dragonfly4933

This is correct, but not what most people think. For example, memory leaks could be considered bugs and it is easy to leak memory memory in safe rust on purpose.

Memory leaks are usually not disastrous for security, mostly an issue for availability, sometimes.

Explain how a use after free could occur in safe rust, because to my knowledge, that is exactly the kind of thing rust does protect against.

I don't think you are wrong, but here is a bit of my perspective.

Rot has been occurring in the industry for over 10 years now. There are now fewer qualified network engineers than around the turn of the century and companies are less willing to spend money on upgrades of network infrastructure (6500 is still relevant...). Also, many ISPs, at least in the US, have merged resulting in fewer diverse networks.

The upside now at least, is that ports are easily 100g, so you could argue that we need less network equipment and fewer engineers, but I'm not sure how much that offsets the problems. And 100+g ports don't help you properly run a network, except maybe make it a smaller problem if you need fewer ports.

There isn't a reason you can't use those same services for downloading any content you want. If you are using a front end of some kind, you can just try sourcing the content yourself and using a music streaming app. It's been awhile since I've looked into it, but there was subsonic. Also, most of the video servers like emby and plex also support music.

KVM/Qemu and Hyper-V also have snapshots, but hyper-v has a dumb name for them that I always forget.

I really wanted this feature, but when I actually used it, I realized that it's not quite as useful as I would have hoped, at least for the use case of just a "small" rust script.

A workflow I often have is to start hacking away at a problem with bash or some other scripting language, but then my command starts getting too long and unwieldy so I copy my command into a file to keep going. But with rust, you don't really do that, so I never progress to copying my command into a file.

Why would anyone get arrested? There is no requirement for a business to operate in Texas or for people in Texas. And it is almost a certainty that Google and Apple have clauses saying they can not serve anyone for almost any reason.

How does that answer my question, how do NFTs help an organization prove that a key belongs to them?

NFTs and blockchains are an entirely virtual construct that can't affect the real world, or take trusted, non-key inputs from the real world. That's not 100% true, but it is mostly true.

So really, you need a way to tie or bind a key to an identity or organization. You could perhaps sign some data, such as a domain name with a key on a chain, but that doesn't prove anything. Anyone could sign anything with any key, so you need to approach the problem from the other direction.

You can install the key directly, or the hash of the key into DNS, verifiers can retrieve the key from DNS, then resolve it to the full key if necessary. You can then use the key to verify signatures of signed data.

Why DNS? Because that is currently the most standard way to identify organizations on the internet. Also, much of the security of the internet is directly bound to DNS. For example, getting certificates for websites often entails changing a DNS record at the request of an issuer to prove that you own the domain in question.

This is not an idea I invented just now, there are multiple DNS record types that have been defined for literally decades at this point which allow an organization to publish keys to DNS. Among the first is this: https://www.rfc-editor.org/rfc/rfc2535#section-3 Not completely related, but it is a key of some kind published to DNS.

I don't think NFTs provide any useful functionality in helping organizations prove that a key is theirs, at least nothing much better than a simpler solution which already exists.

How can an organization prove that a given key is theirs using NFTs?

I wouldn't recommend it due to complexity, but clevis is a thing. It permits a machine to automatically unlock on boot when various environment conditions are met.

The signing keys could be published to DNS, for better or worse.

It will be funny to see the ietf tls wg realize that they only have a tenuous grasp of control over the protocol. The very complexity that makes tls suck can be used to just ignore them, create their own suits, disable or not implement the trash they are peddling.

It's kind of crazy to see them basically ignore DJB and justify it with a technicality. This could go badly for them in the court of public opinion.