It doesn't mean the diets of humans are biologically supposed to consist of huge amounts of meat.

Most apex predators are of course obligate carnivores. But humans are probably near the top because the use of weapons and tools makes us highly dangerous, so most land animals are wary of humans. Even many predators don't prey on humans for food.

(Although some large land predators do, mostly when they're desperate for food.)

- Want to play these adversarial games

- Don't care about compromising control of hypervisor

- Don't simply have a dedicated gaming box

A hypervisor that protects against this already exists for Linux with Android's pKVM. Android properly enforces isolation between all guests.

Desktop Linux distros are way behind in terms of security compared to Android. If desktop Linux users ever want L1 DRM to work to get access to high resolution movies and such they are going to need such a hypervisor. This is not a niche use case.

I would never use a computer I don't have full control over as my main desktop, especially not to satisfy an external party's desire for control. It seems a lot more convenient to just use a separate machine.

Even mainstream consumers are getting tired of DRM crap ruining their games and movies. I doubt there is a significant Linux users would actually want to compromise their ownership of the computer just to watch movies or play games.

I do agree that Linux userland security is lackluster though. Flatpak seems to be a neat advancement, at least in regard to stopping things from basically uploading your filesystems. There is already a lot of kernel interfaces that can do this like user namespaces. I wish someone would come up with something like QubesOS, but making use of containers instead of VMs and Wayland proxies for better performance.

I honestly think you would be content as long as the computer offered the ability to host an arbitrary operating system just like has always been possible. Just because there may be an optional guest running that you can't fully control that doesn't take away from the ability to have an arbitrary guest you can fully customize.

>to satisfy an external party's desire for control.

The external party is reflecting the average consumer's demand for there not being cheaters in the game they are playing.

>It seems a lot more convenient to just use a separate machine.

It really isn't. It's much more convenient to launch a game on the computer you are already using than going to a separate one.

It's a little funny that the two interests of adtech are colliding a bit here: They want maximum control and data collection, but implementing control in a palatable way (like you describe) would limit their data collection abilities.

My answer to your question: No, I don't like it at all, even if I fully trust the hypervisor. It will reduce the barrier for implementing all kinds of anti-user technologies. If that were possible, it will quickly be required to interact with everything, and your arbitrary guest will soon be pretty useless, just like the "integrity" bullshit on Android. Yeah you can boot your rooted AOSP, but good luck interacting with banks, government services (often required by law!!), etc. That's still a net minus compared to the status quo.

In general, I dislike any methods that try to apply an arbitrary set of criteria to entitle you to a "free" service to prevent "abuse", be it captchas, play integrity, or Altman's worldcoin. That "abuse" is just rational behavior from misaligned incentives, because non-market mechanisms like this are fundamentally flawed and there is always a large incentive to exploit it. They want to have their cake and eat it too, by eating your cake. I don't want to let them have their way.

> The external party is reflecting the average consumer's demand for there not being cheaters in the game they are playing.

Pretty sure we already have enough technology to fully automate many games with robotics. If there is a will, there is a way. As with everything else on the internet, everyone you don't know will be considered untrusted by default. Not the happiest outcome, but I prefer it to losing general purpose computing.

I'm talking about the entire chip. You are unable to implement a new instruction for the CPU for example. Only Intel or AMD can do so. You already don't have full control over the CPU. You only have as much control as the documentation for the computer gives you. The idea of full control is not a real thing and it is not necessary for a computer to be useful or accomplish what you want.

>and your arbitrary guest will soon be pretty useless

If software doesn't want to support insecure guests, the option is between being unable to use it, or being able to use it in a secure guest. Your entire computer will become useless without the secure guest.

>Yeah you can boot your rooted AOSP, but good luck interacting with banks, government services (often required by law!!), etc.

This could be handled by also running another guest that was supported by those app developers that provide the required security requirements compared to your arbitrary one.

>That "abuse" is just rational behavior from misaligned incentives

Often these can't be fixed or would result in a poor user experience for everyone due to a few bad actors. If your answer is to just not build the app in the first place, that is not a satisfying answer. It's a net positive to be able to do things like watch movies for free on YouTube. It's beneficial for all parties. I don't think it is in anyone's best interest to not do such a thing because there isn't a proper market incentive in place stop people from ripping the movie.

>If there is a will, there is a way.

The goal of anticheat is to minimize customer frustration caused due to cheaters. It can still be successful even if it technically does not stop every possible cheat.

>general purpose computing

General purpose computing will always be possible. It just will no longer be the wild west anymore where there was no security and every program could mess with every other program. Within a program's own context it is able still do whatever it wants, you can implement a Turing machine (bar the infinite memory).

They certainly aren't perfect, but they don't seem to be hell-bent on spying on or shoving crap into my face every waking hour for the time being.

> insecure guests

"Insecure" for the program against the user. It's such a dystopian idea that I don't know what to respond with.

> required security requirements

I don't believe any external party has the right to require me to use my own property in a certain way. This ends freedom as we know it. The most immediate consequences is we'd be subject to more ads with no way to opt out, but that would just be the beginning.

> stop people from ripping the movie

This is physically impossible anyway. There's always the analog hole, recording screens, etc, and I'm sure AI denoising will close the gap in quality.

> it technically does not stop every possible cheat

The bar gets lower by the day with locally deployable AI. We'd lose all this freedom for nothing at the end of the day. If you don't want cheating, the game needs to be played in a supervised context, just like how students take exams or sports competitions have referees.

And these are my concerns with your ideal "hypervisor" provided by a benevolent party. In this world we live in, the hypervisor is provided by the same people who don't want you to have any control whatsoever, and would probably inject ads/backdoors/telemetry into your "free" guest anyway. After all, they've gotten away with worse.

We already tried out trusting the users and it turns out that a few bad apples can spoil the bunch.

>It's such a dystopian idea that I don't know what to respond with.

Plenty of other devices are designed so that you can only use it in safe ways the designer intends. For example a microwave won't function while the door is open. This is not dystopia despite potentially going against what the user wants to be able to do.

>I don't believe any external party has the right to require me to use my own property in a certain way.

And companies are not obligated to support running on your custom modified property.

>The bar gets lower by the day with locally deployable AI.

The bar at least can be raised from searching "free hacks" and double clicking the cheat exe.

>who don't want you to have any control whatsoever

This isn't true. These systems offer plenty of control, but they are just designed in a way that security actually exists and can't be easily bypassed.

>and would probably inject ads/backdoors/telemetry into your "free" guest anyway.

This is very unlikely. It is unsupported speculation.

You say this as if the user is a guest on your machine and not the other way around.

It's not a symmetrical relationship. If companies don't trust me, they don't get my money. And if I don't trust them, they don't get my money.

The only direction that gets them paid is if I trust them. For that to happen they don't have to go out of their way to support my use cases, buy they can't be going out of their way to limit them either.

> designed in a way that security actually exists

When some remote party has placed countermeasures against how you want to use your computer, that's the opposite of security. That's malware.

The user is a guest on someone else's network though. You may be a guest to Netflix and they require you to prove your machine is secure for them to provide you 1080p video. You are free to do whatever you want with your own machine, but Netflix may not want to give you 1080p video files if they don't trust your machine.

>When some remote party has placed countermeasures against how you want to use your computer, that's the opposite of security. That's malware.

I think it's fair to have computers that allow you to disable integrity protections and do whatever you want. You just shouldn't be able to attest that your system is running 1 set of software when in reality it's running something else. It's fraud.

There's already a body of laws that incentivize against violating copyright. It lunacy to stack on additional ones in service of the same goal. That's like saying that it's both illegal to speed, and it's also illegal to tell your friends that you'll be there in 15 minutes when you'd have to speed to get there sooner than 20, whether or not you actually do the speeding.

Devices are not legal persons, they can't sign contracts on your behalf, nor can they commit fraud on your behalf. If a bogus is attestation is necessary in service of interoperability, that's a technical detail not a legal one. If what you want is copyright enforcement, focus on the crime not the circumstance under which a such a crime is possible.

Whether that was a Windows compatibility issue or potentially some display driver thing, I'm not sure. (90's Windows games may have used some DirectDraw features that just don't get that much attention nowadays, which I think may have been the issue, but my memory's a bit spotty.)

Just about every commercial software license says the software is licensed, not sold.

Of course the practical difference is in whether you can trust you'll be able to keep using the product indefinitely or have to rely on the publisher's goodwill.

(Also, whether the idea that a software product is only licensed and not sold is legally valid of course depends on the jurisdiction and legal interpretation. IIRC back in the day some people tried to argue that you couldn't resell a game or other piece of software you bought on physical media because the software was only licensed to you, not sold. That argument didn't necessarily fly.)

The difference with the 386, I think, is that AFAIK the second-sourced 8086 and 286 CPUs from non-Intel manufacturers still made use of licensed Intel designs. The 386 (and later) had to be reverse engineered again and AMD designed their own implementation. That also meant AMD was a bit late to the game (the Am386 came out in 1991 while the 80386 had already been released in 1985) but, on the other hand, they were able to achieve better performance.

>AMD said Friday that its “independently derived” 486 microprocessor borrowed some microcode from Intel’s earlier 386 chip.

Borrowed hehe. Ended up in a 1995 settlement where AMD fully admitted copying and agreed to pay $58mil penalty in exchange for official license to 386 & 486 microcodes and infamous patent 338(mmu). Intel really wanted a legal win confirming validity of their patent 338 to threaten other competitors. 338 is what prevented sale of UMC Green 486 in USA. Cyrix bypassed the issue by manufacturing at SGS and TI who had full Intel license https://law.justia.com/cases/federal/district-courts/FSupp/8...

>were able to achieve better performance

Every single Am386 instruction executes at same cycle count as Intel counterpart, difference is only official ability to work at 40MHz.

It is, yes. I meant to mention that detail!

> The 386 (and later) had to be reverse engineered … That also meant AMD was a bit late to the game

There were also legal matters that delayed the release of their chips. Intel tried to claim breach of copyright with the 80386 name¹ and so forth, to try stymie the competition.

> they were able to achieve better performance.

A lot of that came from clocking them faster. I had an SX running at 40Hz. IIRC they were lower power for the same clock then Intel parts, able to run at 3.3V, which made them popular in laptops of the time. That, and they were cheaper! Intel came out with a 3.3V model that had better support for cache to compete with this.

--------

[1] This failed, which is part of why the i386 (and later i486 and number-free names like Pentium) branding started (though only in part - starting to market direct to consumers rather than just EOMs was a significant factor in that too).

Great contest. And a great entry, I had a big chuckle running it and unredacting my documents, even photos!

There are cases where a password manager may not solve the problem, though. It doesn't help if I forget my disk encryption or work AD password and I need to be able to login before I can get to the password manager in the first place. Enterprise IT is also where you find some of those frustrating password policies, such as long and complex passwords with mandated changes every month or two, and where you usually can't choose your management tools.

Of course those particular passwords usually get typed so often that remembering them isn't much of a problem. And password managers work well for pretty much all secrets that aren't needed that often.

Although: be careful of cloud solutions

I suppose in some schools computer science programmes might be fairly distinct from engineering ones. However, it seems that in lots of places a bachelor's in computer science is rather an generalist degree that covers lots of (mostly software) tech topics and some CS theory.

I'd still have trouble calling myself a software engineer, though, since I don't technically have an engineering degree, even though in lots of places my job might be described as such.

I also don't know a single programmer/developer whose job is distinct from field 2.

It sounds like leetcode problems require either memorization of a significant number of algorithm design patterns or seriously sharp algorithmic problem solving skills.

I'd be more worried about document interoperability between government agencies and other organizations such as companies that do work for the government. The government could of course mandate contractors to use an open source office suite which would extend the need for training to those companies.

Also, I've seen some orgs make heavy use of Office formats in terms of e.g. surprisingly elaborate formatting, document history and comments, and although I haven't tried to use those in LibreOffice, I wouldn't be sure it supports all of those in the same extent some people have learned to use them in Office.