SoylentNews is people
SoylentNews
Russ Cox, who developed the dependency/package management system for Go, writes about the problems with software dependencies. A choice excerpt:
Dependency managers now exist for essentially every programming language. [...] The arrival of this kind of fine-grained, widespread software reuse is one of the most consequential shifts in software development over the past two decades. And if we’re not more careful, it will lead to serious problems.
A package, for this discussion, is code you download from the internet. Adding a package as a dependency outsources the work of developing that code [...] to someone else on the internet, someone you often don’t know. By using that code, you are exposing your own program to all the failures and flaws in the dependency. Your program’s execution now literally depends on code downloaded from this stranger on the internet. Presented this way, it sounds incredibly unsafe. Why would anyone do this?
(Score: 2, Informative) by Anonymous Coward on Thursday January 24 2019, @11:10PM (7 children)
Don't forget the BIOS. It's insecure turtles all the way down, son.
(Score: 2) by fyngyrz on Thursday January 24 2019, @11:15PM (6 children)
Don't forget the microcode in the CPU, FPU and GPU, either.
--
Bread is like the sun. It rises in
the yeast, and sets in the waist.
(Score: 1, Interesting) by Anonymous Coward on Thursday January 24 2019, @11:33PM (5 children)
Intel provides that code for a very nice price though - [$0]. One of the reasons they are better than AMD, along with cpu durability,
(Score: 5, Insightful) by The Mighty Buzzard on Thursday January 24 2019, @11:55PM
They do not provide source to the management engine though, which kind of makes the microcode irrelevant.
My rights don't end where your fear begins.
(Score: 2) by fyngyrz on Friday January 25 2019, @02:00AM (3 children)
As TMB pointed out — not all of it, they don't. So really, you have no idea what might be going on under that heat sink.
--
When I dunk my cookies, I think of you.
I hold them under until the bubbles stop.
(Score: 0) by Anonymous Coward on Friday January 25 2019, @04:45AM (2 children)
If I remove the heatsink while it is running to check the cpu intel throttles, but AMD burns up: https://www.youtube.com/watch?v=Xf0VuRG7MN4 [youtube.com]
This is why I say intel is more durable.
(Score: 2) by Immerman on Friday January 25 2019, @08:15PM
If you remove the heatsink while using your computer, you've got bigger issues than the quality of your CPU...
(Score: 0) by Anonymous Coward on Saturday January 26 2019, @12:05AM
That video is almost 14 years old.