Google writes safer code with Rust

From “Google hails move to Rust for huge drop in memory vulnerabilities”:

In Google’s own shift towards using memory safe programming languages there has been a significant drop in the number of memory-related vulnerabilities, with memory safe vulnerabilities down to 24% in 2024 - a stark contrast from 2019 [76%] and well below the industry norm of 70%.

Memory safety is not the same as safety. You can still write bad logic in any language. It “just” gets rid of the majority of bugs so that programmers can concentrate on the more interesting parts.

Also, yes, of course you can write safe C code. No one with a large codebase ever has in practice, but it’s at least hypothetically possible. Wouldn’t rather not have to, though?

It astounds me that in 2024 there’s no canonical way to select which CSS to use for a web browser on a phone screen. You have to guess at how many CSS pixels wide your target device is. If next year’s device is any larger than a hardcoded threshold, they may get your desktop layout instead.

I know there are people who’ve made their careers out of memorizing all the edge cases of this monstrosity. Those are lifetimes lost to toil because no one can agree on an official way to look nice on a cell phone, or the one true way to center an image. It’s madness.

The fine folks who make iA Writer wrote about their challenges supporting Android.

My first impressions:

  1. I’m glad Google is taking user privacy so seriously.
  2. …but I didn’t know it was so Kafka-esque for developers to comply with their requirements.

I hear “why would devs ever tolerate Apple’s App Store shenanigans when Android is right there?” Well, because the grass isn’t always greener.

Ideally, both Apple and Google would make it easier for devs. Nothing about this requires either’s processes to be more complicated than they inherently are. As it stands today, both shift a lot of extra effort and compliance guesswork onto developers.

My Raspberry Pi 4 started running hot when I moved it from a freestanding case to a fanless server rack. I’d often SSH in and see idling it at 65C or warmer, with log messages showing it had been thermally throttled. That’s not great.

I just bought a Argon Fan HAT. I installed it and fired up a large Rust compile with 4 concurrent jobs. 20 minutes later and the RPi averaged about 54C with no throttling.

Get your Pi a fan. It wants one very much.

So we were all talking about Palm Pilots, and someone mentioned that they’re available dirt cheap off eBay.

Sigh. I didn’t need this, but it arrived today anyway.

Frankly, a lot of the IIIxe’s assets hold up well. One hardware button press and the relevant app is open and ready half a second later. My fingers remember how to write Graffifi. No notifications, except calendar event reminders I configured. I’ve used less productive devices all too recently.

A shiny new Palm IIIxe looking like new

BetterDisplay Pro fixed my multi-monitor pet peeve

I have a 32" monitor and a 27" monitor on my desk. Don’t ask. But although they’re different sizes, they both have the same native 3840x2160 resolutions. The 27" just has smaller pixels.

This is fine 99% of the time. When I’m working away with different windows open on each screen, all is peachy. It’s only slightly annoying that the menu bar on one screen is a tiny bit larger than on the other, but I’m tough. I can live with that.

What I can’t tolerate is that it’s impossible to exactly line up graphics across the 2 monitors. If I flick my mouse cursor from one to the other at the top of the screen – I have the physical screen tops aligned at the exact same height – it flies smoothly over the gap. If I try the experiment near the bottom, the cursor jumps in altitude as it crosses the border because “2000 pixels down from the top” is a farther distance in inches on a 32" monitor than on a 27" screen. And if I dare drag a window from one screen to the other, its position and size change as it crosses over. This will not do.

A friend recently nudged me to look at BetterDisplay Pro, and my life is better for it. It has exactly one feature I care about: the ability to enter a custom screen resolution, which I can then select from the normal Displays system setting. I did these things in order:

  • Installed BetterDisplay Pro.
  • Looked up my monitors’ specs. One has pixels .1554mm square. The other’s are .1810mm square.
  • Computed a new resolution for the smaller monitor. I was running the larger monitor at a virtual resolution of 2560x1440 because at full res I’d need a telescope to read this text. I multiplied those numbers by .1554/.1810 to get a new resolution of 2196x1236.
  • Added that to BetterDisplay Pro as a custom scaled resolution.
  • Opened Displays and selected the new resolution.
  • Dragged windows back and forth between the 2 in unadulterated joy as they’re now the same physical size on both monitors, and both the tops and bottoms of windows exactly line up as they cross over.

Wow, wow, wow. After many long months of mortal anguish, that annoyance is completely gone. My monitors play nicely together as I always wished they would.

Note: Yes, now there’s a slightly different nit, in that it slightly irks me that my resolution has a very strange non-integer scaling factor of 180:103. I don’t care. I can live with it. macOS still sends a 3840x2160 signal to the displays, and the pixels are so tiny that I can’t visibly tell it’s not running at native resolution. Of course, that non-integer scaling might slow the display down very slightly, but this is on an M1 Max system and why pay for the TFLOPS if you’re not going to use them? It’s totally worth the tradeoff.

When we got this kitty, she was darn near feral. Now she won’t leave me alone.

A brown and grey striped cat with bright green eyes is sitting on the lap of someone in a home office.

The coffee shop is fine

I hear too many acquaintances worry that employees might work from a coffee shop or other public network, putting their whole company at risk. So what if they do? The idea that a coffee shop’s Wi-Fi is insecure implies that there’s a mythical “secure” network that can be trusted with the company’s secrets. That’s almost never true.

Work-from-home employees are on a tame home Wi-Fi setup, right? Don’t count on it. Is their gear current? Are they sharing Wi-Fi with their neighbors? Are they using their apartment building’s network? Who’s their ISP? Although their home setup might – or might not – have fewer people on it than the local cafe’s, that doesn’t make it trustworthy.

What about the employees we coerced into returning to a legacy office and using its Wi-Fi? Oh. You mean that named network that sits around with a target on its back as belonging to important people? Unless you manage your own office, and it’s in a Faraday cage blocking all outbound or inbound radio signals, and you pretend that MAC filtering is a security feature, and all your equipment is patched with the latest security updates, and you have guards walking around with fox hunt antennas to spot rogue access points, it’s not substantially better in the ways that count. If you can read this at work, at least a few of those assumptions are likely wrong.

The idea of a “trusted network” is dead. It’s time we stop pretending. If an employee can be compromised at the coffee shop, they can be compromised at the office. We have to design our defenses as though our staff are working from the free network at DEF CON. That means making sure all employee devices and servers are patched. That all connections are encrypted, even those between internal systems. That authentication uses cryptography, not passwords. That we don’t pretend that “route all traffic” VPNs are a good idea. That we don’t rely on allowlisted IPs as a critical defense. That we don’t trust any network our employees might use, and that our systems are robust enough to endure hostile environments. Yes, even the ones we tell ourselves are safe.

And if we’re not comfortable with our coworkers typing away next to a fresh latte, it’s our responsibility to figure out what part of that bothers us and then fix it. The issues that would make that scenario dangerous affect the “secure” office, too.

It’s an Aperol spritz kind of afternoon.

Two glasses are filled with dark orange liquid and topped with ice and orange slices. They’re sitting on a cutting board surrounded by more orange slices.

I found a odd control in AWS Security Hub’s CIS Benchmark 3 findings. It reports “IAM Access Analyzer external access analyzer should be enabled”, even if it is enabled in another account with organization-wide scope. Support’s advice is to disable the control.

Fine. It seems like an edge case, although maybe a common one for orgs with multiple accounts. I’m OK with silencing the false positive since we monitor that other account with its own CIS Benchmark 3 report.

We went to the local swap meet across the channel from the Port of Oakland. Photos don’t do justice to the enormousness of the container ships moored here daily.

A giant Hyundai container ship loaded with pink and orange and brown and other brightly colored containers in front of some giant cranes and a clear blue sky. It sits across a channel and some car roofs are in the foreground.

All household children deny knowledge of the situation, but I am skeptical.

A bag of frozen microwaveable burritos that has been open from both ends.The same bag with both ends rolled up and closed with bag clips.

Today I learned about Emacs’s table handling. Start with a mess:

| *Name* | *Type* | *Flavor* |
|--|--|--|
| Orange | Fruit | Orangeish |
| Water | Liquid | N/A |
| Pineapple | Armored fruit | Summer |

Run M-x table-recognize and press TAB. Now you have:

| *Name*    | *Type*        | *Flavor*  |
|-----------|---------------|-----------|
| Orange    | Fruit         | Orangeish |
| Water     | Liquid        | N/A       |
| Pineapple | Armored fruit | Summer    |

❤️

Literally every time I open the CA DMV digital drivers license app:

  1. “You need to refresh your license!” Fine.
  2. “To do that, you need to log back into the DMV website!” Alright.
  3. “Your password is expired. You need to update it!” Ugh, really, whatever.
  4. “System Unavailable”. throws phone

Every. Time. If I ever try to use this to board a flight, I’m so sorry for the people behind me in line that day.

Gigi is a happy mess.

A 3 lb Maltese dog sits between some pillows. She’s staring at the camera, fuzzy white fur, big black eyes and a pink tongue hanging out the side of her closed mouth.

If I bought this, “everyday" would mean “…for the rest of my life, and you’ll have to bury me in it.”

Picture of a normal-looking shirt:
&10;
&10;“Best everyday v-neck t-shirt
&10;
&10;$15,202 at its website
&10;
&10;Pros:
&10;
&10;+ Buttery soft fabric
&10;
&10;+ Has a hint of stretch to move freely
&10;
&10;Cons:
&10;
&10;x Not the most stylish pick”
&10;
&10;Not mentioned:
&10;
&10;+ Grants the ability to fly

Sometimes Rust makes me so happy. I wrote this over the weekend:

let embedded_data = include_bytes!("../static/data.bin");
let my_set: HashSet<&[u8]> = embedded_data[7..].chunks(10).collect();

It does this:

  1. Read a binary file and embed it in the final executable as an array of bytes.
  2. Create a HashSet (Python folks: a set() of items of a specific type) where each element is an array of bytes.
  3. Skip the first 7 bytes of the binary file using Python-like slice notation.
  4. Create an iterator that emits 10-byte portions of the rest of the file, one at a time.
  5. Collect all the values from that iterator into… oh!, a HashSet<&[u8]> because Rust can tell what the type of the target variable is, so why make me repeat myself?

Rust isn’t magic. Other languages can do similar things if you poke at them enough. It’s more that 2 lines of builtin Rust can readably implement a reasonably sophisticated set of operations that get compiled into a static executable. That’s a very pleasant combination of features.

The hen is very curious about my lunch.

A black hen stands in the shadow of a back yard shelter. She’s watching very closely to make sure the diner isn’t up to shenanigans.

Today’s spam starts:

How are you doing? I’ve been following you on LinkedIn for a while now and wanted to reach out to say that I absolutely love your background. I have a Business Opportunity that I would like to discuss with you for mutual benefit.

That’s a new one for me.

My wife took a vow to put up with me 25 years ago today. Since then, she’s been my ride-or-die best friend through our many grand adventures. We didn’t always know how they’d work out. We’ve always gotten through them together. I know there’s nothing too big for us to face side by side.

Here’s to the next 25, my love, and all the others after that.