I agree that centralization is bad, and one of the worst parts of HTTPS (the other being that things like ed22519 systems, chacha20, poly1305, sntrup are generally viewed as better modern alternatives to AES, so postquantum system like rosenpass https://github.com/rosenpass/rosenpass are more preferable).
However, I think there is no reason at all that a system that is decentralized is not far _far_ simpler to instantiate for a user (not to mention far more secure and private). Crypto gets a lot of hate on HN, but it seems that it is mostly due to people's dislike of anything dealing with 'currency' systems or financial that touch it. This is a despised opinion here, but I am still actually excited for crypto systems that solve real world problems like TLS certs, DNS, et al.
Iroh seems like a _fantastic_, phenomenal system to showcase this idea. It allows for a very fast decentralized web experience on modern cryptography such as Blake3, QUIC, and so on but doesn't really touch any financial stuff at all. Its simply a good system.
I hope we can slowly move to a system that uses the decntralized consensus algorithms created in the crypto space to remove the trust in (typically big, corporate, and likely backdoored) centralized entities that our system today _requires_ without any alternative.
The comparison is to pandas, so single node performance is understood in the scope.
This is for people running small tasks that may only take a couple days on a single node with a 32 core CPU or something, not tasks that take 3 months using thousands of cores.
My understanding for the latter is that pyspark is a decent option, while ballista is the better option for which to look forward. Perhaps using bastion-rs as a backend can be useful for an upcoming system as well. Databricks et al are cloud trash IMO, as is anything that isn't meant to be run on a local single node system and a local HPC cluster with zero code change and a single line of config change.
While for most of my jobs I ended up being able to evade the use of HPC by simply being smarter and discovering better algorithms to process information, I recall like pyspark decently, but preferring the simplicity of ballista over pyspark due to the simpler installation of Rust over managing Java and JVM junk.
The constant problems caused by anything using JVM backend and the environment config with it was terrible to add to a new system every time I ran a new program.
In this regard, ballista is a enormous improvement. Anything that is a one-line install via pip on any new system, runs local-first without any cloud or telemetry, and requires no change in code to run on a laptop vs HPC is the only option worth even beginning to look into and use.
Servo is upcoming, but so far it is fantastic in comparison to any other browser out there.
I tend to focus on any software that does not require 12 teams of people 6 weeks to determine how to build a single binary because of the use of 20 different programming languages and mixing and matching of paradigms and solutions to subconponents.
I very much appreciate simplicity and look for highly secure and private programs that highly discourage JavaScript from ever being run.
Servo is finally a breath of fresh air in that regard.
Interesting, until today I had assumed that Servo was basically dead and that most of the interesting bits had been integrated into Firefox. I'll give Servo a try and see if I like it.
It would be nice to have a completely open source browser that can be built with a simple one liner from cargo.
Having several thousands of eyes on the code daily to check for telemetry violations, privacy issues, security, and performance daily in mostly a single language, small, and well structured browser repo would be phenomenal compared to the disjoint jumbled messes we have today.
As indicated by the explanation, better for people who believe in FOSS rather than closed corporate software.
Most developers work with a Unix mindset (do one thing well, with focus on simple and easily managed code), which tyically means telemetry is _wildly_ out of line (offers no real benefit for the basics while adding huge complexity), so privacy and security are naturally far better.
Lynx like TUI browsers are a nice idea, but unfortunately sometimes an image is desired to be manually viewed, or javascript is required. It would be wonderful if javascript were simply dropped from most websites, but we don't live in that world, so we're stuck with the next best thing (disabling all js until explicitly allowed by the user).
These are the types of things people in software devs typically care about, which there are many in HN.
Mooers law in the consumer space seems to be pretty much asymptoting now, as indicated by Apple's amazing Macbooks with an astounding 8GB of RAM.
Data center compute is arguable, as it tends to be catered to some niche, making it confusing (cerebras as an example vs GPU datacenters vs more standard HPC). Also Clusters and even GPUs don't really fit in to Mooers law as originally framed.
What do you mean by Mastadon is a bloated sloppy mess?
It was my understanding that Mastadon has _far less_ javascript than Twitter, not more.
The UI for mastadon always seemed far cleaner, more performant, and importantly - capable of actually loading, compared to twitter
Essentially, anytime something is shared from twitter I simply ignore it, because it may take a good 40 minutes to figure out the workaround to view it, compared to Mastadon which 'just works'.
The biggest thing I want to see from framework is ARM (or better, Risc-V that achieves great low power performance) with an enormous battery and linux or BSD with all the optimizations to improve battery life.
I bought a macbook a while ago specifically because I can get it to last about 45-50 hours non-stop usage on one charge, so getting a system tailored for even better performance and a longer battery life (macbooks could probably double or triple battery life if they bulked up and stopped trying to be so petite) would be incredible.
>100 hour battery lifes should be very achiebable for developers, as limiting screen brightness and using only terminal with a black background can increase battery life _enormously_.
Between Zoom (not the whole time, but just by having it in the background), Slack and Crowdstrike's Falcon agent, I usually can't make more than 5 or 6 hours away of a wall outlet with my MacBook Pro M2 Max...
Oh, wow. That's a pity. I mean, you're down to the battery time of any random x86 laptop.
I usually get barely a working day out of my corporate MacBook Pro M1 with Corpo Security Special Sauce, CLion and Teams. But I have to kill CLion when it gets too crazy (i.e. often).
Do you have any insights from Activity Monitor on who is draining the battery?
My biggest offenders:
- Symantec Data Loss Prevention Agent (x86 Emulation)
- $Corporation App Store (I never use it, don't know why it burns CPU time)
This corporate "security" software is the essence of everything that's wrong with a corporation.
If I check the "Last 12 hours app energy use" from my Activity Monitor it's usually Firefox, Zoom, Slack and PyCharm.
But that only shows "Apps", not processes. If I list all processes, the one that's almost always in the top is Crowdstrike Falcon. Specially when there's disk access, as it seems to intercept everything...
I agree that would be a delight. I'd even take a color eink or transmissive / reflective LCD to lower the display power draw. But I would still like to be able to equip it with large amounts of storage and ram.
An Arm motherboard would be a great thing for one of those third parties to make. I don't think Framework has the resources to take it on right now. It's time for them to do an update to the AMD boards, and they do a new Intel one every year...
There are limits to how enormous the battery can be. Over 100Wh and you can't fly with it, so nobody is going to do that. That's less than double the capacity of the current Framework battery.
Opensource contains many things, but IMO limiting to core/ packages on arch and never installing anything from AUR will get great quality software, with far better security and privacy than similar proprietary software.
If one is very interested in security and privacy however, using VMs for isolation of different apps or services is important, so having an OS that helps that is useful.
Bare arch _can_ do this, but requires quite a lot of script development.
Qubes seems to be the answer many grab for, though much is still written in C, which comes with all of the vulnerabilities mentioned constantly. So, something like https://diosix.org/ (a Rust-based hypervisor for Risc-V) is a great option to make a start towards decently secure system. Of course if your threat model includes state actors or something, you're SOL (change your perspective or what you're doing) since they always have an easy backdoor into any hardware, but sometimes things like diosix can protect against the constant script kiddies and other individual hackers.
What BSD is the closest to alpine in the Linux space?
Which BSD is the smallest in size and very security focused by selecting for minimalism while also being well maintained and used like alpine?
That seems like it would be a great starting place for a good desktop os
Honestly I would say none of them are really analogous to Alpine; things don't really map that way. That said - I'd say that OpenBSD is what you're asking for: I won't comment on size, but it's very focused on security and correctness, well maintained, and is actively daily-driven as a desktop by its devs. (In contrast, I like FreeBSD, including as a desktop/laptop OS, but historically it's had a bit of a thing where people develop FreeBSD to run on their servers from the comfort of their macbook. They just started an effort to improve that, but that's new.)
That said, all of the big 3 (Open/Free/Net) are pretty great and if your hardware is supported you'd probably have a good time if you don't mind doing a bit of legwork in terms of having to set things up starting from a terminal. Of course if Alpine is your reference point then you'll be fine.
Thanks, this is good information.
I'm still curious about size, as it removes attack surface for security. The glibc to musl conversion is obviously not the direct change to occur in BSD, since BSD has its own libc, but an even smaller alternative would be interesting. My understanding is that OpenBSD is about 100x the size of Alpine right now.
In modern times, a Rust-based option is also intriguing if the goal is security as well, though things like Redox are _extremely_ heavy for these considerations.
Of anyone is making a browser in todays age, I would imagine starting with something like Servo would be best.
There are far too many chromium based browsers.
A very minimal Rust-only browser with security and privacy in mind at every single step is completely missing from browsers today. Things like waterfox et al are enormous projects that take far too long for one person to audit the entire code base to ensure correctness. Something like the 'wireguard of browsers' in this regard is needed (single repo that one person can read over in a day and can be built with a single cargo build command). Even servo unfortunately falls just barely shy of this goal, but one can dream.
However, I think there is no reason at all that a system that is decentralized is not far _far_ simpler to instantiate for a user (not to mention far more secure and private). Crypto gets a lot of hate on HN, but it seems that it is mostly due to people's dislike of anything dealing with 'currency' systems or financial that touch it. This is a despised opinion here, but I am still actually excited for crypto systems that solve real world problems like TLS certs, DNS, et al.
Iroh seems like a _fantastic_, phenomenal system to showcase this idea. It allows for a very fast decentralized web experience on modern cryptography such as Blake3, QUIC, and so on but doesn't really touch any financial stuff at all. Its simply a good system.
I hope we can slowly move to a system that uses the decntralized consensus algorithms created in the crypto space to remove the trust in (typically big, corporate, and likely backdoored) centralized entities that our system today _requires_ without any alternative.