just creepin around your barn // am legal i swear


cathoderaydude
@cathoderaydude
Xuelder
@Xuelder asked:

Hey, what do you think of ARM and maybe even RISC V desktop processors taking shots on the x86 architecture's dominance of Desktop PCs? You think this is just a funny fad of Apple just doing its thing and these alt processors will forever be for hobbyists and niche industrial products (more specifically little guys that are already kind of on the market)?

I am really not an expert on this at all. My impression is that the Apple silicon chips are stupid fast in ways that Intel can't even touch. I don't know if that has anything to do with the RISCness, and I don't know if there are downsides, and and and. There's been this atmosphere that RISC Is The Better Future for literally longer than I've been alive and for all I know it's true. I don't care if we stay on x86, it makes no difference to me, but ideally whenever we do switch, the last 40 years of computer software efforts will not go down the drain in the process.

Microsoft's last attempt at ARM failed that test completely, and Apple has a complicated relationship with backwards compatibility. But a future where, you know, Microsoft releases WARMdows 13 and it has a really good x86 JIT recompiler or whatever could be good. I can believe in that happening and I'd be happy as a clam to use it. And honestly, if the perf is good enough and the power consumption is lower and all that, then I could swallow a Great Compatibility Break. There will always be VMs, and i7 7th gens will work for decades.

The thing I worry about is that nobody has even tried to make "a PC, but it's ARM." that hasn't happened, and it won't. nobody's going to take an incremental step over the line, they'll make a completely new platform that throws out absolutely everything and behaves like a Device. you won't install an OS, you'll flash your firmware. and it will always be TPMed up the asshole, I won't be able to boot a copy of Haiku that I just compiled from source because it won't be digitally signed by one of three trusted corporations. that's a thing with PCs already, but you can turn it off. any ARM platform they release will not make it optional; they will not resist the urge to add all the stuff they wish they could add to either protect me from myself or protect Bank of America from botnets made up of senior citizens.

Apple's vision of a desktop PC is an iPad, and Microsoft's attempts at a desktop ARM PC were bad iPads, and that's the only thing anyone's going to field, things that act like Appliances. if you want an iPad, i think you should just buy an iPad. They sell them, for money. People live their whole lives on them, It's Not That Bad, I'm Told, if you're someone who is okay with never doing anything that's Not Advisable. I use a PC for the same reason I use an Android phone: because there are benefits to living without reactor core containment, and after making it 35 years without turning into a rad mutant, I am not interested in suddenly being Safe At All Costs.

if they decide to make an ARM CPU that can be put into a shitty Asus motherboard, that you can pair with mismatched RAM, that you can overclock for no good reason other than to get marginally better perf with significantly decreased lifespan, one where the OS vendor can't just deliver an update as a binary blob because my memory and storage config is completely unpredictable, you know, one that sucks, I will switch to it with no complaints.


cathoderaydude
@cathoderaydude

i was going to write this in a comment but it got too long

frankly the only reason the PC is the way it is is because it grew organically out of IBM's product, by way of a grey-bordering-on-black market that really should have been illegal. like, yeah, obviously IBM should not have been able to keep the IP rights to the platform, it's better for society this way, but that's not how things usually go. by every extant rule of our capitalist hellhole world, compaq should have been buried for cloning the BIOS. we all know they skated, and by all rights IBM should have crushed them just like they crushed the other companies who did the same thing at the same time.

the PC ecosystem is eternally cheap and shitty, even at it's best, because clones started life as counterfeits; cheap alternatives to the real thing. you can't take that out of its DNA. theft and cost cutting are in the PC's bones, and it's why we love them: because they're bad, the way counterfeits are bad.

buying a fucking 128-core 64-bit supercomputer chip and then anchoring it to a motherboard that prints 80x25 text on startup and spits out error messages that were first written in the 80s, because it simply doesn't matter if the product looks professional, because everyone is used to it looking like shit, is the actual cyberpunk future, we are living it. all PCs are cyberdecks, they're grey-market imports, so of course the firmware is all weird and glitchy, of course it lets you do things you aren't supposed to do, things that aren't advisable, because it's barely holding together. it wasn't designed, it grew.

no corporation would ever have designed a platform like this, and to wit, IBM didn't! the PC was supposed to be configured by a value added reseller, and it was hoped you would go back to your dealer for maintenance. It spit out cryptic error codes instead of useful messages - and maybe that could have been for lack of ROM space, but when the PS/2 came out six years later they did it again. total dependence is what they wanted; control of the user experience is what they wanted; and why wouldn't they? who would sell something this asinine? a platform where absolutely nothing is predictable, nothing is stable - this is business poison. hell, it's just a bad idea.

this all happened by accident, through a confluence of various levels of scumbags separately deciding to rip off IBM's product and somehow succeeding, and it's able to keep going by sheer momentum, but it could only possibly have started 40 years ago, when home computers were considered toys and nobody was really quite paying attention to them. it can't happen again.

the creation of the clone market is a phenomenon that can never, ever be repeated. partly because in the intervening time IP law has become more powerful than the word of God, partly because it's impossible to make a new platform without investing a solid billion dollars, which no scrappy startup will ever be able to do, but also because 40 years ago you could make some awful knockoff device and put halfass code on it and it didn't matter. now, if you build something from scratch and you don't put draconic, paranoiac security into it, you're just a dumbass; that device is going to get popped instantly and become a Vector.

my PC should be locked down under a billion layers of TLS and digital signing. it would be the smart thing. i would be safer that way. but well, I should make regular backups too. i'm on year 30 of being frogboiled and the water still feels fine, so I see no reason to jump out of a great big pot into a claustrophobically tiny pond, no matter how sensible it is.


You must log in to comment.

in reply to @cathoderaydude's post:

Microsoft does have a "WARMdows" right now, and although I cannot speak for how good its x86 (and x64, and classic ARM), JIT recompilers are, some of the design choices were interesting.

For better emulation speed, you can build executables that are mostly ARM64 except for x64 function prologues.

To avoid shipping different binaries for x64 and ARM64 they could have implemented fat executables, but why do that when they could implement binaries with embedded binary patches to switch from an architecture to the other at load time?

AWS is pushing ARM with their Graviton processor architecture, but I was talking to some AWS folks about it and they said that yeah, an ARM build of Windows exists, but Microsoft refuses to sell anyone licenses for it, so they can’t host Windows software on their shiny fancy ARM servers, for legal reasons instead of technical ones

It's so overengineered you have to love it.

Arm64X executables require an almost entirely new linker backend, and non-trivial code in the kernel's executable parser, and the virtual memory manager to (I assume) apply the patches on page-in.

The Arm64EC ABI not only requires a new compiler backend, but they can't even reuse the x64 or ARM64 backends as-is: most x64 code is just function prologs for exported functions (to give hooking libraries like Detours something to hold on to) so the whole backend would be wasted on it, and the ARM64 code isn't real ARM64 but a bastardized ABI that mimics x64 stack layout and calling conventions.

The thing I worry about is that nobody has even tried to make "a PC, but it's ARM."
Chromebooks? Sure Google "meant" to make them ChromeOS-only, but undo a screw on the mobo and you can boot whatever you want.

in reply to @cathoderaydude's post:

this is an inconsequential tangent but i think virtual reality is important to facebook mainly because it's a vector from which to spin off a new operating system with dedicated hardware that's completely locked down and maximally invasive. apple creates new operating systems like fad diets with every device category so that's just the norm for them, having already created their locked down hardware kingdom. VR is facebook's desperate attempt to escape open hardware

This is an interesting thought! I've always been of the mind that Facebook's push into VR was about controlling VR as a platform: get Oculus/Quest's install base up high enough and it bends everyone around its gravity, much like Google, Blink, and the web.

I've seen some proper RISC desktop machines out there -- that Jeff Geerling fellow did a video on one running Windows a little while back, as I recall -- but I can tell you that all those efficiency gains are going to be for nothing if it's expected to run x86/x64 code rather than anything natively compiled for it.

What I guess this means is that if ARM-based Windows actually does become a thing, it will be the year of Java on the desktop

if there ever was gonna be an ARM desktop market, I think it would come out of the Raspberry Pi ecosystem - with compatible bootloaders, compatible extender pinouts, interchangeable devicetrees, etc etc. But for some reason all the Pi clones have a different boot process than the Pi itself.

doesn’t the pi do something weird where the OS the user loads is actually sandboxed? if the hardware overheats you get an on screen indicator independent of any software you’re running

even the raspberry pis are only really compatible among each other because the raspberry pi foundation has direct partnership with broadcom, and they are big enough to be of value for broadcom to design specifically for them

i was reading some reactions to the Department of Justice antitrust lawsuit against Apple, and the number of people basically accepting that Apple owns iOS and can lock it down in user-hostile or anticompetitive ways demonstrates your point. i'm not sure they're even legally wrong, although Apple controls enough of the market in the iOS that it seems like if they don't violate current antitrust law, the law should probably be expanded to cover that type of behavior. (and i would welcome EU-style consumer protection laws.)

The sad thing is that it's not that hard to make RISC/ARM-based devices open and hackable. Half the reason I like Linux phones so much (though I don't daily one anymore, thank god) is that they actually successfully pulled it off. They usually run a modified version of U-boot just like Kindles and ARM Chromebooks and miscellaneous other devices, but it's not set up to enforce signed OS images, so you can just flash whatever the hell you want and it should boot if it can. Is this terrible for security? Yeah, but you end up with a device you control toe to tip. And it wouldn't be that hard to do things UEFI-style, letting the user import their own certificates to verify self-signed bootable data—there's just not enough developers with the time and understanding to do this, and the hardware isn't well-understood enough to implement it.

But they suck. And the sad thing is it's hard to even know why—there's barely any people working on them (there's like one big kernel dev) and they're encumbered with the shittiest Chinese silicon you can imagine, running Cortex-A52's in 2024, on SoCs designed for tablet use shoehorned into phones... If Qualcomm would actually sell them a good SoC at the volumes they need, or if they could source new old stock parts of a nearly fully reverse-engineered chip like the 845 (which is still Fine for basic phone stuff nowdays, especially with a leaner OS than android) then for all we know Linux phones would actually be quick little devices that can run full desktop apps without too much difficulty, and get good battery life, and can be verified to not spy on your or have backdoors. But we don't live in that world. We're stuck with poorly-documented Chinese silicon that's a minimum of five, maybe three years behind what's modern, or total black box, completely undocumented cutting-edge stuff that's Actually Good but that you can't do literally anything with because they give you one(1) patched-to-hell copy of the Linux kernel and won't share information you need to implement a full-device software stack unless you're a multimillion dollar corporation. (by the way, this is also a limiting factor for Android device update life, if you weren't aware, and has pushed Fairphone to use a comparatively garbage industrial processor because it's the only option with guaranteed updates for a good amount of time)

I guess the takeaway here is that ARM is almost entirely like this because of Qualcomm. Qualcomm sucks and is probably the single worst company designing processors today, giving even Nvidia a run for their money. At least Nvidia aren't degenerate patent trolls who successfully hold the entire rest of the industry back.

*"I won't be able to boot a copy of Haiku that I just compiled from source because it won't be digitally signed by one of three trusted corporations. that's a thing with PCs already, but you can turn it off. any ARM platform they release will not make it optional; they will not resist the urge to add all the stuff they wish they could add to either protect me from myself or protect Bank of America from botnets made up of senior citizens.

Apple's vision of a desktop PC is an iPad,"*

So here's the thing... oddly, you are completely wrong about this.

Apple, despite being Apple, made the Arm Mac platform square this circle. That is, it offers iPad-like security out of the box, but it also permits you to downgrade security to the point where you can install and boot operating systems not signed by Apple.

In fact, it squares the circle even more than that. Unlike other secure boot designs, what Apple came up with for the Mac permits you to have different security policies for each OS installed on the computer. You can have a full security macOS installation in one container, and a no-security Linux or BSD or Haiku (if they ever decided to port it) in another. (I mentioned Linux and BSD because both have already been ported.)

But wait, there's even more circle-squaring! The path they put in for running an unsigned OS doesn't actually turn secure boot off. Instead, they put in something which lets you tell Apple's secure boot infrastructure: "Hey, you see this unsigned bootloader over here? I, the computer's owner, trust it. So should you." This makes it possible for third party operating systems to build a full secure boot chain on top of Apple's trust root without Apple being involved at all.

This does depend on end users declaring that they trust something which actually is trustworthy, but there's no real way around that. If you choose to install MalwareOS 666, well, you're screwed. On the other hand, due to the way Apple containerizes everything, installing MalwareOS doesn't impact the security of your Full Security mode macOS. The worst MalwareOS can do to it is vandalism - render it unbootable by overwriting its disk blocks. It won't be able to extract any data, or degrade its security.

I feel that you should try deep diving into this platform. Maybe get yourself a cheap used M1 Mac Mini or something, and see what you can do with it, and learn about it. I think you'd enjoy it more than you thought you would, because you've got a few misconceptions about Apple. (And some correct ideas too - don't get me wrong, I am sure there are ways in which these machines will frustrate and annoy you.) For better or worse, Apple is currently the main source of computers which are more than just another PC.

If you go really deep on Apple boot technology, there are even loose and interesting connections to the Quick Start series. For one thing, starting with Mac models introduced in 2011 (later extended to 2010 models with an EFI firmware update), Intel Macs came with one of the most useful EFI applications I have ever seen, Internet Recovery. No OS installed on your Intel Mac because you just replaced its broken hard drive with a brand new blank one? No install media at hand? No problem! Internet Recovery is baked into the EFI firmware. It can connect to Apple's software distribution servers, download an OS, and install it for you.

The other Quick Start connection, which I predict you may have a violent allergic reaction to, is the T2 Intel Mac. The T2 chip is a magnificent can of worms - basically, late model Intel Macs already had an Apple Silicon Mac of sorts embedded on the motherboard, and it managed early boot for the x86 CPU. I recommend looking up Ivan Krstić's 2019 Black Hat conference talk, available as a Youtube video. Krstić is Apple's security engineering lead and he walks through Apple's motivations for doing some things I'm sure you'd find crazy and/or cool.