He is using neovide. You can also use specs.nvim to configure if you want to use for neovim.

> 1. How trustworthy is tailscale? Very IMHO. See tailscale.com/security for a technical description of how their service works, the TL;DR is that they facilitate distribution of _PUBLIC_KEYS_ not private keys and not the data being sent. As for whether it's safe to use that curl installer script or use of their `tailscale up` binary. This is a more philosophical take on my part, and is thus inferior to a technical analysis of the code itself (their code is open source), but Tailscale is a small security business. Small Security Businesses live and die based on their reputation, and if they started installing malware they would lose their reputation quickly and go out of business. 2. Yes you can do this. However, you're not really gaining anything by doing so. You are essentially distrusting Hetzner with the setup you descrbe, and if you distrust Hetzner, then simply don't use them. Go directly to the NordVPN from home. Your ISP doesn't particularly care if they know you are talking to Hetzner or Nord, they can't see what your doing regardless. If you think you're tricking Nord with this scenario, you're not... Sure they don't know your IP address, but they know it's you based on your account information you use to sign in.

@@masmullin thanks so much for the detailed reply, love your content!

mistake

So, to summarize this I need: 1. Build Linux kernel for my specific platform with all required drivers (for graphics and audio which I need) 2. Add some stuff to init(rd) which will allow me to use gaphics and audio APIs 3. Add my app built for this Correct?

If you are interested is both rust and cyber security, you might be interested in the book "black hat rust" kerkour.com/ Think of it as a way to learn rust through cybersec projects.

@@masmullinwow thank you for sharing this! This is exactly what I’ve been looking for

Thank you. Glad you found it useful

This is difficult to explain, sorry for the confusion. There's two types of allocation in Linux. One uses sbrk to move something called the break for the heap up and down. Think of the break like a line. In the case where you move the break up 10mb, either in one big jump, or many small jumps, then you use all of that 10mb, the you free all the memory other than the very top; the allocator cannot move the break back down because that very top is still being used. The other way to allocate is via mmap. If you use mmap by hand, you can grab a 10mb chunk of memory, use it, and the mark 9.9mb of that memory as DONT_NEED, I've not seen that sort of behaviour when an allocator uses mmap to grab memory and then give it to you via malloc/free. In the case where an allocator uses mmap, it will (hopefully) mark that 10mb chunk of memory as DONT_NEED when you are completely done with it. also, allocators try to be smart with mmap. Eg jemalloc will wait to mark an mmap as dont_need for some amount of time in case you ask for more memory.

@@masmullin So if allocator uses sbrk syscall there is particular reason why 9.9 Mb isn't freed (bcs 64 bytes are located at top of the 9.9 Mb). But in case of mmap it seems like nothing prevents allocator from freeing 9.9 Mb if it wants so, bcs mmap doesn't increase brk segment address but instead giving us pages of memory somewhere. So is it true that 'Dirty Pages' are really possible only while using sbrk, bcs if allocator use mmap it can call free syscall on freed(by allocator API) memory pages?

No, but seriously, this video helped out a lot. Thank you so much

Nice of you to say. I wish I was better.

Lilex

There are two async/await concepts needed to explain this. Task and Thread. A task is a set of work to be completed, a thread is the underlying mechanism used to complete that work. calling something like web::block(||get_users()).await.unwrap() will release the thread back to the Tokio Runtime, but it does not "release" the task. The task is "await"ing the return of web::block, but the tokio runtiime can use the thread which was running the task for other purposes until the await is complete.

@@masmullin yes, of course. But is It the Waker thread (not the current thread) that Is polling the async task checking for any update? Am i right?

No, Sorry. Feel free to contact me via email though. A few other viewers do this from time to time.