Joe Armstrong goes to lengths to describe the benefits of "privately addressable" actors in his thesis (though he uses different terminology). As far as I'm aware, Erlang actors are also privately addressable. cf:
> System security is intimately connected with the idea of knowing the name of a process. If we do not know the name of a process we cannot interact with it in any way, thus the system is secure. Once the names of processes become widely know the system becomes less secure. We call the process of revealing names to other processes in a controlled manner the name distribution problem— the key to security lies in the name distribution problem. When we reveal a Pid to another process we will say that we have published the name of the process. If a name is never published there are no security problems.
> Thus knowing the name of a process is the key element of security. Since names are unforgeable the system is secure only if we can limit the knowledge of the names of the processes to trusted processes.
That may be what is in the thesis, but in real Erlang, any process can list all processes on any node it can reach: https://www.erlang.org/doc/apps/erts/erlang.html#processes/0 (As the docs say, it lists "processes on the local node" but I'm fairly sure any process can RPC that to any connected node to get the local processes on that node) From there you've got a lot of introspection on the processes in question.
And beyond that, there is no sandboxing in Erlang that allows you to do anything like spawn a process that can't access the disk or network or anything like that. So in practice that doesn't even hardly buy you anything on a real system because if you were somehow running unauthenticated Erlang code you've already got access corresponding to the OS permissions of the running Erlang process. (Though for those not familiar with Erlang, "somehow running unauthenticated Erlang code" is very unlikely, to the point that it's not a realistic threat. I'm just speaking hypothetically here.)
The thesis may cover how such systems could be turned to a more secure context but it does not correspond to current Erlang.
There are many layers of capabilities. Unguessable process IDs would be necessary for network capabilities. A sandboxing environment would be necessary for system or process level capabilities. It's still worth having the network security even if process security isn't there. Very few language implementations can provide that level of security.
My point here is merely to make sure that people do not come away from this thread thinking that Erlang has, well, anything like this at all. It isn't an especially insecure language as it lacks most of the really egregious footguns, but it isn't a specially secure one either, with any sort of "capabilities" or anything else.
This really only works if the process names are unguessable? Erlang PIDs are if not predicatable at least appear to be guessable, e.g. they look like this: <0.30.0>
This has always felt like an anti-pattern to me. Especially with phishing still being a significant risk for the average person. The remote server controls the page title which means that it's inherently untrustworthy for determining where you are. The URL is controlled by the user/browser/agent which makes it the more trustworthy value. There's value in a page title, but it's not analogous to a URL and shouldn't mask it.
It's one thing to support your local grocer and totally different to support a company with multiple millions in VC funding, especially when they company doesn't even offer you much advantage (Lisp features)
Those countries are monarchies, yes. I wouldn't call them dictatorships. Based on external optics, I'd say there's a few countries that are technically democracies but give off more dictatorship vibes than the 3 you mentioned
> Those countries are monarchies, yes. I wouldn't call them dictatorships
Saudi Arabia is a dictatorship and a monarchy. The monarch exercises absolute political power. (Arguably, it’s a tyranny, since its de facto leader, the Crown Prince, doesn’t exercise power through constitutional channels—he isn’t King.)
Qatar and Kuwait are constitutional monarchies with something resembling a legislative counterpoint to the executive. As long as their leaders operate within their constitutions, i.e. don’t dissolve or dominate their legislatures, they aren’t technically dictators.
That doesn't follow. A monarchy can be constitutional and still be absolute. In Qatar for example, the monarch appoints the cabinet and 1/3 of the parliament, which needs 2/3+1 vote to overrule the prime minister...
No need to dissolve or dominate the legislature, it's both a constitutional and absolute monarchy. It's theoretically but not practically possible for the parliament to limit the king. It's a similar story in Morocco and Kuwait.
> A monarchy can be constitutional and still be absolute
Absolute means absolute, including the ability to redraw the constitution. Constitutional monarchy means limited by a constitution.
> the monarch appoints the cabinet and 1/3 of the parliament, which needs 2/3+1 vote to overrule the prime minister
This is not absolute. It's no democracy. But Saudi Arabia is an absolute monarchy. Everyone serves at the pleasure of the King, who is the King of Saudi Arabia, not King of the Saudis. "L'etat, c'est il."
Political power works formally and informally. Kuwait and Qatar's emirs are exceptionally powerful. But they have political organs to contend with, even if solely for appearance's sake. That's a constraint an absolute monarch with dictatorial authority does not have. (Repeatedly over-ruling a constitutional body, or being caught coercing it, historically weakened semi-constitutional monarchs.)
For the intellectual history of this, look at the Roman kings, Spartan ephors, Roman consuls and British and French monarchies. Powerful executives. But variously checked, even if from time to time they held quasi-absolute, even dictatorial, authority.
I guess our disagreement is on whether you should judge by practical or theoretical powers. In practice, the emir of Qatar to give an example, is not prevented by the constitution to realize any concrete action, up to and including changing the interpretation of the constitution (or the constitution itself). These actions can be done practically in complete accordance to the law and without coercion by various mechanisms.
This is not a situation similar to ephors, or consuls, or British monarchs (which never were able to establish an absolute monarchy - King Charles was executed essentially due to his attempt to introduce French-style absolute monarchy.
It is similar to the Roman kings, but those were generally considered to be absolute monarchs. That's how I learnt it in college and Wikipedia seems to agree. In many ways the Qatari emirs are even more powerful - the Senate had the right to refuse the nomination of a King indefinitely and they were subject to an election.
It's different from a typical constitutional monarchy where the King would have to break the law to exert his will - in the case of Qatar and Kuwait, the King doesn't even have to break the law or coerce in order to do what he wants, he just needs to do a bit of a dance. This goes beyond even the concept of a semi-constituonal monarchy where the monarch has executive powers, in these cases the king has absolute executive and judicial power as well as most of the legislative power. Many people consider this to actually be an absolute monarchy, because it legally allows the monarch to do literally anything.
Yes. The most cited paper of all time in the field of sociology is Granovetter's 1973 paper entitled "The Strength of Weak Ties" [1]
The basic reasoning is that humans can only form limited number of strong ties, and the strong ties are already strongly connected/correlated to each other so limited new information enters.
Whereas with weak ties, the connection pool is more decorrelated, so more new information can flow through. It's not just the size of the pool -- though that's part of it -- but that the pool is more unrelated so there are more sources of independent information.
This is why it's more likely for people to find a spouse, hear about a job opportunity, etc. through weak ties rather than strong ones.
If you hire or refer a close friend and then you become coworkers, the nature of the work relationship could negatively affect the friendship, and people may not want to risk that if it's a friendship that they really value.
If they're just an acquaintance it's not such a big deal.
I'd like to know this from a more informed person as well. My guess is that yjit is only now production ready, they've been building it for a while and enabled behind an experimental flag
