k8s is simple because it offload some key tasks to 3rd party like network and storage; it is not easy to: a) setup and maintain a k8s cluster with all necessary components from at least a dozen different sources b) design your application to be k8s native
This. K8s is easy to consume, and a real PITA to actually setup and support from an IT perspective.
If someone wants production K8s, I'm steering them (and their budget) to a managed control plane from one of the major cloud providers. Trying to prop it up locally when it really hates having to work directly with bare metal does not spark joy.
> Trusted Execution Environments (TEEs) like Intel SGX and AMD SEV-SNP and in general hardware attestation are just f*d. All their keys and roots are not PQ and I heard of no progress in rolling out PQ ones, which at hardware speeds means we are forced to accept they might not make it, and can’t be relied upon.
compare to SGX, a more critical impacted component is TPM chip, secured/measured boot depends on TPM, and cost of replacing all servers and OS ...
A lot of TPMs are “fTPM”s, which are implemented in something resembling software. It’s an open question whether the hardware in question has usable roots of trust, but a lot of TPM applications don’t actually require endorsement. And some servers have plug-in TPMs.
Of course, many critical components on a motherboard and CPU verify their firmware using non-post-quantum keys, which is another issue.
You don’t get the Chinese citizen experience by visiting as a tourist. Even as a fan of western individualist values, I think it would be nice to have some of the nice things China has, like low petty criminality, high speed rail, and a modern metro system. However, there are very real problems with authoritarianism, including the tail end of covid zero which almost incited a popular uprising, getting rid of covid zero without a plan or mRNA, internal mobility control that effectively creates castes, and the lack of full rule of law.
yes, and I think one big reason enterprise might not buy your product even if it is guaranteed to make/save $X is $ is often NOT most important thing to the people make buying decision, specially when it is not your own money to save or gain
This is very true. Look no farther than the perennial problem of department heads spending all their budget to keep their budget. Decision makers rarely care about saving money in isolation.
one thing I liked about cobra is the auto complete support, but I don't like the manual process of define command and parameter and not easy to extend, so I wrote https://github.com/hujun-open/myflags, it is built-on top of cobra but allow uses a struct to define all commands/args and also easily to extend support new types (even existing types)
one thing I agree that software/standard people like to churn, churn is a source of new income regardless if QC could break RSA or not in the future, people could make profit now
reply