> accessing memory mapped device memory instead of using DMA like in the good old days
That's not actually an option for NVMe devices, is it? The actual NAND storage isn't available for direct memory mapping, and the only way to access it is to set up DMA transfers.
100%! I dearly missed how simple it was to correlate security & issue event tracing (even for guest users!) without NAT/PAT at the following job, what a treat that was.
Right as I was on the way out they finally started using 10/8 after merging with another large org that had a lot of branches (and a "normal" amount of public IPs for their size :)).
a bit disappointed this only points to ethernet as its answer. it does help to understand why ethernet requires addressing versus some others that do not.
Pretty much everything that isn’t point to point, like PPP or a VPN, can carry IP traffic directly without needing to care about MACs (because they’re only talking to one other interface). Anything that routes physical packets around needs the equivalent of a MAC address.
Ethernet is already a complete network that doesn't care about the fact you're running IP on top of it. Being a complete network includes having a way to address the computers on it. There are ways to transmit data point to point without addressing but they're not really "networks" until they have that.
Ethernet was designed to be the cheapest way to network multiple machines together. Everything was connected to a single long loop of coax with "vampire taps" that literally bit into the coax to connect multiple machines. So there's no central machine routing packets, instead each machine needs to decide whether or not a packet is intended for it. So the packets have to have a unique[0] destination address, as well as a source address so you know who to reply to.
Notably, none of this implies IP. IP was the expensive DARPA project that the military was building out. Ethernet is just "I am machine X, I want to talk to machine Y, here's some data". It just so happens that Ethernet was very popular, and people wanted to route IP over Ethernet. But you could route all sorts of other protocols over Ethernet as well and it would more or less work. So now we need two different classes of addressing: one for just the local network, and one for the IP network running on top of it.
And to make matters even worse, we don't use Ethernet in its original configuration anymore. First we replaced the loop of coax and vampire taps with 8P8C wire and passive hubs, then switches got cheap enough that we stopped making hubs. Ethernet framing also wound up being used for Wi-Fi, except like 99% of all Wi-Fi connections are in Infrastructure mode running IP anyway.
If Ethernet had been built to run IP exclusively, we wouldn't need Ethernet's header or MAC addresses at all. It would just need to encode IP packets and their boundaries. Even IPv6 wouldn't need a separate header as IP has its own version field.
[0] MAC addresses are supposed to be unique, but let's just say it's "LAN-scoped" and leave it at that.
I have really strong opinions against the device-secured biometric stuff. On my own devices, I will never use it as it dramatically lowers my security posture.
Further, the development of this ecosystem is to the exclusion of alternative OSes. Windows Hello and whatever apple wants to call their suite of biometric goo is elevating them to a place in my life that is unacceptable by virtue of the unwarranted trust granted to them.
