Plug alert: I am working with a company that's building a full representation of the Sanctum system using custom extensions of RISC-V (https://eprint.iacr.org/2015/564.pdf). There are critical features like root of trust key and entropy generation, and cache isolation that are missing from the vanilla RISC-V keystone approach. It offers a measure of security worth having but we're taking it all the way. We're working with MIT prof Srini Devadas. You can read more about it here if you're interested: https://medium.com/gradient-tech/announcing-gradient-crypto-...
Some version at least will be yes. RE: RoT + RISV-V, cache isolation appears missing here, so sidechannel attacks using cache timing and other methods still work
Awesome! It was unclear to me where the Rambus IP began and SiFive's core took over in the demo.
Keystone using existing RISC-V extensions is exciting to see, but it's frustrating that the Hack a Day article seems to confound where it begins and ends (at least today). The Keystone presentation notes that the RoT is derived from Sanctum and their docs indicate that you need to bring your own entropy and key storage, neither of which are made clear in the blog post.
You can, but the pertinent question is whether you should. Microservices help with scaling endpoints that become bottlenecks but introducing them before they become necessary suffers from many of the common problems associated with premature optimisation.
It's interesting I think having an understanding of the history of javascript concurrency is almost a prerequisite to using it correctly. I wonder how new people approaching the language for the first time find it.
I find two camps:
1. those who need to produce backwards-compatible code, avoiding or not thinking about new features
2. those who can/want to use new features
Camp 1 has the problem of continuously importing kitchen sinks instead of polyfills, which would allow getting into camp 2.
Camp 2 is essentially a luxury of time, thus rare. It already requires mental commitment, which may be scarce after a day of battling bugs for IE.
I think that as a beginner you can get far with async/await without truly understanding it. I also think that at some time the abstractions will leak and your head will spin madly.
Also we're hiring! https://www.gradient-tech.co/jobs