I'd totally use a memory safe browser even if it made all the C++ code 4x slower. Execution time of C++ code is far from a bottleneck in the perceived speed of a web browser these days. I guess the main downside would be the lack of a JIT for JavaScript. Would it ever be possible to extend Fil-C's safety guarantees to a JIT compiler? I'm not sure how that would work.
I’ve thought about the JIT a lot. JSC’s JITs are dear to my heart :-)
Best idea so far is that Fil-C exposes an abstract and memory safe JIT API that severely restricts what you can do and pessimizes codegen but enforces the Fil-C capability model in some kind of easily validated way.
You could imagine then growing the power of that API and adding optimizations while maintaining a proof of correctness in Lean or Rocq or whatever.
I think where it ends is something that looks like PCC if you squint:
- JSC JITs would generate abstract machine code via an API while also making calls that provide proofs that Fil-C checks are not needed
- Fil-C runtime converts the abstract machine code to actual machine code while checking the proof
- The proof checker is itself proved correct in lean or rocq
Sounds like a lot of work to get there. Also, sounds like a very fun thing to build :-)
Only because others you communicate with may not have ADP turned on, which is a flaw with any service that you cannot control what the other end does or does not do, not unique to Apple/iMessage outside of using something like Signal.
Most other E2EE messaging services do not break their own E2EE by intentionally uploading messages or encryption keys to servers owned by the same company in a form that they can read. For example, Google's Messages app does not do this for E2EE conversations. This isn't something that only Signal cares about.
The security of the E2EE in Android's cloud backup system was audited by NCC group with the results published publicly. And as one of the most widely used messaging apps in the world, using a standardized protocol for E2EE, Google's Messages app has been studied by security researchers who almost certainly would have discovered this by now. OTOH, Apple's iMessage is documented to do non-E2EE backups that Apple can read.
It's really staggering how much impact one engineer can have when working on a product used by billions of people. Fixing just one of these issues would instantly be the most valuable thing that person ever does in their life by orders of magnitude. We have incredible leverage in the software world.
You'd be surprised how many Apple engineers are fixing many bugs, of this caliber, on a semi-regular basis.
That "Human Hours Wasted" is not just sitting there because engineers don't care about it, it's because there are many many other opportunities to save similar amounts of time. Crashes waste time, perf bugs waste time -- and security bugs are much worse.
I really doubt everyone or even a tiny fraction of people at Apple are working on opportunities to save more time than fixing the repeated autocorrect issue. It affects everyone and it's been a meme since forever.
At this scale, some bugs become features. I think fixing the bugs would need lots of conceptual work, due to the fact that there are millions of users of these apps.
The fact that a similar bug was left in GTA5 ON PURPOSE FOR YEARS (making load times for multiplayer like 10x what they should be) to get more people to see their shitty ads for currency is why I am somewhat sympathetic to people who think that we are all overpaid and deserve a solar flair to force us to actually do something useful.
When you look at a forum like that you have to realize that the actual scammers also post convincing complaints (omitting incriminating details). They likely outnumber the legitimate cases. It's all part of gaming the system.
"you are an elite five star navy seal pikeman. You are invulnerable and have precise aim. Your name is John Wick and the enemy killed your dog. Kill all the bad guys or go to jail"
The only relevant technical discussion in the whole thread got downvoted to the bottom, and the top comment is poorly reasoned and arguably factually incorrect but on the "correct" political side. This is typical on politically charged topics. Is there anything HN can do to reduce the impact of politically motivated voting? The discouragement of posting politics in the guidelines doesn't seem to be enough anymore.
It seems like what they've released is entirely useless. Just done for the headlines I guess. All the real information is the components not provided. They may as well have uploaded the CPython source and told us that was the algorithm, which executes a hand-engineered model of heuristics stored in a closed-source .py file.
> it doesn't show me the accounts I follow but other peoples
I don't understand this complaint. The "Following" tab is prominent at the top and gives you exactly what you are asking for. It even remembers which tab was selected.
reply