This is amazing, and I hope this sets a precedent for other companies. Stuff like this would definitely sway my buying decision, if I know when a product becomes EOL I can tinker with it.
Seems like great publicity for Anna's Archive. I've heard an increasing amount about Anna's Archive over the last 12 months. It has popped up a lot. I wonder if they've seen their traffic spike a lot.
I’m nearly the same. Though I do find I’m still writing code, just not the code that’s ending up in the commit. I’ll write pseudo code, example code, rough function signatures then Claude writes the rest.
Nice, I love WireGuard. I ended up building WrapGuard [1] to run applications without root access to the host and choose Go to write it in. I don't really know Rust, but does it make more sense for firmware/networking type software? Is there even a difference?
Yes, lots of firmware runs on hardware where a GC doesn't make sense. Because of limited memory and performance constraints. Sometimes having predictable timings (i.e. not a GC with pauses) is nice. I believe compiler and library support is also just better for many embedded platforms in rust.
> networking type software
Rust is a much more aggressively optimizing compiler, and thus will typically be faster, in the places where that matters. GC pauses might also be a point against golang in some places here. Rust's idioms provide slightly less opportunity for bugs in places where reliability matters (e.g. having a type system that requires you check for errors instead of just patterns that encourage it).
So there's a difference, but generally go is a good enough language for networking software and it would be rare that I wouldn't suggest that "use what you know" is more important than the differences between the languages for non-firmware network software.
I've implemented a few protocols in rust (and plenty in go and other languages).
One thing others haven't mentioned that I like rust for in this space:
The typestate pattern makes it really nice to work with protocols that have state. You encode your state machine logic into types, and your transitions into methods with move semantics, and you have a nice way to make sure your higher level code is using your protocol library correctly.
Another nice thing is that you can keep the number of copies and allocations way down if you're careful about how you use your buffers.
Very cool. I may use this, but also curious what the best choice would be if you don't need encryption. I'm specifically wanting to enable some local container networking using apple's new container tool [1]. I know I could just use Docker...
Correct me if I’m wrong, but if you use LD_PRELOAD, presumably it will not work for applications that circumvent libc, such as Go binaries (at least those with CGo disabled)?
Tor does this the right way on Linux. You make a separate user namespace with access only to the WireGuard network adapter and run the program inside of that. You want the kernel involved if you want any sort of guarantee:
How does this work in something like Kubernetes where you have a sidebar container configuring the network for the main container without affecting others on the same host?
I think all containers share the same netns in a pod. You restrict the pod to only the Wireguard peer IP, and have a (NET_ADMIN) sidecar container create an interface (tun/kernel wg) and update the routing tables for the netns. Then I believe the traffic from the other containers in the pod is tunneled.
Can you use user namespaces to create a network namespace with the VPN active and stick applications in that namespace?
From a quick search, https://blog.thea.codes/nordvpn-wireguard-namespaces/ sees to have at least the bones of a decent solution, though I've not had a chance to dig very far. A lot of results use root to set up the namespace, but I was pretty sure that shouldn't be needed with a new kernel and user namespaces enabled
I have no idea. I’ve never messed with it, but maybe something like eBPF to intercept network syscalls? Not sure if that’s a thing—especially without root access? Mostly I was just thinking the project page could use a disclaimer since, in Go, it is common to bypass libc. :shrug:
This seems like a very cool, useful project though!
One usecase I've always wanted is being able to combine multiple tunnels into one shared connection, for instance airVPN allows 5 simultaneous users per sub, it would be awesome if I could run 5x connections and combine their traffic, but I dunno how I would do this with wg / nmcli
VPNs are level 3 while interface bonding is level 2. You’d have to create a vxlan over wireguard. It sounds like a nightmare but it would be interesting to implement.
I believe you are making use of gVisor’s userspace TCP implementation. I’m not sure if there is something similar in Rust that would be so easy to set up like this.
I’m working on Gluze (https://gluze.com) as a choose your own adventure story builder app. Trying to build stories where the reader gets to navigated and guide the journey.
Oh, no way. This is really cool. Anything to make presentations more interactive and interesting. I like the look too.
I’m doing something similar with interactive stories [1] but where multiple trees can happen.
I wonder if you could use AI to let people explore your presentation on their own after (maybe even during the presentation).
Like, explain a slide in more detail. You put a dump of information (death by PowerPoint style stuff) then let it think up questions the guest can explore?
What is it with these Chat apps having strange and not-real open source licenses? OpenWebUI is the same. Is there something about these chat apps that seems to make them more prone to weird and strange licenses? Just opportunist?
Yea, the license is modeled after the Gitlab license. All of the core chat/RAG/agent logic is fully MIT, and >99% of deployments of Onyx are using the "community edition"!
Copilotkit is in the same boat. There are parts of the open source codebase that require an enterprise license to use. Basic things like "on error" handlers that are completely offline features. (They might have moved away from this, I haven't checked in a while)
If you tack on these faux-pen source VC licenses and complicate things, you're signaling dishonesty and dark patterns. It might not be the case, but it's not a good look imo. VCs don't seem to care, though - it's all about securing the future payoff, doesn't matter what principles or norms get trampled in the process, and it's only a small set of FOSS nerds that ever get bothered by it, anyway.
I think this is really cool, and the more competition and devices in this space the better. But absolutely no way I will spend that much money for a Google product, that they'll probably kill off in less than a year.
Samsung has already partnered with Microsoft in the past to make WMR headsets, and that did not prevent Windows 11 from dropping support for the device. The very same could happen to a Android-based headset.
And additionally, Samsung never released their Odyssey VR (or it's successor) worldwide, which in my opinion was the reason WMR failed as it was the best of the WMR headsets at the time of their release (of course the HP Reverb was better, but it came out much later).
I wonder if Samsung has secured promises of commitment. IIRC they required Google to commit to improving Android's support for tablets before committing to devices like the Z Fold.
It's clear to me, it's a huge risk for any company to allow access to UK visitors at this stage. All companies should be blocking all UK visitors. It's just too much risk for them to take.
The fault is obviously an incompetent and authoritarian UK government, but that's what the UK overlords have agreed.
It's not specific to the UK: many developed countries are cracking down on Internet businesses. There's going to be an awful lot of regulation, and it will be incompatible between different countries. The one-model-fits-the-whole-world style of business is over: you're going to be confined to national borders again.
The opinion polls are clear: the normies want this.
The often cited YouGov polling, I think sampled a few thousand people. There are almost 2.5 million signatures on petitions between the OSA and Digital ID.
If you mean the opinion polls, I don't have any to hand, but there have been a few articles submitted to /r/ukpolitics since the Online Safety Act took effect detailing opinion polls showing that the UK Government's regulation of internet content has been well-received by the wider public (although the userbase of that subreddit has vociferously disagreed).
I can counter any of the iffy polls by simple point to the official online petitions service. There were a huge number of signatures to revoke OSA and two million signatures to abolish the plans for the Digital ID. While the Digital ID is technically a separate issue, many of the same privacy concerns are present.
The number of people that signed these petitions is far more representative than any polling.
On top of that, recently I've seen reportrs of both the Liberal Democrats and Reform (the two largest parties after the main two) recongising the OSA as unpopular and are likely to suggest reforming/removing it.
On top of that. The labour government and the conservative government that proceeded it which created the OSA were/are both deeply unpopular.
So any notion that there is a popular mandate for this is nonsense.
The Bristol young lib dems oppose it, but the parliamentary party doesn't think it goes far enough. The Bristol lot are great, I talked to them about it, but they're unlikely to change things on the national level.
That is unfortunate to hear. I don't really care for any of the political parties in the UK and tell them exactly what I think of them when they knock on my door.
I wouldn't trust them in young LibDems in Bristol either. Doesn't matter if they seem nice or not. Lots of young politicians have nice ideas and over time they either end up as bad as the ones they are replacing, they are forced out or leave of their own accord and then complain about it on a podcast.
shouldn't it be the other way round? if the UK doesn't like something a non-UK company is doing it should be them that go through the trouble of blocking it.
If I have a website I'm pretty sure I'm bound to break some random country's law without knowing
Answering my own question, I guess it's exceptionalism of the powerful countries where they can just bully you into following their law
> shouldn't it be the other way round? if the UK doesn't like something a non-UK company is doing it should be them that go through the trouble of blocking it.
They're clearly working up to this; it's what happened with Pirate Bay, etc.
They don't want (correctly) unfavorable comparisons to China's "Great Firewall" made, which most Western governments have lambasted in the past, so there's a PR/Politics side of it too.
It would be much better to not block them rather serve them a single screen that explains why the rest of the site is unavailable to them citing the specific laws that make the action necessary
It’s hilarious that imgur is still returning JSON errors even when connecting with a browser. I guess their dev team have never heard of the Accept header.
(My residential IP is blacklisted for some reason and I always get a JSON error message from them)
reply