remember that 10c goes toward funding a fascist regime.

Wine runs in user space. I don't see how Wine could ever run drivers, such as peripheral drivers required by things like the iPhone sync functionality of iTunes or kernel-level anti-cheat required by major online games supporting pickup matches with strangers.

People who use software that requires Windows are "forced" to buy Windows along with a new PC. An OEM Windows 10 license that came with a PC is locked to that PC. A new PC purchased to replace a PC that cannot be upgraded to Windows 11 will come with a new Windows license.

Start with stage0 (whose binary seed is about 1 KiB) and GNU Mes. Use mescc to build tinycc, then GCC 2.95, then GCC 4.7, then fairly modern GCC, and then use mrustc to build some version of Rust. The time-consuming part is that each version of the Rust toolchain uses fairly new features in the Rust language, so yes, you'll probably have to build the world a couple dozen times starting with the most recent version supported by mrustc.

If I had to guess, we let this happen by the USA electing George W. Bush in 2000. His incoming Attorney General settled United States v. Microsoft Corp., 253 F.3d 34 (D.C. Cir. 2001), with a wrist slap instead of a Windows division breakup.

You probably guessed correctly: equitable relief in the form of an injunction against Disney bringing a trademark lawsuit. I haven't read the complaint, but I'd be surprised if it didn't cite Kellogg and Dastar.

The Supreme Court of the United States has decided a few cases about the interaction between the Lanham Act, which inclues trademark law, and exclusive rights pursuant to the Copyright Clause. Key cases includes Kellogg Co. v. National Biscuit Co., 305 U.S. 111 (1938), and Dastar Corp. v. Twentieth Century Fox Film Corp., 539 U.S. 23 (2003). In both cases, the Court ruled that the Lanham Act cannot be used to extend the effective term of exclusive rights in an invention whose patent has expired or a work whose copyright has expired. Disney's legal counsel ought to be familiar with the latter case, seeing as it involved a company that is now a subsidiary of Disney.

From the article:

The Go project recently arranged for Go itself to be completely reproducible given only the source code, meaning that although a build needs some computer running some operating system and some earlier Go toolchain, none of those choices matters."

[...]

The Multics review is famous for pointing out the possibility of adding a back door to a compiler to insert back doors in critical system programs during compilation [...]. Reading the report inspired Ken Thompson to implement exactly that attack on an early Unix system, probably in early 1975. He later explained the attack in his 1983 Turing Award lecture, published in Communications as "Reflections on Trusting Trust."

David A. Wheeler described a defense against a back door that propagates through the compiler in a 2009 PhD dissertation titled Fully Countering Trusting Trust through Diverse Double-Compiling . Diverse double-compiling (DDC) involves choosing two or more other independently developed compilers A and B for a language, bootstrapping compiler C from source code through each of them (building C with A or B and then building C with itself), and ensuring that the output is byte-identical. This relies on previous effort to make builds reproducible.

However, DDC also relies on having more than one implementation of a particular language. Go and Rust each have only one widely used implementation. This means someone trying to wrangle a supply chain has to do one of three things: trust a particular old version of a compiler not to have a back door, compile every version since the dawn of the language (such as when Rust was prototyped in OCaml), or implement a usable subset of the language in a more widely implemented language. This is why mrustc is so important, as it's a way to skip forward by several years' worth of versions when bootstrapping a Rust compiler.

From the article: "The only problem left is key distribution: The verifier must know who should have signed the code. [...] To the extent that questions of identity can be solved, having authors sign their software can provide even stronger guarantees." It goes on to describe how Debian and Go package repositories include the expected hash value of a package, so that package downloading tools can reject a package that has been replaced.

However, the approach used by Debian to verify developers' identity, that of new developers physically meeting existing trusted developers at key signing parties to exchange OpenPGP public keys, doesn't scale very well. A lot of contributors are disconnected from the strongly connected set of the web of trust because they cannot travel to key signing parties. This can be because of cost, work or child care scheduling, regulatory restrictions related to geopolitics, or regulatory restrictions related to public health (most recently during 2020-2021). These disconnected contributors must forever rely on the bottleneck of "sponsors" (trusted developers who forward packages from the maintainer to the distribution) to get their work into a distribution.

And sponsors are indeed a bottleneck. From the article: "And then you need to be ready to update to a fixed version of that dependency." When a package's upstream maintainer releases an updated version of a package, the package's sponsor in a particular distribution may be too busy with other tasks to handle it the same day. This can mean that there is no available labor to forward the update to the rolling distribution and backport the fix to the version of the package in a stable distribution.

I've heard of those famed supernovae that were visible with the naked eye in the middle ages, and I've always wished I could see one too in my lifetime.

I might just be lucky before I go nova myself.

They don't need AI for that. Teams - and pretty much all Microsoft products - are honeypots designed to collect data.

Well, no so much "honeypots" in the case of products that employees are forced to use at their workplace: they're no honey needed to attract them and get them to give Microsoft data. If you disagree with Microsoft's privacy invasion, you lose your job.

That's the genius of Microsoft's particular brand of invasiveness: instead of convincing individual people their products are good enough to relinquish their privacy for (Facebook), or convincing a large part of the internet to let them sneak in their trackers (Google), Microsoft convinced the bean counters at most companies to install their spyware and ram it down the throats of people who need to make a living. Disgusting...

Anyway, the AI thing is just the turd on top of the shit cake.

What's gonna stop obesity among Americans isn't permanent standard time. It really, REALLY isn't that.

A good start would be making healthy food that isn't 1,000,000 calories per pound, and not made of fat and sugar mixed in unknown chemicals affordable. And taxing the living shit out of junk food. And getting people to stop eating supertanker-sized servings.

Typical AI shill answer (and the word "agentic" in the sentence is a dead giveaway too).

Wrong logic: a person's job should be gone if your "agentic" thing does the job cheaper AND at least as well.

As always, AI shills conveniently forget to factor in the quality of the work produced.

The reality of AI is, while it might be cheaper than real workers, it also enshittifies the entire world. And that's a fact.

Does it work without a Facebook account and 24/7 creepy corporate surveillance?

Oh...

The issue is: how many people did AI displace?

Hmm no: I trust a coal miner to produce better code than an AI vibe coder.