@slightlyoff fuchsia could have been so much more than it has been so far, it's really been trapped in a googled state, and that's really the best way to describe it sadly. alas, it's even now caused substantial decay in the projects vision and targets, so it's now unlikely it'll ever meet anything like the original goals, even if it's temporarily useful for the company
Posts
-
This is a thoughtful piece; what Chris didn't see were some of the failure modes of Hixie's hubris when it came to inventing new elements in HTML5 (see also: "what we need is WASM and WebGPU" pipe dreams). But it's spot-on about how Google has turned a... -
@raggi yeah or wazero's interpreter, if I can satisfy myself that it's not going near unsafe or JIT type things. And even if it comes to jit, I know _how_ to wire things up to feel okay about it, I just also can't shake the feeling that I should have a...@danderson https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-ff4p-7xrq-q5r8 is an interesting read, seems there could be/should be/maybe is a set of best practices somewhere for a hardened runtime configuration for big core systems
-
@raggi yeah or wazero's interpreter, if I can satisfy myself that it's not going near unsafe or JIT type things. And even if it comes to jit, I know _how_ to wire things up to feel okay about it, I just also can't shake the feeling that I should have a...@danderson looks like there was a critical last year: https://groups.google.com/a/bytecodealliance.org/g/sec-announce/c/Mov-ItrNJsQ
-
@raggi yeah or wazero's interpreter, if I can satisfy myself that it's not going near unsafe or JIT type things. And even if it comes to jit, I know _how_ to wire things up to feel okay about it, I just also can't shake the feeling that I should have a...@danderson so many names have missed for me, these days I measure more by looking at likely time investments: are there big fuzzing suites, do they contain caught regressions, are the arch docs, is there a 3p review summary, is there a governance and review process, etc
-
@raggi yeah or wazero's interpreter, if I can satisfy myself that it's not going near unsafe or JIT type things. And even if it comes to jit, I know _how_ to wire things up to feel okay about it, I just also can't shake the feeling that I should have a...@danderson yeah, it’s a fair question to ask at the bytecode alliance, I’m guessing their answer will be to use wamr and suck up the c
-
@raggi Perhaps I'm being either too optimistic about interpreters or too pessimistic about JITs, but breaking out of a Go/Rust interpreter stepping through your bytecode feels quite a bit harder than finding a subtle mismatch of expectations between th...@danderson i believe wasmtime can run in a mode where it's AOT only, and i'd also be using that, with a surrounding sandbox, for a real 3p deployment in an environment i need to be quite safe - no WX pages nearby
-
Taking another quick tour of wasm runtimes, the thing that strikes me the most is how so few of them seem to aim for a first-class experience that prioritizes security over speed.@danderson use case matters ofc, how many layers of defense can you put in place in a particular deployment. a lot of the edge compute interest can quite easily have several other layers of defense and limited intertenant and escalation access at more fundamental levels, but in these use cases startup time and runtime are very important obviously
-
Taking another quick tour of wasm runtimes, the thing that strikes me the most is how so few of them seem to aim for a first-class experience that prioritizes security over speed.@danderson i don't know how far concerned i'd be with a well tested JIT honestly. I'd still be sandboxing heavily a the host layer regardless (because rowhammer and so on), and maybe add some basic tripwires that are hooked up to a process lock.
-
Taking another quick tour of wasm runtimes, the thing that strikes me the most is how so few of them seem to aim for a first-class experience that prioritizes security over speed.@danderson that's a shame, i guess we need some reinvestment going on. i wonder how much work it is to fill in gaps in wain
-
Taking another quick tour of wasm runtimes, the thing that strikes me the most is how so few of them seem to aim for a first-class experience that prioritizes security over speed.@danderson yeah. i think wazero, the go one, is just an interpreter, i don't know about it's feature support. I think last I looked a lot of the rust interpreters were no longer keeping up with the standards