Chances that you do this: zero

What is the logic there? How do you get from "police have misused it" to "police should be banned from using it"? I feel a few steps are missing.

Easy - the justice system isn't doing the proper checks. Police use it, and it returns a list of names of people WHO LOOK NOTHING LIKE the person of interest. And police do not even perform a preliminary check of whether or not the person could have committed the crime (they may have an alibi). And the judges do not even take 5 seconds to look at the photos of the suspect or the person identified. And then you arrest a random stranger who is then locked up for several weeks, ruining their lives (lose their job, lose their house, etc).

No, they're not supposed to be using the software and going from "surveillance video" to "arrest"

It should not take a judge in a courtroom to have to dismiss the case for obvious "this guy should never have been arrested in the first place".

It's only a matter of time before facial recognition says a black guy did the crime when it was clearly a white guy in the surveillance video. Or vice-versa.

And as long as police do not use their tools properly they shouldn't have access to them. And using the tools properly means understanding the limitations of it. Facial recognition is not a magic box where you insert video on one end and it spits out the name of the culprit on the other.

No, facial recognition is a tool, and it can be used, when used responsibly. The problem is, the police have not shown to be responsible users of the technology.

Especially when they can ruin lives due to misidentification. Once arrested, it can take 2 or 3 weeks before anyone processes your case. Which means you're stuck in jail for 2-3 weeks. Your job will likely fire you for not showing up to work. And you can lose your house because without money, no job, there goes your rent or mortgage payment. 21 days later someone goes "Oops, you look nothing like the suspect, sorry!" and then they dump you on the street. You lost your job, your house, your family is likely somewhere where you don't know.

(And yes, ICE uses the same tactics for those people they wrongly arrest)

If you're lucky great, you can get a lawyer who can expedite matters - but that shouldn't be the determining factor on whether a false arrest ruins your life.

time_t has been 64 bit on Linux for a long time now (over a decade). You haven't needed a 64-bit system for 64-bit time_t.

x32 changes the model for 64-bit computing - these are the C semantics.

Remember in C, sizeof(int) = sizeof(long) = sizeof(long long)

You can have 32 bit ints, 64 bit longs (long longs are 64-bit), and 64 bit pointers - referred to as ILP64 (int, long, pointer). This is traditional in Linux and similar operating systems.

Or you can have 32-bit int, 32-bit long, and 64-bit long longs (and 64-bit pointers) - LLP64 (long long, pointer) - this is Windows where lots of code assumed ints and longs were 32 bit.

x32 is where int is 64-bits, longs are 64-bit, but pointers are 32-bit. The code runs in 64-bit mode (on amd64 systems, this has benefits because amd64 has access to many more registers than in ia32), but pointers and address space is 32-bits (4GiB max for the application - note the kernel does not have to live in the upper memory).

It's a weird mode of operation because it's based on something where having the extra wide register set but limited memory space is a benefit, or for some architectures like ARM where AArch64 is much more efficient. Likely this is for operations where the data to be worked on is wide but streamed - think DSP or other signal processing applications where you don't need 64-bit pointers because your code is tiny, your data is moved back and forth between several buffers, but would like 64-bit wide registers to process with and having a lot of them is useful. Having 64-bit pointers would just be a waste.

But it's really a niche application where you're having so many pointers it might have an impact on RAM usage if you needed to keep them 64-bit.

Everyone knows that 10x engineers validate inputs and carefully manage dependencies; so clearly there's no risk of unexpected behavior.

It seems worth noting that one of the items in Wyden's rather pointed inquiry is the fact that the feasibility of doing this is known to have been demonstrated for the DoD by outside people familiar with it at least as early as 2016; so while this is the first confirmed case of adversarial use it's the outcome of at least a decade of just ignoring the problem; and a significantly longer period of failing to reasonably anticipate the problem. It's not like there's No Such Agency you could ask about "how could you spy on someone with the internet even?" if you wanted to know how well or poorly readily available information matched a nation state signals intelligence apparatus.

Purely as a matter of cellphones being expensive and somewhat tepidly capable in the before times I assume that there was a period within living memory when merely telling people not to Gordon Gekko on their DynaTAC where the russians can hear you was good enough; but that would have clearly and rapidly been getting less true for at least a quarter century.

The whole 'responsible disclosure' preaching and the not-terribly-subtle threats seem particularly bad given that there's an entire industry of actively more dangerous people who are not only treated as legal but actively courted by state agents and cops(and often even less savory customers, though they tend to be cagey about those); the ones who actively seek to keep vulnerabilities quiet so that they can continue to sell exploit tools and services based on them. Throwing zero days on github isn't ideal vs. getting them fixed; but it gets them fixed faster than if Cellebrite wants to hang on to a bitlocker bypass or Trenchant, and L3Harris Technologies Company, wants to keep selling 'network investigative techniques' that can bypass default windows defender configurations or whatever the situation is.

From the outside it's hard to know whether MS actually mistreated the researcher badly enough to justify their displeasure(the consensus appears to be that MSRC was never the best to deal with and has actively gone downhill; but this person's position seems significantly angrier than average) or whether they are perhaps wound a little tight; but implying that their legal status is the same as people actively running attacks against user systems is blatantly false and totally ignores the class of researchers who do actively run attacks while being treated as respectable.

It's a particularly bad look when at least Facebook got into a public legal fight with the NSO group over their nerd-merc work against their users; not like that actually solved the problem of attacks on cellphones; but it was an all-too-rare case of industry pushing back against the 'respectable' arms dealers; and not one that MS has an analog to.

We'll all pretend that nuclear-tipped VCs will remain cool-headed and cooperative when the AI debts start to go sour.

I'm not an expert on rebuilding massively exploded launch infrastructure; but I have a suspicion that a 2026-2029 plan is now going to involve less Blue Origin than previously believed.

This round of consoles is an oddity - the PS5 and Xbox Series have upended the usual discounting rules, and they cost more now than they did in the past. Usually by this time the price of new consoles would've decreased by 50% or more (remember, we're 6 years into the console lifespan).

Now the Steam Deck costs more than what I paid for it.

Though, at least I can say, I got my money's worth of play out of the Steam Deck - it suits my needs for portable PC gaming very nicely.

"I've seen the pictures" says another American who figures using the internet amounts to actually living life, going places, being less of a moron.

Seasoned C programmers create memory bugs all the time. I mean, the idea that "experience" leads to perfect code is bananas. There's a reason why static analysis is used in any serious environment. Rust just makes that part of the language without an annoying about of tooling/pipeline cruft.

The problem is he had never put much thought into how to actually manage memory in a reasonable way in C. This is why C code is bad, because C programmers never ask themselves, "How do I not leak memory?"

Honestly this reads like you've never worked with real programmers.

"Insightful" because this place is full of old people who really overestimate their abilities to know what is good.

The world is moving on, buddy. C is "fine" in so far as how amazing you are at writing code that doesn't have memory access issues. I'm not shitting on C. But Rust isn't crap - it's really very good and there's a reason why the active generation of big stakeholders (Linux kernel devs, MS, and way way beyond) are chuffed about the value it brings.

Ah, that's an interesting detail (one I agree with) - thank you for pointing that out.

If you need to force people to promote / accept your culture, you should be asking why people prefer other cultures and address those issues instead.

Need is too strong a word. Want is the word. And mostly its there to force content publishers to protect a culture - given the balance of size of American popular culture, American content providers, etc .. I think it's naive to think it comes down to "a free market would accurately represent the desires of a specific domestic market in which it operates"

Media/culture is not some giant buffet where people walk in and just take (and pay for) the plate they want.

Yeah, they should've started with something much more reasonable first - like an automated reader that catches people who drive past school buses that are stopped picking up or dropping off students.

Blowing past a school bus with its stop lights on and the sign out is illegal in most jurisdictions and can be implemented fairly easily.

You do that first, which gets the cameras mounted and recording continually standard on all school buses. Then you implement them to do all license plates later on once everyone is used to them.

That's how you do it - you get people onboard with it first then you expand its capabilities.