Same, no blue light or eyestrain is a plus. I agree with the other child comment though, the price is too steep for now. FPS and it being Android and therefore extendable is great. I want one.
How does it do that for ruby for example? (which is in the link you provided). OTEL instrumentation for HTTP doesn’t instrument the body so you won’t be able to see token usage, prompts and completions. Or am I missing something?
I was always wondering if it’s possible to figure pledges in compile-time for Go, e.g., declare in your module “I will never access network” and make compiler verify that. (Wouldn’t work for assembly for sure, but probably is okay for most of the modules)
I recently saw a post about Cackle [1] coming out of the rust ecosystem which looks pretty cool. Similar to what others have said, there's always a chance that a C lib or shell script is leveraged to bypass compile time guarantees. I think that's why it's important to do both. Do what you can to keep your supply chain safe and limit your runtime as much as possible.
Go lets you run arbitrary shell commands. Even if you couldn't, you can do virtually anything with IO. Even if it had some way to guess the file you're trying to open is a socket, you don't necessarily need a socket. You can be writing to a named pipe or even a tty that serves as the input to ncat which keeps an active tcp session with some C&C server always running as a system daemon. That might sound ridiculous, but real-world malware often works in pairs like that where one process will simply see if another exists, do bad stuff if so, and forget about it if not. They're attacking millions if not billions of hosts, so don't need them all to join the botnet. Only the kernel at runtime knows what you're doing at the level of detail needed to prevent something like this.
But yes technically such a setup is possible (not with any mainstream OS though).
It would have to be very restrictive w.r.t mounts and virtual file systems.
