erights
- Karma
- 46
- Created
- July 26, 2010 (15y ago)
- Submissions
- 0
Chief Scientist, Agoric
Mark S. Miller is a pioneer of agoric (market-based secure distributed) computing and smart contracts, the main designer of the E and Dr. SES distributed persistent object-capability programming languages, inventor of Miller Columns, an architect of the Xanadu hypertext publishing system, a representative to the EcmaScript committee, a former Google research scientist and member of the WebAssembly (Wasm) group, and a senior fellow of the Foresight Institute.
Meltdown and Spectre are serious. But we need clarity on what they do and do not threaten. To address the widespread confusion on this topic, and to demonstrate a completely different approach to mitigating these, we…
> were you one of the authors, contributors or involved in writing it? Yes, I am one of the authors of the paper. > but they don't come across as snooty dismissals. Feels more like guys on all sides trying their best.…
Hi Ping! What differences do you find most striking?
Much of my work on capabilities, from 1988 till now, can be found at https://research.google/people/author35958/ and at Agoric https://agoric.com/papers/ Agoric is bringing distributed object-capabilities to the modern…
Yes, that's the paper, from 2003. Please everyone read this paper http://srl.cs.jhu.edu/pubs/SRL2003-02.pdf rather than the web page. And thanks! There's a story behind why this paper became so influential. The paper…
ActivityPub is important. We need it to be more widely appreciated. I'm glad to see it on Hacker News. Chris Webber, one of ActivityPub's creators, suggests next steps in "OcapPub: Towards networks of consent"…
Thanks. The "with(proxy)" part specifically would be mine. The old Google Caja, from the EcmaScript-5 days preceding Proxies, did something similar: https://github.com/google/caja/blob/master/src/com/google/ca... The…
At https://twitter.com/spudowiar/status/1069680974110306306 Saleem Rashid raises an example of this principle that is especially easy to overlook, where authority arises from one entity relying on the unchecked veracity…
In light of some feedback we've received on the article, some clarification is needed. The ocap (object-capabilities) approach does not by itself make systems secure. Rather, it an enormous step towards making systems…
This npm / event-stream incident is the perfect teaching moment for POLA (Principle of Least Authority), and for the need to support least authority for JavaScript libraries.…