[0] https://www.prb.org/news/how-many-people-have-ever-lived-on-... [1] https://www.worldometers.info/world-population/

Countries with proper human rights and labor laws don't do that.

The validation/verification balance also favors attackers. "Yes, I now have a remote root shell on this VM with a default install of X" vs. "My test suite is not dependable enough to turn an agent loose fixing security bug reports, not to mention the extra QA work that live humans would have to do where there isn't coverage".

E.g. is your pf-based load balancer running its rules before or after the global filtering rules? And if they're running first are they SNATing incoming traffic so the LAN rules allow the traffic through or does it need explicit exceptions for external IPs to traverse to a LAN endpoint?

If you're comfortable with more advanced networking then it's fine to run it all on one box. If you just want to open ports for internal LAN services then that is a very canned and well-supported feature for a gateway firewall.

E.g. see AirSnitch which resulted in large part from mixing too many complex networking rules in single devices.

Humans with adequate following distance in the entire lane can probably manage 10 mph delta. I routinely travel dozens of miles very safely at ~80 with the flow of traffic (including the cops), and been stressed out at 55 in the carpool lane through stop and go traffic in the right-hand lanes due to on ramps/offramps.

We haven't started watering crops with salt-water but it's only a matter of time.

This dramatically simplifies a lot of security assumptions because you can run stateless endpoints and not worry about encryption at rest or some of the bootstrapping issues. For example, only give an init container temporary credentials to modify DNS for ACME, or rely on HTTP01 or TLS-ALPN-01.

2. No, anyone can run the FHE computations anywhere on any hardware if they have the evaluation key (which would also have to be present in any FHE hardware).

This is basically the best we can hope for until we get nanofabs at home and can build our own secure enclaves in our garages.

Trust decision theory goes like this; it it were possible for the manufacturer to fully control the device then competitors would not use it, so e.g. wide industry adoption of OpenTitan would be evidence of its security in that aspect. Finally, if devices had flaws that allowed them to be directly hacked or their keys stolen then demonstrating it would be straightforward and egg on the face of the manufacturer who baked their certificate on the device.

Final subject; 802.1x and other port-level security is mostly unnecessary if you can use mTLS everywhere which is what ubiquitous hardware roots of trust allows. Clearly it will take a while for the protocol side to catch up; but I hope that eventually we'll be running SPIFFE or something like it at home.

Where autonomous transformer-based munitions will be used are basically "here is a photo of a face, find and kill this human" and loitering munitions will take their time analyzing video and then decide to identify and attack a target on their own.

EDIT: Or worse: "identify suspicious humans and kill them"