Christoph @voigt@hachyderm.io

Before using `std.debug.Trace` API: crap! We cannot debug this because the context for why this field was set to an unexpected value is gone.

After using `std.debug.Trace`: We learn where the unexpected value was set, bug identified!

On vectortiles and how to render them using modern technology
https://media.ccc.de/v/mch2022-265-world-in-vectors-cross-platform-map-rendering-using-rust

#Rust #WebGPU #webassembly #openstreetmap #GIS #MCH2022

There have been enough sandbox escape vulnerabilities at this point that same-process sandboxing is no longer considered a viable technique for running completely untrusted code. But it can still be used in MOO's security model, where users have to demonstrate some amount of trustworthiness to get programmer bits, and only well-known and trusted users get wizbits.

I've managed to build a proof-of-concept system with fine-grained sandboxing using Lua, but I ran out of motivation on that project because there's not much of an existing Lua ecosystem to use compared to JS. I would have built it on Duktape had Duktape existed at the time. And once Duktape came along WASM was on the horizon.

I doubt there will be a WASM runtime designed for same-process sandboxing anytime soon. But there appears to be some momentum toward making WASM-GC OCAP-safe, which at least would make it possible to run semi-mutually-untrusting code, though it would not protect against memory or CPU-time DoS.

Server-side WASM appears to be fairly mature at this point. While this doesn't give same-process sandboxing or finer-grained concurrency, it does support one of the "holy grails" we had back in the ColdC/Genesis days: language agnosticism. While that mostly only means Rust and C++ at the moment, Rust is certainly preferable to JS, it has a sufficiently large community and ecosystem, and the ability to target WASM has been a goal of Rust for a long time (always?).

I think I'll spend some time checking out Wasmtime.

https://wasmtime.dev/

Spending the time to learn #tmux basics was very much worth the investment. I live in tmux in my dayjob. If you work with #Linux, I strongly recommend it.

#wasmer 2.3 released:
https://wasmer.io/posts/wasmer-2.3
#wasm #rust

Enarx is an open source framework for running WebAssembly applications in TEEs (Trusted Execution Environments).

Enarx is completely written in Rust and includes an SGX shim, an X86_64 unikernel via KVM with SEV-SNP support.

Our contributions to Rust include:

* static-pie support
* x86_64-unknown-none Tier 2 target
* stabilization of naked functions
* network support for wasm32-wasi
* bindeps feature for cargo

https://enarx.dev

#rust #rustlang #confidentialcomputing
#webassembly #wasm #wasi

Good morning. Here is our #hachyderm infrastructure update

Today I will spend most of the day looking at the Event Horizon Telescope image of Sgr A*!

This is the first direct image of the emission immediately outside of our Milky Way’s central supermassive black hole!!!

#Introduction Hello #fosstodon!

Yet Another Twitter Refugee landing on the shores of the #fediverse #mastodon world.

I am fleeing the unleashing of the trolls in the impending Musk-alypse.

With >41K blocks and <3K follows on Twitter the noise to signal ratio is trending the wrong way. And it will get worse.

Looking for quality follows for: #technology #softwaredevelopment #golang #FOSS #Kubernetes #cloud #InfoSec #ISP #Infrastructure #meditation #physics #photography #CovidIsAirborne