Judging solely by their FAQ, this is not enough. Iris photos can be fabricated client-side, including by AI, and can be shared.
So it's invasive AND worthless? Why is this getting support?
You need an offline/IRL verification step and measures to prevent sharing/cloning. AND you need to never phone home revealing services you're using.
Total garbage
Proof of human verification powered by the Orb only involves one type of data: images of your eyes and face. It does not require your name, email, gender or anything else.
The iris images are used to verify unique humanness, while the images of your face are used for Face Auth, a security feature that ensures only the person who verified their World ID at an Orb can use it.
The Orb takes high-resolution images of your irises and face.
The Orb uses these images to confirm your humanness and converts the iris image into a unique code which is then split into randomized multi-party compute (MPC) fragments.
The Orb sends the images and MPC fragments to your device (your personal custody package), before permanently deleting them.
Your device sends the fragments to the AMPC service to confirm you have never verified before.
Your World ID is verified.
Calling it The Orb does not help anything but adding to the creepy factor. Also, Alex Patterson is not involved with this, and I refuse to accept it being called The Orb.
That's what the orb thing is about. You go visit, meet humans, have a photo of your eyes. You can't just hold up an AI photo or scan your dog or whatever.
There are fringes that have wacky and particular priorities, but not recognizing that you are such a niche and asserting that your silly requirement makes them “not the best” for the vast majority of people is silly
They are not perfectly fine. If a task panics then you will get the right stack trace, but there is no way to get a stack trace for a task that’s currently waiting. (At least not without intrusive hacks.)
I think they mean tokio::spawn’s signature forces libraries that want to be easy to use with it to expose send+sync APIs (and thus use Arc+Mutex internally)
> Async ruined Rust for me, even though I write exactly the kind of highly concurrent servers to which it's supposed to be perfectly suited. It degrades API
It refers to async in Rust, and everyone else is responding as if it is talking about async in Rust. That's a mischaracterization. You don't have to use the Tokio executor.
It's a bit like saying, "Graphics in Rust are ruined. I need to use Vulkan to make my game."
No, you don't. If your use case is unique enough, use something else. There are bindings for OpenGL, DirectX, etc.
I'll have to check my work computer on Monday. It was 8 cpu virtual machine on a m1 Mac. the UMCG and normal threads were 1024 set on the server, the Tokio version was 2 threads per core. Just from the top of my head - the I/O bound requests topped out around 40k/second for the Tokio version, 60k/second for the normal hyper version, and 80k/second for the UMCG hyper version.
I'm pretty close to being done - I'm hoping to publish the entire GitHub repository with tests for the community to validate by next week.
UMCG is essentially an open source version of Google Fibers, which is their internal extension to the linux core for "light weight" threads. It requires you to build a user space scheduler, but that allows you to create different types of schedulers. I can not remember which scheduler showed ^ results but I have at least 6 different UMCG schedulers I was testing.
So essentially you get the benefits of something like tokio where you can have different types of schedulers optimized for different use cases, but the power of kernel threads which means easy cancellation, easy programming (at least in rust). It's still a linux thread with an entire 8mb(?) stack size, but from my testing it's far faster than what Tokio can provide, without the headache of async/await programming.
Macs have that too, just implemented well. In addition, CPUs with connected standby don’t have the normal sleep so even on linux they run in connected standby. Maybe its less buggy in your case? Consider yourself lucky, lots of people encounter problems with sleep on linux
I was looking into hibernation on my Framework 13 with Ubuntu. Debian doesn't support it with SecureBoot enabled. Now you might say "just disable SecureBoot", but that is a whole new concept to understand.
I've found suspend performance has improved since upgrading to a kernel that supports the AMD 7640U NPU cores. I have no concrete evidence of that though.
I'm happy to accept poorer sleep performance to have a repairable laptop and Linux OSS (with good support), but I wouldn't say its problem free.
So it's invasive AND worthless? Why is this getting support?
You need an offline/IRL verification step and measures to prevent sharing/cloning. AND you need to never phone home revealing services you're using.
Total garbage
Your device sends the fragments to the AMPC service to confirm you have never verified before. Your World ID is verified.reply