[GTALUG] WSL, threat or boon? [was Re:Surveillance Capitalism [was another thread]]

[Jamon Camisso]

On 05/04/2021 09:31, Russell Reiter via talk wrote:
> In that case, in the debate between GCC and clang LLVM, as someone who is
> unable to write an operating system from scratch; who relies on
> documentation
> and the help of like minded people; my vote goes to GCC. It preserves
> support for what
> I see as program necessary artifacts. Plus I see python and other
> interpretative hooks
> into machine code a risk, which must be well balanced, from a SigInt
> perspective.

1. What's the debate about? Links please.

2. What do you mean by interpretative hooks? What is the risk model that 
you are conflating with with LLVM, and how is it any different than GCC?

Do you verify all your binaries and compiler and all the intermediate 
objects when you build software? As Ken Thompson said, "You can't trust 
code that you did not totally create yourself... No amount of 
source-level verification or scrutiny will protect you from using 
untrusted code[1]."

Since the "debate" as presented here is framed in terms of (specious 
until proven otherwise) risk, I suggest that focusing on the compiler is 
a secondary concern to the main trust issues that must be addressed, 
which are formal verification and reproducible builds. Perhaps the 
CompCert compiler would be better for your needs[2].

> In such a case of reconstructionism, I believe GCC is the better
> philosophical option.
Why do you believe it is better? Is using LLVM restricting developers 
from writing software that can create social change? Does GCC somehow 
better enable developers to engage in critical thinking about the world? 
Is any of the above the reason that you use a compiler or write 
software? I'd like to understand how either compiler helps or hinders 
you, or other developers.

[1] https://dl.acm.org/doi/10.1145/358198.358210
[2] https://github.com/AbsInt/CompCert