mschwaig (u/mschwaig)

mschwaig commented on Ozempic is changing the foods Americans buy news.cornell.edu/stories/... · Posted by u/giuliomagnifico

u_sama · 2 months ago

For artificial problems, artificial solutions. I think the state of food in the US is really bad, and one cannot compare such products to the superior EU food quality standards and eating habits (and city designs) which render the incentives really perverse

mschwaig · 2 months ago

A consequence of universal healthcare that people don't talk about much is that it turns unhealthy citizens from an individual cost into more of a collective one. So it makes sense that countries with universal healthcare regulate in favor of their citizens as opposed to their food industry, because they're paying for the consequences more directly.

mschwaig commented on The Post-American Internet pluralistic.net/2026/01/0... · Posted by u/EvanAnderson

mschwaig · 2 months ago

I think outright shortening copyright terms could be a beneficial policy along similar lines.

mschwaig commented on Koralm Railway infrastruktur.oebb.at/en/... · Posted by u/fzeindl

contrarian1234 · 3 months ago

Austria is the only European country I've been to that doesn't have cheap affordable intercity buses. Seemingly none at all. It was kind of strange... Does anyone know why?

The only options to get around was the expensive train system - and anyone I asked was bewildered why I would want to take a bus.. Maybe next time I should look in to carpooling or some other options. How do low income people get around typically? I need to go to attend a conference, but it's not cheap coming from Asia

EDIT: Seems I was wrong! Sorry. There are buses, (maybe fewer than other countries?)

mschwaig · 3 months ago

I would blame how Austria, a very small country, is organized into 9 provinces that actually have their own budget and can pass their own laws on some topics.

Rail service is funded at the federal level, so there's less arguing about who pays for what. Bus service, however, is managed by regional transport associations funded by the provinces. This creates disincentives for cross-province bus routes because no single province wants to pay more than its 'fair' share for a service that primarily benefits voters in another province.

Similar dynamics play out at the city/province level. Take Linz, the provincial capital of Upper Austria: the city has had a social democratic (SPÖ) mayor continuously since 1945, while the province has had a conservative (ÖVP) governor for exactly the same period of 80 years. This disincentivizes the province government from helping to fund public transport within or into the city, because it's a win for social democratic city voters, while the more conservative rural voters would rather take the car anyway since they often can't do the whole trip by public transport.

Arguably the reason for the excellent public transport in the city of Vienna is that they are also their own province. Their mayor/governor, who has been a social democrat as well for the last 80 years, always controls both levels of funding.

mschwaig commented on Disrupting the first reported AI-orchestrated cyber espionage campaign anthropic.com/news/disrup... · Posted by u/koakuma-chan

xeonmc · 4 months ago

Sounds like it’s a gap that AI could fill to make Nix more usable.

mschwaig · 4 months ago

If you make a conventional AI agent do packaging and configuration tasks, it has to do one imperative step after the other. While it can forget, it can't really undo the effects of what it already did.

If you purpose-build these tools to work with Nix, in the big picture view how these functional units of composition can affect each other is much more constrained. At the same time within one unit of composition, you can iterate over a whole imperative multi-step process in one go, because you're always rerunning the whole step in a fresh sandbox.

LLMs and Nix work together really well in that way.

mschwaig commented on Disrupting the first reported AI-orchestrated cyber espionage campaign anthropic.com/news/disrup... · Posted by u/koakuma-chan

XorNot · 4 months ago

Nix makes everything else so hard that I've seen problems with production configuration persist well beyond when they should because the cycle time on figuring out the fix due to evaluations was just too long.

In fact figuring out what any given Nix config is actually doing is just about impossible and then you've got to work out what the config it's deploying actually does.

mschwaig · 4 months ago

Yes, the cycle times are bad and some ecosystems and tasks are a real pain still.

I also agree with you when it comes to the task of auditing every line of Nix code that factors into a given system. Nix doesn't really make things easier there.

The benefit I'm seeing really comes from composition making it easier to share and direct auditing effort.

All of the tricky code that's hard to audit should be relied on and audited by lots of people, while as a result the actual recipe to put together some specific package or service should be easier to audit.

Additionally, I think looking at diffs that represent changes to the system vs reasoning about the effects of changes made through imperative commands that can affect arbitrary parts of the system has similar efficiency gains.

mschwaig commented on Disrupting the first reported AI-orchestrated cyber espionage campaign anthropic.com/news/disrup... · Posted by u/koakuma-chan

mschwaig · 4 months ago

I think as AI gets smarter, defenders should start assembling systems how NixOS does it.

Defenders should not have to engage in an costly and error-prone search of truth about what's actually deployed.

Systems should be composed from building blocks, the security of which can be audited largely independently, verifiably linking all of the source code, patches etc to some form of hardware attestation of the running system.

I think having an accurate, auditable and updatable description of systems in the field like that would be a significant and necessary improvement for defenders.

I'm working on automating software packaging with Nix as one missing piece of the puzzle to make that approach more accessible: https://github.com/mschwaig/vibenix

(I'm also looking for ways to get paid for working on that puzzle.)

mschwaig commented on Nix Derivation Madness fzakaria.com/2025/10/29/n... · Posted by u/birdculture

Ericson2314 · 4 months ago

I think Eelco has in mind a separate thing that would still be a store object field. But IMO we should not do that since derives are unique, and we should instead use the "build trace" instead, which properly handles that.

As Martin Schwaighofer has discussed, it is fine and in fact good for build traces entries to have arbitrary meta data, so the "claims" being cryptographically signed are more precise. (This is good for auditing, and if something looks suspicious, having full accountability.)

So on that grounds, if eelco would like to include some "this came from this flake" information as informal metadata. (formally the key must still the resolved derivation.) That is fine with me.

---

As I linked in my other reply, see my fast-growing https://github.com/NixOS/nix/pull/14408 docs PR where I try to formally nail all this stuff down for the first time.

mschwaig · 4 months ago

I mentioned another alternative to adding flake-specific metadata to data structures that are transferred over the network, as part of the signed traces or otherwise, in a comment on that PR Eelco linked.

It's keeping flake-specific data locally, to guarantee that it matches how the user ended up with the data, not how the builder produced it. I think otherwise from the user POV such data could again look misleading.

mschwaig commented on Angle brackets in a Nix flake world fzakaria.com/2025/08/10/a... · Posted by u/setheron

setheron · 7 months ago

Same that's why I wrote the blog :)

Even the 'scopedImport' builtin isn't documented.

I agree. Kind of feels there's a lot to learn but also Nix is a complete departure from how we traditionally built software.

So if you think about all the implicit knowledge you carry with you when you move to other tooling, it's probably comparable.

mschwaig · 7 months ago

As a current PhD student (working on Nix stuff) let me take this opportunity to congratulate you on your successful PhD defense and publicly thank you for your writing. That you write and what you write are inspiring.

mschwaig commented on Angle brackets in a Nix flake world fzakaria.com/2025/08/10/a... · Posted by u/setheron

mschwaig · 7 months ago

I work with Nix a lot, and I had never seen `__findFile`.

It's kind of crazy how much there is to know about Nix. I wish there was a bit less surface area to the language. On the other hand it's really interesting how much specialized knowledge there is in the community around various topics. Some people package things, some people write library code, some write glue code that wraps other build tools, some write VM-based tests, some write generators that transform store paths into things like container images, some just manage their dot files, some are experts for how we deal with some specific proprietary ecosystem like cuda, some write infra code or tools around the Nix code, some work on one of the Nix implementations.

mschwaig commented on I prefer human-readable file formats adele.pollux.casa/check-h... · Posted by u/Bogdanp

mschwaig · 7 months ago

Human-readability was one of the aspects that I enjoyed about using CCL,the Categorical Configuration Language (https://chshersh.com/blog/2025-01-06-the-most-elegant-config...), in one of my projects recently.

It saves you from escaping stuff inside of multiline-strings by using meaningful whitespace.

What I did not like about CCL so much that it leaves a bunch of stuff underspecified. You can make lists and comments with it, but YOU have to decide how.