Auto-generated English transcript of https://www.youtube.com/watch?v=OXS8ljif9b8

1. {
2.   "title": "Theo de Raadt (ruBSD 2013) - YouTube",
3.   "url": "https://www.youtube.com/watch?v=OXS8ljif9b8",
4.   "sections": [
5.     {
6.       "name": "Did others get the message about code quality and security OpenBSD is spreading since 1995?",
7.       "lines": [
8.         {
9.           "0:14": "I think we should separate this into two"
10.         },
11.         {
12.           "0:16": "pieces one is the code quality aspect"
13.         },
14.         {
15.           "0:18": "and the other one is the"
16.         },
17.         {
18.           "0:20": "mitigations um speaking just about code"
19.         },
20.         {
21.           "0:23": "quality the compilers have gotten better"
22.         },
23.         {
24.           "0:25": "they give better warnings and so code"
25.         },
26.         {
27.           "0:27": "quality in general has gotten better uh"
28.         },
29.         {
30.           "0:29": "people are more careful because there"
31.         },
32.         {
33.           "0:31": "are a few systems which have mitigations"
34.         },
35.         {
36.           "0:33": "and those mitigations trigger standard"
37.         },
38.         {
39.           "0:35": "bugs not just security bugs but bugs and"
40.         },
41.         {
42.           "0:39": "therefore"
43.         },
44.         {
45.           "0:40": "the the the methodology that people"
46.         },
47.         {
48.           "0:42": "throw into actually writing code has"
49.         },
50.         {
51.           "0:43": "improved a little bit um as far as the"
52.         },
53.         {
54.           "0:47": "the the greater um vendor um space of"
55.         },
56.         {
57.           "0:51": "actually writing operating systems"
58.         },
59.         {
60.           "0:54": "um I think Microsoft has really gotten"
61.         },
62.         {
63.           "0:57": "the message I'm not quite sure if the"
64.         },
65.         {
66.           "0:59": "Linux crowd has gotten the message"
67.         },
68.         {
69.           "1:01": "because all these mitigations that are"
70.         },
71.         {
72.           "1:03": "available now these techniques they have"
73.         },
74.         {
75.           "1:05": "uh they' largely have them turned off"
76.         },
77.         {
78.           "1:07": "they they only turn them on occasionally"
79.         },
80.         {
81.           "1:10": "uh they're they're not deployed in the"
82.         },
83.         {
84.           "1:12": "uh in the main um in in the main stream"
85.         }
86.       ]
87.     },
88.     {
89.       "name": "What about FreeBSD?",
90.       "lines": [
91.         {
92.           "1:23": "distributions frsd has none of these"
93.         },
94.         {
95.           "1:26": "mitigations at all um maybe they have a"
96.         },
97.         {
98.           "1:29": "patch here ti2 um for example they they"
99.         },
100.         {
101.           "1:33": "they have some support in their main"
102.         },
103.         {
104.           "1:35": "line to turn on the stack protector now"
105.         },
106.         {
107.           "1:37": "but they don't turn it on and uh they"
108.         },
109.         {
110.           "1:40": "probably will have to crank their"
111.         },
112.         {
113.           "1:41": "libraries and um make"
114.         },
115.         {
116.           "1:44": "um make make a break with backwards"
117.         },
118.         {
119.           "1:46": "compatibility before they're able to"
120.         },
121.         {
122.           "1:47": "actually make that jump they don't even"
123.         },
124.         {
125.           "1:49": "randomize the top of the stack yet they"
126.         },
127.         {
128.           "1:51": "have code in their tree it's still"
129.         },
130.         {
131.           "1:52": "disabled these are very very minor"
132.         },
133.         {
134.           "1:54": "medications and they haven't even"
135.         },
136.         {
137.           "1:56": "deployed those and I I don't see the the"
138.         },
139.         {
140.           "1:58": "um the I don't see"
141.         },
142.         {
143.           "2:00": "from Reading their man lists I don't see"
144.         },
145.         {
146.           "2:02": "any active auditing of their Source"
147.         }
148.       ]
149.     },
150.     {
151.       "name": "So, Microsoft is number 2 in security mitigations?",
152.       "lines": [
153.         {
154.           "2:08": "tree they're number two for mitigations"
155.         },
156.         {
157.           "2:11": "they've turned almost all of them on um"
158.         },
159.         {
160.           "2:14": "Mac OS uh is very interesting they're"
161.         },
162.         {
163.           "2:16": "starting to turn the mitigations on and"
164.         },
165.         {
166.           "2:18": "it sounds it feels to me like they kind"
167.         },
168.         {
169.           "2:20": "of have found a path that allows them"
170.         },
171.         {
172.           "2:23": "to um break backward compatibility but"
173.         },
174.         {
175.           "2:27": "not in a way so that it harms their um"
176.         },
177.         {
178.           "2:30": "their application base so that that I"
179.         },
180.         {
181.           "2:32": "think is the same thing that Microsoft"
182.         },
183.         {
184.           "2:34": "has done is they've decided that hey we"
185.         },
186.         {
187.           "2:37": "can actually start deploying these into"
188.         },
189.         {
190.           "2:38": "the ecosystem and it won't hurt our"
191.         },
192.         {
193.           "2:40": "applications because they've been"
194.         },
195.         {
196.           "2:41": "careful and they have they have a"
197.         },
198.         {
199.           "2:43": "process for moving the ABI forward step"
200.         },
201.         {
202.           "2:46": "by step as they introduce these"
203.         }
204.       ]
205.     },
206.     {
207.       "name": "Does 3rd party software still have problems compiling and running under OpenBSD with mitigations turned on?",
208.       "lines": [
209.         {
210.           "2:54": "things no those problems have mostly"
211.         },
212.         {
213.           "2:57": "gone away the message has been received"
214.         },
215.         {
216.           "2:59": "by the application writers and um"
217.         },
218.         {
219.           "3:01": "largely things are clean you you still"
220.         },
221.         {
222.           "3:03": "see uh string copies unbounded calls in"
223.         },
224.         {
225.           "3:07": "a lot of these pieces of software but um"
226.         },
227.         {
228.           "3:10": "we we generate warnings for those um but"
229.         },
230.         {
231.           "3:12": "we don't worry about them being being uh"
232.         },
233.         {
234.           "3:15": "uh a risk per se because they're a risk"
235.         },
236.         {
237.           "3:17": "on every operating system as well right"
238.         },
239.         {
240.           "3:20": "so uh we hope that as time goes by those"
241.         },
242.         {
243.           "3:22": "get improved but that's the best we can"
244.         },
245.         {
246.           "3:24": "do"
247.         }
248.       ]
249.     },
250.     {
251.       "name": "On the OpenBSD project day to day life",
252.       "lines": [
253.         {
254.           "3:30": "my day today is I wake up and I see what"
255.         },
256.         {
257.           "3:33": "the developers have have been working on"
258.         },
259.         {
260.           "3:37": "and uh I help them uh I process my email"
261.         },
262.         {
263.           "3:40": "answer questions uh I ask questions we"
264.         },
265.         {
266.           "3:43": "just exchange diffs there's a nobody in"
267.         },
268.         {
269.           "3:46": "the group who's an active paid employee"
270.         },
271.         {
272.           "3:48": "uh everybody's just a volunteer we have"
273.         },
274.         {
275.           "3:51": "thrown um the open be Foundation through"
276.         },
277.         {
278.           "3:54": "a little bit of money um to ensure that"
279.         },
280.         {
281.           "3:57": "um the the new X stuff the device driver"
282.         },
283.         {
284.           "4:00": "stuff would actually happen inside our"
285.         },
286.         {
287.           "4:01": "kernel but largely every other piece is"
288.         },
289.         {
290.           "4:04": "being done uh completely on a volunteer"
291.         },
292.         {
293.           "4:06": "basis um and then you ask about the open"
294.         },
295.         {
296.           "4:09": "D foundation so they take donations um"
297.         },
298.         {
299.           "4:13": "and they final them basically directly"
300.         },
301.         {
302.           "4:14": "into the payment of our of our"
303.         },
304.         {
305.           "4:16": "Network and the rest of it they use to"
306.         },
307.         {
308.           "4:19": "fund our hackathons which is pretty much"
309.         },
310.         {
311.           "4:21": "just a cheap accommodation near"
312.         },
313.         {
314.           "4:23": "University facility somewhere developers"
315.         },
316.         {
317.           "4:26": "fly themselves in"
318.         }
319.       ]
320.     },
321.     {
322.       "name": "On support from big companies (as everybody uses OpenSSH!)",
323.       "lines": [
324.         {
325.           "4:32": "uh you know you should have a support"
326.         },
327.         {
328.           "4:34": "from big companies who uses that codes"
329.         },
330.         {
331.           "4:37": "uh it'd be nice but it hasn't happened"
332.         },
333.         {
334.           "4:41": "I'm still proud of the fact that we made"
335.         },
336.         {
337.           "4:43": "that decision to make open SSH free in"
338.         },
339.         {
340.           "4:46": "that particular way so that nobody would"
341.         },
342.         {
343.           "4:48": "have to write it themselves uh and other"
344.         },
345.         {
346.           "4:50": "initiative we initiatives we've been"
347.         },
348.         {
349.           "4:52": "involved in to basically accelerate an"
350.         },
351.         {
352.           "4:55": "idea and actually put it into a real"
353.         },
354.         {
355.           "4:57": "operating system to show that it"
356.         },
357.         {
358.           "4:58": "actually works and then other people"
359.         },
360.         {
361.           "5:00": "could take the code I mean that's right"
362.         },
363.         {
364.           "5:03": "that's just continuing in the footsteps"
365.         },
366.         {
367.           "5:05": "of csrg so I'm"
368.         }
369.       ]
370.     },
371.     {
372.       "name": "On commentaries for release songs",
373.       "lines": [
374.         {
375.           "5:12": "happy I think we're getting older and"
376.         },
377.         {
378.           "5:14": "we're not as Angry Anymore okay right"
379.         },
380.         {
381.           "5:18": "because that's what a lot of the early"
382.         },
383.         {
384.           "5:19": "songs were about they were actually"
385.         },
386.         {
387.           "5:21": "about a confrontation we had about"
388.         },
389.         {
390.           "5:23": "opening up documentation for chipsets or"
391.         },
392.         {
393.           "5:26": "uh a bad thing that iatf was doing by"
394.         },
395.         {
396.           "5:30": "uh allowing patents to constrain"
397.         },
398.         {
399.           "5:33": "protocols or something like that we"
400.         },
401.         {
402.           "5:34": "always had a commentary and for the last"
403.         },
404.         {
405.           "5:37": "couple of years we haven't had many"
406.         },
407.         {
408.           "5:39": "commentaries we've just puttered along"
409.         },
410.         {
411.           "5:41": "and kept doing what we"
412.         }
413.       ]
414.     },
415.     {
416.       "name": "On current OpenBSD challenges",
417.       "lines": [
418.         {
419.           "5:48": "do it's becoming"
420.         },
421.         {
422.           "5:52": "um things have gotten a fairly"
423.         },
424.         {
425.           "5:55": "interesting um we don't have a lot of"
426.         },
427.         {
428.           "5:57": "new devices showing up um everything is"
429.         },
430.         {
431.           "5:59": "becoming very homogeneous uh pretty much"
432.         },
433.         {
434.           "6:02": "Intel owns the game now so we actually"
435.         },
436.         {
437.           "6:06": "now have more challenges dealing with"
438.         },
439.         {
440.           "6:08": "new Intel ethernet chipsets and Intel"
441.         },
442.         {
443.           "6:10": "Wireless chipsets than we do with all"
444.         },
445.         {
446.           "6:12": "the rest of the other devices they don't"
447.         },
448.         {
449.           "6:13": "show up there are no other network"
450.         },
451.         {
452.           "6:15": "ethernet chipset showing up from any of"
453.         },
454.         {
455.           "6:17": "the vendors at the regular gigabit uh"
456.         },
457.         {
458.           "6:19": "space uh it's it's a very um it's it's"
459.         },
460.         {
461.           "6:24": "almost a monopoly so it's easier in that"
462.         },
463.         {
464.           "6:26": "respect still there are many many other"
465.         },
466.         {
467.           "6:28": "challenges to meet for example we have"
468.         },
469.         {
470.           "6:30": "not really um met the S&P challenge very"
471.         },
472.         {
473.           "6:33": "well yet we still have lots of problems"
474.         },
475.         {
476.           "6:34": "over there um and we haven't done"
477.         },
478.         {
479.           "6:36": "anything about dealing with uh modern"
480.         },
481.         {
482.           "6:39": "x86 VMS and we should probably take a"
483.         },
484.         {
485.           "6:42": "take a shot at doing something there as"
486.         },
487.         {
488.           "6:44": "well uh we're used to leading in this"
489.         },
490.         {
491.           "6:46": "case we may actually be following a"
492.         },
493.         {
494.           "6:48": "little bit more we Face a different"
495.         },
496.         {
497.           "6:49": "challenge than the other projects"
498.         },
499.         {
500.           "6:51": "FreeBSD pretty much only has to care"
501.         },
502.         {
503.           "6:53": "about one or two architectures and"
504.         },
505.         {
506.           "6:55": "they're very similar to each other we're"
507.         },
508.         {
509.           "6:56": "trying to make sure that we keep on"
510.         },
511.         {
512.           "6:58": "running on all of our old Legacy"
513.         },
514.         {
515.           "6:59": "architectures because we still find"
516.         },
517.         {
518.           "7:00": "benefit from them they allow us to"
519.         },
520.         {
521.           "7:03": "actually um we find a bug on spark 64"
522.         },
523.         {
524.           "7:06": "because it has certain characteristics"
525.         },
526.         {
527.           "7:08": "or we find it on a myip processor or we"
528.         },
529.         {
530.           "7:10": "find it on the alpha and we still find"
531.         },
532.         {
533.           "7:12": "tremendous benefits from from"
534.         }
535.       ]
536.     },
537.     {
538.       "name": "On regular OpenBSD releases on CD",
539.       "lines": [
540.         {
541.           "7:17": "that no it's not worth it it's not worth"
542.         },
543.         {
544.           "7:20": "it so we hope that enough people find"
545.         },
546.         {
547.           "7:22": "find this a a path so they so they can"
548.         },
549.         {
550.           "7:24": "fund us um because the other approaches"
551.         },
552.         {
553.           "7:27": "of just asking for people to fund us so"
554.         },
555.         {
556.           "7:29": "we can keep doing what we're doing those"
557.         },
558.         {
559.           "7:31": "approaches are not working all that well"
560.         },
561.         {
562.           "7:33": "I mean we don't have large sponsors"
563.         },
564.         {
565.           "7:34": "coming from anywhere we're not like like"
566.         },
567.         {
568.           "7:37": "the like the Linux Foundation or like"
569.         },
570.         {
571.           "7:39": "the FreeBSD Foundation uh we we don't"
572.         },
573.         {
574.           "7:41": "have this large resource Spas uh so"
575.         },
576.         {
577.           "7:45": "that's the best this is uh what we"
578.         },
579.         {
580.           "7:47": "started doing years and years ago and we"
581.         },
582.         {
583.           "7:49": "hope I mean we we understand that almost"
584.         },
585.         {
586.           "7:51": "everybody's buying our it's fun it's fun"
587.         },
588.         {
589.           "7:54": "and and uh I have I have visited uh"
590.         },
591.         {
592.           "7:56": "users in in cities around the world and"
593.         },
594.         {
595.           "7:59": "seen uh shell seen their shelves full of"
596.         },
597.         {
598.           "8:01": "their discs and how proud they are to"
599.         },
600.         {
601.           "8:03": "have almost a full set except for"
602.         },
603.         {
604.           "8:05": "missing 2.5 which we didn't make enough"
605.         }
606.       ]
607.     },
608.     {
609.       "name": "On modern world, which abandoned \"full disclosure\" policy",
610.       "lines": [
611.         {
612.           "8:12": "of I think this is a challenge that the"
613.         },
614.         {
615.           "8:14": "operat system without mitigations have"
616.         },
617.         {
618.           "8:16": "to ask themselves about because they're"
619.         },
620.         {
621.           "8:18": "completely vulnerable to this when these"
622.         },
623.         {
624.           "8:20": "applications have these problems but if"
625.         },
626.         {
627.           "8:22": "they had these mitigations in their"
628.         },
629.         {
630.           "8:24": "systems at least they they would raise"
631.         },
632.         {
633.           "8:25": "the bar and make them very difficult"
634.         },
635.         {
636.           "8:28": "like"
637.         },
638.         {
639.           "8:30": "I I I'm happy that that that we at least"
640.         },
641.         {
642.           "8:34": "have mitigations I don't know if this if"
643.         },
644.         {
645.           "8:36": "if it's if it's a a full answer MH to"
646.         },
647.         {
648.           "8:39": "the problem uh I was there when when"
649.         },
650.         {
651.           "8:42": "full when all the full disclosure was"
652.         },
653.         {
654.           "8:44": "happening on bug track back in those"
655.         },
656.         {
657.           "8:46": "days I knew all of those people at Loft"
658.         },
659.         {
660.           "8:48": "and all that they they and cor SDI they"
661.         },
662.         {
663.           "8:50": "were they were friends of mine I I was"
664.         },
665.         {
666.           "8:52": "involved in in the in the discussions"
667.         },
668.         {
669.           "8:55": "this is when the auditing of the open"
670.         },
671.         {
672.           "8:56": "BSD tree started in Earnest um"
673.         },
674.         {
675.           "9:00": "I it's it's sad the way that it has gone"
676.         },
677.         {
678.           "9:04": "um but you can kind of also see where it"
679.         },
680.         {
681.           "9:05": "has come from Unix is now mainstream"
682.         },
683.         {
684.           "9:08": "it's in every single product that we use"
685.         },
686.         {
687.           "9:10": "it has taken over the ecosystem"
688.         },
689.         {
690.           "9:15": "uh"
691.         }
692.       ]
693.     },
694.     {
695.       "name": "On lack of backward compatibility",
696.       "lines": [
697.         {
698.           "9:21": "yeah well I think we're more sort of a"
699.         },
700.         {
701.           "9:24": "research space um somebody has to do the"
702.         },
703.         {
704.           "9:27": "Innovation and push things into the"
705.         },
706.         {
707.           "9:29": "ecosystem quickly and tried to get a"
708.         },
709.         {
710.           "9:31": "large enough install base so we can"
711.         },
712.         {
713.           "9:33": "actually learn which things work and how"
714.         },
715.         {
716.           "9:35": "they need to be changed I'll give an"
717.         },
718.         {
719.           "9:37": "example um when we were working on our"
720.         },
721.         {
722.           "9:39": "ad space randomization and our Malo"
723.         },
724.         {
725.           "9:41": "randomization both of them actually ran"
726.         },
727.         {
728.           "9:44": "into into this a similar problem which"
729.         },
730.         {
731.           "9:46": "is that for example our Adder space"
732.         },
733.         {
734.           "9:48": "randomization was too greedy with going"
735.         },
736.         {
737.           "9:50": "in add and randomizing the adder space"
738.         },
739.         {
740.           "9:52": "too much as a result it was actually"
741.         },
742.         {
743.           "9:54": "starting to put pressure on the page"
744.         },
745.         {
746.           "9:55": "tables starting to put pressure onto the"
747.         },
748.         {
749.           "9:57": "cache starting to put pressure onto the"
750.         },
751.         {
752.           "9:59": "soft tables that manage the processes"
753.         },
754.         {
755.           "10:01": "virtual address base management so the"
756.         },
757.         {
758.           "10:04": "the the data structures were getting"
759.         },
760.         {
761.           "10:05": "very very large unnecessarily large"
762.         },
763.         {
764.           "10:07": "compared to a system which is a flat map"
765.         },
766.         {
767.           "10:10": "with no randomization same sort of thing"
768.         },
769.         {
770.           "10:12": "happened in our malok in the maok we we"
771.         },
772.         {
773.           "10:15": "we started adding guard Pages all over"
774.         },
775.         {
776.           "10:17": "the place and we had to back down"
777.         },
778.         {
779.           "10:19": "because we discovered that real world"
780.         },
781.         {
782.           "10:20": "software out there is not ready for this"
783.         },
784.         {
785.           "10:22": "there's too many bugs in the software"
786.         },
787.         {
788.           "10:24": "and and our ports developers were very"
789.         },
790.         {
791.           "10:26": "unhappy with the situation stuff just"
792.         },
793.         {
794.           "10:28": "wasn't running running longterm so we"
795.         },
796.         {
797.           "10:30": "had to back off the guard paging and do"
798.         },
799.         {
800.           "10:33": "a something that that's less less less"
801.         },
802.         {
803.           "10:35": "guarded memory and we hope that in time"
804.         },
805.         {
806.           "10:38": "we some of the developers will once in a"
807.         },
808.         {
809.           "10:40": "while turn on that feature because it's"
810.         },
811.         {
812.           "10:41": "a way to turn it on on PR program to"
813.         },
814.         {
815.           "10:44": "program and if we push that up the"
816.         },
817.         {
818.           "10:46": "ecosystem maybe we can actually see some"
819.         },
820.         {
821.           "10:48": "improvements down in the long term but"
822.         },
823.         {
824.           "10:50": "not in the short term so we wouldn't"
825.         },
826.         {
827.           "10:52": "have learned that if we had actually"
828.         },
829.         {
830.           "10:53": "thrown it out to our community and the"
831.         },
832.         {
833.           "10:55": "only way to throw it out to our"
834.         },
835.         {
836.           "10:56": "community is to actually go and throw it"
837.         },
838.         {
839.           "10:58": "in throw away backwards compatibility"
840.         },
841.         {
842.           "11:00": "usually we it's not terribly harsh uh"
843.         },
844.         {
845.           "11:03": "and we have a community here that's"
846.         },
847.         {
848.           "11:04": "accepting of this they they see the path"
849.         },
850.         {
851.           "11:06": "forward they know that that that uh they"
852.         },
853.         {
854.           "11:09": "know that not every single change that"
855.         },
856.         {
857.           "11:11": "comes and braks back compatibility is"
858.         },
859.         {
860.           "11:13": "directly suited for them and directly"
861.         },
862.         {
863.           "11:16": "targeted to them but they know that some"
864.         },
865.         {
866.           "11:17": "of the other ones are and so it's a give"
867.         },
868.         {
869.           "11:20": "and take sort of inside our user"
870.         },
871.         {
872.           "11:22": "community and our development community"
873.         }
874.       ]
875.     },
876.     {
877.       "name": "On 6 months release cycle",
878.       "lines": [
879.         {
880.           "11:29": "uh there has to be sort of in our six"
881.         },
882.         {
883.           "11:31": "month cycle there has to be a period of"
884.         },
885.         {
886.           "11:33": "time when lots of people run the same"
887.         },
888.         {
889.           "11:34": "code so that if we've made a"
890.         },
891.         {
892.           "11:37": "mistake um if we kind of Mis misjudged"
893.         },
894.         {
895.           "11:41": "the impact of one of our changes that's"
896.         },
897.         {
898.           "11:43": "the time when we're really going to find"
899.         },
900.         {
901.           "11:45": "out and people are going to deploy that"
902.         },
903.         {
904.           "11:46": "code and run with it and it's going to"
905.         },
906.         {
907.           "11:48": "work out fine these are these are small"
908.         },
909.         {
910.           "11:50": "little effects but we need to we need to"
911.         },
912.         {
913.           "11:51": "learn from our users"
914.         }
915.       ]
916.     },
917.     {
918.       "name": "On future plans",
919.       "lines": [
920.         {
921.           "11:59": "the primary thing that happens in our"
922.         },
923.         {
924.           "12:01": "project is that the developers who make"
925.         },
926.         {
927.           "12:03": "those changes have to want to make those"
928.         },
929.         {
930.           "12:05": "changes they have to have an itch they"
931.         },
932.         {
933.           "12:06": "want to"
934.         },
935.         {
936.           "12:08": "scratch so I don't know what the future"
937.         },
938.         {
939.           "12:11": "road map is I know what I know the"
940.         },
941.         {
942.           "12:13": "things that bother me that I think we"
943.         },
944.         {
945.           "12:14": "should improve and I know some of the"
946.         },
947.         {
948.           "12:16": "other developers what they want to"
949.         },
950.         {
951.           "12:18": "improve but I'm not going to make any"
952.         },
953.         {
954.           "12:20": "promis about what's going to come in SNP"
955.         },
956.         {
957.           "12:22": "or what's going to come in improvements"
958.         },
959.         {
960.           "12:24": "for for Network performance uh I can"
961.         },
962.         {
963.           "12:28": "promise it's going to be more"
964.         },
965.         {
966.           "12:30": "backwards compatibility breaks in the"
967.         },
968.         {
969.           "12:32": "future but they'll be small small"
970.         },
971.         {
972.           "12:34": "compared to the recent 64 but time"
973.         },
974.         {
975.           "12:37": "change"
976.         }
977.       ]
978.     },
979.     {
980.       "name": "On 64 bit time change",
981.       "lines": [
982.         {
983.           "12:42": "um oh it's a tremendous it it was it's a"
984.         },
985.         {
986.           "12:45": "really large change there's a there's"
987.         },
988.         {
989.           "12:47": "many ways of actually dealing with 64"
990.         },
991.         {
992.           "12:49": "but time in theory you can go find web"
993.         },
994.         {
995.           "12:52": "pages that people have come up with"
996.         },
997.         {
998.           "12:53": "prototypes but no one's actually pushed"
999.         },
1000.         {
1001.           "12:55": "it all the way into an operating system"
1002.         },
1003.         {
1004.           "12:57": "and thought of all the logistics of how"
1005.         },
1006.         {
1007.           "12:59": "you're going to get all the application"
1008.         },
1009.         {
1010.           "13:00": "programmers to use a new API so instead"
1011.         },
1012.         {
1013.           "13:03": "we went with with just changing the type"
1014.         },
1015.         {
1016.           "13:06": "at the at a very very low level and it's"
1017.         },
1018.         {
1019.           "13:09": "really interesting because we now have"
1020.         },
1021.         {
1022.           "13:10": "application we art ports Tre runs on it"
1023.         },
1024.         {
1025.           "13:14": "so we're basically dragging the entire"
1026.         },
1027.         {
1028.           "13:16": "application base along with openbsd so"
1029.         },
1030.         {
1031.           "13:19": "that by the time we get to the point"
1032.         },
1033.         {
1034.           "13:21": "where anybody else wants to actually"
1035.         },
1036.         {
1037.           "13:22": "switch to 64 B time the application"
1038.         },
1039.         {
1040.           "13:24": "space will be ready for them and that's"
1041.         },
1042.         {
1043.           "13:26": "similar to what we did with all of our"
1044.         },
1045.         {
1046.           "13:28": "exploit mitigation and address bace"
1047.         },
1048.         {
1049.           "13:29": "randomization features by deploying them"
1050.         },
1051.         {
1052.           "13:31": "in a real system and dragging the"
1053.         },
1054.         {
1055.           "13:33": "application space towards it anybody"
1056.         },
1057.         {
1058.           "13:35": "tomorrow in their operating system can"
1059.         },
1060.         {
1061.           "13:36": "turn these things on by default they"
1062.         },
1063.         {
1064.           "13:38": "don't have to worry Milla is going to"
1065.         },
1066.         {
1067.           "13:39": "work we've made sure of that"
1068.         }
1069.       ]
1070.     }
1071.   ]
1072. }