There is one for the f64 FMA recycling IFMA from AVX512 they have for bignum libraries;it's a 52 bit unsigned multiply and accumulates either the low or the high output halves into a 64bit accumulator.

It's surely no 64 bit but it's much more than 32 bit. And it's giving you access to the high halves so you can use it to compute 32x32->64 on vector even if only half as packed as that could be.

No they isolate L and N not PE.

None of the DDR2 and onwards memories have anywhere near enough bandwidth to meet refresh frequency on each bit by you even just reading it in a loop.

The refresh that we do is run in parallel on the memory arrays inside the RAM chips completely bypassing any of the related IO machinery.

And those memory arrays cannot detect access from the bus?

I'm not saying that it's easy or cheap or worthwhile (I'd rather guess it's not in most cases), but I don't see why it couldn't be done.

First reaction to warning tone should always be to (safely!) stop and assess.

Considering that the persons involved can't be expected to not be deaf, or functionally so via e.g. headphones, and thus you always have to be able to brake anyways. Running onto a driving lane (be it bikes or cars doesn't matter) without looking especially if the direction you didn't look just gave an audible warning is always reckless.

In Germany it's illegal to drive bikes that assist beyond 28km/h (about 20mph) in what are true bike paths (which can be built as lanes! And, notably, they can be marked as virtual-lane-shared (pictogram side by side with a vertical divider) or as true shared (pictogram above and below at a horizontal divider), if pedestrians are also allowed to use them.

An ancient gas-e-bike rating is allowed on them outside city limits but iirc those bikes are exceedingly rare since even before e-bikes became truly mainstream.

RTL-SDR-grade fleet doing passive radar (using radio/TV OTA broadcasts) isn't actually that new; but pretty much any detailed reports have caught self-censoring after TLA visitors came by.

And what about the CA?

It's no different compared to regular SSH private keys. You need to protect it from compromise.

However, it provides you an additional layer of protection, because it does not need to be on the critical path for every SSH connection. My CA is a Nitrokey HSM, for example. I issue myself temporary certs that are valid only for 6 hours for ephemeral private keys.

Yes it is different. SSH CA keys are harder to secure and attackers have a much bigger incentive to steal them.

You can also configure multiple CA for client auth, and on the client side multiple ca to verify host keys.

Upgrade to a better one in initramfs?

u32::from_be_bytes

u32::from_le_bytes

u32::from_ne_bytes the n stands for native

The latter can definitely afford a support contract.