a good addition. I think often the words we use can really make things more confusing. Like I hate when people say invertible but in reference to a function that isn't bijective. Why not say reversible? (No complaints with the convention of image/preimage)
Which it's very similar to the problem created by saying "one way". It just isn't one way. Going the other direction is perfectly possible but incredibly hard to find the origin. The visual metaphor I like to use for people is it's like you walk out of a room and into a hallway of doors that are all identical looking. Ignoring the fact that you could just physically turn around, it'd be very hard to figure out which one you actually came from.
But maybe what I like least is that we end up having so many terms for the same general concept. It's one thing when they're discovered independently but I'm pretty confident the computer scientists that pioneered hashes were quite familiar with the mathematics and nomenclature.
> inverse computation would take an intractable amount of time.
This is explained later on the page. "Where a modern writer would say he underwent torture, a 1200-era writer must say that he suffered pinunge instead."
I also couldn't understand this one although the word "pining" did come to mind, apparently not totally off, as that has apparently come from the same ancestor. Didn't help me figure out the intended meaning, though.
> No scar(?) is never hit(?) forgotten, not uuhiles(?) is libbe(?).
I guessed this meant something along the lines of "[?] shall I never [?] forget, not while I live". I didn't figure out that "uu" is actually "w" until that was explained, so it escaped me that "uuhiles" is "while[s]", though.
Yup, definitely easiest. (That's how I first got it too.) Dunno if it's ethymologically correct, though; that depends on what the roots of "pain" are.
Since it's explained further down the page that it comes from an earlier loan from Latin "peona", "punishment", I suppose there is kind of a cognate in English itself from the later loan of the same word that has lead to "penalizing".
I think Transport Fever is of a slightly but significantly different genre.
Railroad Tycoon is a strategy game with competition whereas Transport Fever is pretty much a building and optimization sandbox. Even Transport Tycoon falls more in the latter category, IMO, despite superficially having competition even in single player. (I haven't played OpenTTD in a long time so I don't know if the AIs are nowadays competent enough to make the competition interesting.)
In RRT, with cut-throat competition enabled your company can even be opportunistically bought by the competition if you aren't careful. You can also be driven out of cities by rate wars. Some of the other strategy aspects feel perhaps a bit artificial -- you can't cross the other companies' track, for example, so you can effectively cordon off areas from competition. Nevertheless, those competitive strategy aspects add a significant edge to the game.
I've also played a lot of Transport Fever. The competitive aspect, even if against the old and cheating AI, is probably one of the reasons I still end up returning to the old Railroad Tycoon now and then, though.
Some of the technical limitations of the original are somewhat frustrating, though, so I find the reverse engineering effort really interesting.
It actually says "hacking on one of our programs", which makes it even more obvious that it's using the word closer to the positive traditional hacker culture sense.
I'm sure that still looks unprofessional to some people, just like any jargon that isn't corporatese does.
If humans are considered apex(-ish) predators, it's because there's mostly nothing "above" us in the food chain. We aren't typical prey for any other animal, so we are at the top-ish.
It doesn't mean the diets of humans are biologically supposed to consist of huge amounts of meat.
Most apex predators are of course obligate carnivores. But humans are probably near the top because the use of weapons and tools makes us highly dangerous, so most land animals are wary of humans. Even many predators don't prey on humans for food.
(Although some large land predators do, mostly when they're desperate for food.)
Being able to snapshot and restore memory is a pretty common feature across all decent hypervisors. That in and of itself enables most client-side cheats. I doubt they'd bother to provide such a hypervisor for the vanishingly small intersection of people who:
- Want to play these adversarial games
- Don't care about compromising control of hypervisor
>Being able to snapshot and restore memory is a pretty common feature across all decent hypervisors
A hypervisor that protects against this already exists for Linux with Android's pKVM. Android properly enforces isolation between all guests.
Desktop Linux distros are way behind in terms of security compared to Android. If desktop Linux users ever want L1 DRM to work to get access to high resolution movies and such they are going to need such a hypervisor. This is not a niche use case.
It "protects" against this given the user already does not control the hypervisor, at which point all bets are off with regard to your rights anyway. It's actually worse than Windows in this regard.
I would never use a computer I don't have full control over as my main desktop, especially not to satisfy an external party's desire for control. It seems a lot more convenient to just use a separate machine.
Even mainstream consumers are getting tired of DRM crap ruining their games and movies. I doubt there is a significant Linux users would actually want to compromise their ownership of the computer just to watch movies or play games.
I do agree that Linux userland security is lackluster though. Flatpak seems to be a neat advancement, at least in regard to stopping things from basically uploading your filesystems. There is already a lot of kernel interfaces that can do this like user namespaces. I wish someone would come up with something like QubesOS, but making use of containers instead of VMs and Wayland proxies for better performance.
You already don't control the firmware on the CPU. Would you be okay with this if the hypervisor was moved into the firmware of the CPU and other components instead?
I honestly think you would be content as long as the computer offered the ability to host an arbitrary operating system just like has always been possible. Just because there may be an optional guest running that you can't fully control that doesn't take away from the ability to have an arbitrary guest you can fully customize.
>to satisfy an external party's desire for control.
The external party is reflecting the average consumer's demand for there not being cheaters in the game they are playing.
>It seems a lot more convenient to just use a separate machine.
It really isn't. It's much more convenient to launch a game on the computer you are already using than going to a separate one.
Ah, I see, you're talking about Intel ME/AMD PSP? That's unfortunate and I'm obviously not happy with it, but so far there seems to be no evidence of it being abused against normal users.
It's a little funny that the two interests of adtech are colliding a bit here: They want maximum control and data collection, but implementing control in a palatable way (like you describe) would limit their data collection abilities.
My answer to your question: No, I don't like it at all, even if I fully trust the hypervisor. It will reduce the barrier for implementing all kinds of anti-user technologies. If that were possible, it will quickly be required to interact with everything, and your arbitrary guest will soon be pretty useless, just like the "integrity" bullshit on Android. Yeah you can boot your rooted AOSP, but good luck interacting with banks, government services (often required by law!!), etc. That's still a net minus compared to the status quo.
In general, I dislike any methods that try to apply an arbitrary set of criteria to entitle you to a "free" service to prevent "abuse", be it captchas, play integrity, or Altman's worldcoin. That "abuse" is just rational behavior from misaligned incentives, because non-market mechanisms like this are fundamentally flawed and there is always a large incentive to exploit it. They want to have their cake and eat it too, by eating your cake. I don't want to let them have their way.
> The external party is reflecting the average consumer's demand for there not being cheaters in the game they are playing.
Pretty sure we already have enough technology to fully automate many games with robotics. If there is a will, there is a way. As with everything else on the internet, everyone you don't know will be considered untrusted by default. Not the happiest outcome, but I prefer it to losing general purpose computing.
I'm talking about the entire chip. You are unable to implement a new instruction for the CPU for example. Only Intel or AMD can do so. You already don't have full control over the CPU. You only have as much control as the documentation for the computer gives you. The idea of full control is not a real thing and it is not necessary for a computer to be useful or accomplish what you want.
>and your arbitrary guest will soon be pretty useless
If software doesn't want to support insecure guests, the option is between being unable to use it, or being able to use it in a secure guest. Your entire computer will become useless without the secure guest.
>Yeah you can boot your rooted AOSP, but good luck interacting with banks, government services (often required by law!!), etc.
This could be handled by also running another guest that was supported by those app developers that provide the required security requirements compared to your arbitrary one.
>That "abuse" is just rational behavior from misaligned incentives
Often these can't be fixed or would result in a poor user experience for everyone due to a few bad actors. If your answer is to just not build the app in the first place, that is not a satisfying answer. It's a net positive to be able to do things like watch movies for free on YouTube. It's beneficial for all parties. I don't think it is in anyone's best interest to not do such a thing because there isn't a proper market incentive in place stop people from ripping the movie.
>If there is a will, there is a way.
The goal of anticheat is to minimize customer frustration caused due to cheaters. It can still be successful even if it technically does not stop every possible cheat.
>general purpose computing
General purpose computing will always be possible. It just will no longer be the wild west anymore where there was no security and every program could mess with every other program. Within a program's own context it is able still do whatever it wants, you can implement a Turing machine (bar the infinite memory).
They certainly aren't perfect, but they don't seem to be hell-bent on spying on or shoving crap into my face every waking hour for the time being.
> insecure guests
"Insecure" for the program against the user. It's such a dystopian idea that I don't know what to respond with.
> required security requirements
I don't believe any external party has the right to require me to use my own property in a certain way. This ends freedom as we know it. The most immediate consequences is we'd be subject to more ads with no way to opt out, but that would just be the beginning.
> stop people from ripping the movie
This is physically impossible anyway. There's always the analog hole, recording screens, etc, and I'm sure AI denoising will close the gap in quality.
> it technically does not stop every possible cheat
The bar gets lower by the day with locally deployable AI. We'd lose all this freedom for nothing at the end of the day. If you don't want cheating, the game needs to be played in a supervised context, just like how students take exams or sports competitions have referees.
And these are my concerns with your ideal "hypervisor" provided by a benevolent party. In this world we live in, the hypervisor is provided by the same people who don't want you to have any control whatsoever, and would probably inject ads/backdoors/telemetry into your "free" guest anyway. After all, they've gotten away with worse.
We already tried out trusting the users and it turns out that a few bad apples can spoil the bunch.
>It's such a dystopian idea that I don't know what to respond with.
Plenty of other devices are designed so that you can only use it in safe ways the designer intends. For example a microwave won't function while the door is open. This is not dystopia despite potentially going against what the user wants to be able to do.
>I don't believe any external party has the right to require me to use my own property in a certain way.
And companies are not obligated to support running on your custom modified property.
>The bar gets lower by the day with locally deployable AI.
The bar at least can be raised from searching "free hacks" and double clicking the cheat exe.
>who don't want you to have any control whatsoever
This isn't true. These systems offer plenty of control, but they are just designed in a way that security actually exists and can't be easily bypassed.
>and would probably inject ads/backdoors/telemetry into your "free" guest anyway.
This is very unlikely. It is unsupported speculation.
> We already tried out trusting the users and it turns out that a few bad apples can spoil the bunch.
You say this as if the user is a guest on your machine and not the other way around.
It's not a symmetrical relationship. If companies don't trust me, they don't get my money. And if I don't trust them, they don't get my money.
The only direction that gets them paid is if I trust them. For that to happen they don't have to go out of their way to support my use cases, buy they can't be going out of their way to limit them either.
> designed in a way that security actually exists
When some remote party has placed countermeasures against how you want to use your computer, that's the opposite of security. That's malware.
>You say this as if the user is a guest on your machine and not the other way around.
The user is a guest on someone else's network though. You may be a guest to Netflix and they require you to prove your machine is secure for them to provide you 1080p video. You are free to do whatever you want with your own machine, but Netflix may not want to give you 1080p video files if they don't trust your machine.
>When some remote party has placed countermeasures against how you want to use your computer, that's the opposite of security. That's malware.
I think it's fair to have computers that allow you to disable integrity protections and do whatever you want. You just shouldn't be able to attest that your system is running 1 set of software when in reality it's running something else. It's fraud.
No it's still my network that I'm on. I don't have to be a good neighbor because I also own all the adjacent hardware.
There's already a body of laws that incentivize against violating copyright. It lunacy to stack on additional ones in service of the same goal. That's like saying that it's both illegal to speed, and it's also illegal to tell your friends that you'll be there in 15 minutes when you'd have to speed to get there sooner than 20, whether or not you actually do the speeding.
Devices are not legal persons, they can't sign contracts on your behalf, nor can they commit fraud on your behalf. If a bogus is attestation is necessary in service of interoperability, that's a technical detail not a legal one. If what you want is copyright enforcement, focus on the crime not the circumstance under which a such a crime is possible.
I remember not getting Close Combat 2 (from 1997) running on Windows 10 some years ago but I did getting it running under Wine, albeit with some tweaks.
Whether that was a Windows compatibility issue or potentially some display driver thing, I'm not sure. (90's Windows games may have used some DirectDraw features that just don't get that much attention nowadays, which I think may have been the issue, but my memory's a bit spotty.)
> Im pretty sure I read in the past GoG still sells you a license to a game in perpetuity, rather than ownership
Just about every commercial software license says the software is licensed, not sold.
Of course the practical difference is in whether you can trust you'll be able to keep using the product indefinitely or have to rely on the publisher's goodwill.
(Also, whether the idea that a software product is only licensed and not sold is legally valid of course depends on the jurisdiction and legal interpretation. IIRC back in the day some people tried to argue that you couldn't resell a game or other piece of software you bought on physical media because the software was only licensed to you, not sold. That argument didn't necessarily fly.)
Of course compression being now computationally cheap also helps.
reply