To be fair trees still use energy for doing this, but that energy is conveniently provided by the sun.

High or low level doesn’t matter. Mathematically it just makes more sense to use 0-based indexing https://www.cs.utexas.edu/users/EWD/transcriptions/EWD08xx/EWD831.html

It’s mentioned in footnote 6:

As an example, to make this work I’m assuming some kind of “true deref” trait that indicates that Deref yields a reference that remains valid even as the value being deref’d moves from place to place. We need a trait much like this for other reasons too.

It would only work for references that are stable after the value they reference is moved. Think for example of a &str you get from a String.

Jokes on you, I subscribed to my mobile plan 8 years ago and I still pay 6€ for unlimited calls/sms and 30GB (Italy, Iliad)

Isn’t there already Box64/Box32? Not to mention most Linux software is already compiled for ARM thanks to being open source.

They used to, but they weren’t very good.

They tested the same strings on that implementation

The strings were the same, but not the implementation. They were testing the decoding of the strings, but the C function they were looking at was the one for encoding them. The decoding function was correct but what it read didn’t match the encoding one.

though judging by the recent comments someone’s found something.

Yeah, that’s me :)

while a similar C implementation does not need this fix

No, that implementation also needs the fix. It’s just that it was never properly tested, so they thought it was working correctly.

TBF the report says this was done using credential stuffing, so it wasn’t really Roku’s fault.

Because Rust is not the only language that made this faulty assumption. It is an issue that affects Rust’s stdlib, just like it is an issue that affects Python’s stdlib and other libraries. In fact this was first reported as a vulnerability to yt-dlp (where it was actually exploitable) and then discovered it applied to many other libraries (where the exploitability is highly dependent on how the feature is used).

Rust here is only used as clickbait because of its aim to be “safe”, but its position is no different from other languages.

If you read the article from the researcher that discovered the vulnerability you’ll see they never call out Rust in particular, only as part of a list of languages that are affected. https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/

It’s also extremely unlikely that you’d be running a bat script with untrusted arguments on Windows.

It happens in yt-dl, which is where this was first reported https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-hjq6-52gw-2g7p

Very likely yes

Loop unrolling is not really the speedup, autovectorization is. Loop unrolling does often help with autovectorization, but is not enough, especially with floating point numbers. In fact the accumulation operation you’re doing needs to be associative, and floating point numbers addition is not associative (i.e. (x + y) + z is not always equal to (x + (y + z)). Hence autovectorizing the code would change the semantics and the compiler is not allowed to do that.

If your goal is to just .await some future that require the Tokio runtime you can use the async-compat crate.

More like Windows showing ads even when you boot Linux

Another option is to compile dependencies with LLVM and optimizations, which will likely be done only once in the first clean build, and then compile your main binary with Cranelift, thus getting the juicy fast compile times without having to worry about the slow dependencies.

However, how are they sabotaging it working on Linux.

For example they discontinued support for Rocket League on Linux (and Mac) after buying Psyonix.

I mean, if they actually tried it they should know what it’s about even without reading the article…

Citra is a 3DS emulator, this is a DS one, how are you comparing them?

They do kinda have a point against Spotify but they conveniently omit the fact that Apple Music, their own music app, competes against Spotify without those restrictions that Spotify wants to remove.