So the SSD is hiding extra, inaccessible, cells. How does blkdiscard help? Either the blocks are accessible, or they aren’t. How are you getting a the hidden cells with blkdiscard?

The idea is that blkdiscard will tell the SSD’s own controller to zero out everything. The controller can actually access all blocks regardless of what it exposes to your OS. But will it do it? Who knows?

I feel that, unless you know the SDD supports secure trim, or you always use -z, dd is safer, since blkdiscard can give you a false sense of security, and TRIM adds no assurances about wiping those hidden cells.

After reading all of this I would just do both… Each method fails in different ways so their sum might be better than either in isolation.

But the actual solution is to always encrypt all of your storage. Then you don’t have to worry about this mess.

I don’t see how attempting to over-write would help. The additional blocks are not addressable on the OS side. dd will exit because it reached the end of the visible device space but blocks will remain untouched internally.

The Arch wiki says blkdiscard -z is equivalent to running dd if=/dev/zero.

Where does it say that? Here it seems to support the opposite. The linked paper says that two passes worked “in most cases”, but the results are unreliable. On one drive they found 1GB of data to have survived 20 passes.

in this case, wiping an entire disk by dumping /dev/random must clean the SSD of all other data.

Your conclusion is incorrect because you made the assumption that the SSD has exactly the advertised storage or infinite storage. What if it’s over-provisioned by a small margin, though?

He didn’t say anything about Nazism being an opinion you disagree with.

This is literally the only point the article makes and there’s no point even discussing it further if you’re too blind or dishonest to admit that.

You don’t have to trust Drew, though. Vaxry is pretty clear on his stance on the subject.

if I run a discord server around cultivating tomatoes, I should not exclude people based on their political beliefs, unless they use my discord server to spread those views.

which means even if they are literally adolf hitler, I shouldn’t care, as long as they don’t post about gassing people on my server

that is inclusivity

Source: https://blog.vaxry.net/articles/2023-inclusiveActivists

Note how this article is not where he first stated the above. This article is where he doubles down on the above statement in the face of criticism. In the rest of the article he presents nazism as an opinion people might have that you disagree with. He argues that his silent acceptance of nazis is the morally correct stance while inclusive communities are toxic actually.

This means that it’s not just Drew or the FDO who are arguing that Vaxry’s complete lack of political stance is creating safe spaces for fascists. It’s Vaxry himself that explicitly states this is happening and that it’s intentional on his part.

C is pretty much the standard for FFI, you can use C libraries with Rust and Redox even has their own C standard library implementation.

Right, but I’m talking specifically about a kernel which supports building parts of it in C. Rust as a language supports this but you also have to set up all your processes (building, testing, doc generation) to work with a mixed code base. To be clear, I don’t image that this part is that hard. When I called this a “more ambitious” approach, I was mostly referring to the effort of maintaining forks of linux drivers and API compatibility.

Linux does not have a stable kernel API as far as I know, only userspace API & ABI compatibility is guaranteed.

Ugh, I forgot about that. I wonder how much effort it would be to keep up with the linux API changes. I guess it depends on how many linux drivers you would use, since you don’t need 100% API compatibility. You only need whatever is used by the drivers you care about.

Does it have to be Linux?

In order to be a viable general use OS, probably yes. It would be an enormous amount of effort to reach a decent range of hardware compatibility without reusing the work that has already been done. Maybe someone will try something more ambitious, like writing a rust kernel with C interoperability and a linux-like API so we can at least port linux drivers to it as a “temporary” solution.