How does it follow that there is no point in trying for formal correctness? In many problems there is an interesting subset that is quickly solvable even when the general case is not.
SAT solvers in practice are quick on just about everything.
SAT solvers being programs that solve the original NP-compete problem.
In addition to capabilities, which implemented the principle of least privilege (and keep untrusted code sandboxed by default) there is a need for binary verification.
A check that a whatever is downloaded cannot exceed it's capabilities.
Part of the challenge is that hardware tried and has failed to be trustworthy in implementing security boundaries. The failure appears to be because a misalignment of incentives.
I think the premise of a capability based operating system can help a lot, but for something to work in the long term the incentives need to aligned.
My reasing of the study is children with significant gut issues and diagnosed with autism see a significant reduction in symptoms when the gut issues are treated.
Which leads me to wonder if for some of these children is the root cause just gut issues.
If all they have figured out how to so is treat significant gut issues that sounds very promising.
The notification happen when the fix was shipped. That people would prefer to been spoon fed only serious security issues is understandable, but not realistic.
A large percentage of kernel fixes have the potential to be similarly bad. For some the potential isn't even realized until after the fix has shipped.
Ever stable release GregKH says you must upgrade now, because there is something security relevant in there. This happens at least once a week.
As for shared hosting providers it is my sense that there is always at least one local privilege escalation available to miscreants. Making shared hosting only safe if there is a certain amount of trust.
I remember bugs that were similarly bad from my university days 30+ years ago. Has anything substantially changed?
It describes in detail what a home router needs to be doing to make all of this work seamlessly.
Things work so well that half the world has working IPv6 already.
Openwrt pretty much implements all of this out of the box.
If you are struggling with IPv6 I recommend reading up on where it is at today and figuring out how whatever makes your network special can be done using IPv6 with no fuss.
Personally I have moved several times changing ISPs in the process and my IPv6 setup involving multiple LANs on my home network has just continued to work. IPv6 renumbering events just work seamlessly and completely automatically.
Historically the only practical hold up to IPv6 adoption has been the ISPs not rolling it out to their customers.
And I know the homenet WG has concluded but I found RFC 7368 IPv6 Home Networking Architecture Principles[1] interesting as well, including its discussion of reachability and RFC 6092 Recommended Simple Security Capabilities in Customer Premises Equipment (CPE) for Providing Residential IPv6 Internet Service.[2] IPv6 still occasionally seem more flaky than IPv4 with some set ups though.
> If you are struggling with IPv6 I recommend reading up on where it is at today and figuring out how whatever makes your network special can be done using IPv6 with no fuss.
> ...
> Historically the only practical hold up to IPv6 adoption has been the ISPs not rolling it out to their customers.
Yep, that's where I am. Frontier FTTH, IPv4 only. Because....I have no idea why. Because Frontier sucks, basically? They have at least started their rollout:
FP64 emulated with FP8 running faster than the native FP64 implementation.
reply