Ireland
Webmaster, system administrator, programmer.
Ticket created by ~jpastuszek on ~jpastuszek/mascot
For DSL clients this could save some allocations and better communicate the reason of owning data. But in general use case reduction in allocations won't have much impact. Also for CLI API there would be little gain as most things will be String already.
Ticket created by ~jpastuszek on ~jpastuszek/blog
We need 3 layers of security not just transport. Also Federation Layer Security, Message Layer Security.
Comment by ~jpastuszek on ~jpastuszek/blog
Secrecy of crypto algo vs publishing crypto algo and making it keyed with a secret.
Comment by ~jpastuszek on ~jpastuszek/blog
https://googleprojectzero.blogspot.com/2020/11/oops-i-missed-it-again.html
"but some quick Googling showed that it wasn't open source, which suggested to me that the code had probably undergone substantially less security review, and hence probably had more low-hanging bugs in it, than the open-source parts of the kernel."
"Security researchers rejoice when Apple accidentally releases symbolicated kernelcaches or development libraries, but this is just because it saves time reversing, not because it makes things newly reversible. Any capable attacker will find bugs regardless of the presence or absence of symbols; all the lack of symbols does is keep the bug away from eyes (like mine) that might report it. Hence, withholding symbols is an incredibly weak protection, only deterring the lowest tiers of attackers and serving to make the bugs that have been found last longer"
Comment by ~jpastuszek on ~jpastuszek/blog
Around 19:40; he says that C memory model is PDP-11 and strict memory layout rules inhibit optimization of C programs... something that is not a problem with Rust. https://invidious.xyz/watch?v=9-IWMbJXoLM
Ticket created by ~jpastuszek on ~jpastuszek/blog
Comment by ~jpastuszek on ~jpastuszek/blog
Ticket created by ~jpastuszek on ~jpastuszek/blog
ACLs offer binary protection: your are user or root; and they only protect the system. If you run
rm -Rf /
system will be OK but all your work and documents will be gone! OS can be reinstalled but your work better be backed up. Worst is that any program running on your computer can exfiltrate your work and ask for ransom.So ACLs offer no useful protection for Desktop computer user. Also due to fundamental flaw in ACL called "Confused Deputy" this system can be worked around leading to permissions escalation - every year one or more is found in Linux; every month many are found in Windows; so ACLs are broken by design!