Conversation

Notices

1. Embed this notice
   Fish of Rage (sun@shitposter.world)'s status on Wednesday, 04-Dec-2024 07:14:26 JST Fish of Rage
   youtube commenter is more worried about supply chain attacks than memory safety
   • Haelwenn /элвэн/ :triskell: and Jeff "never puts away anything, especially oven mitts" Cliff, Bringer of Nightmares 🏴‍☠️🦝🐙 🇱🇧🧯 🇨🇦🐧 like this.
   • Embed this notice
     Fish of Rage (sun@shitposter.world)'s status on Wednesday, 04-Dec-2024 07:16:18 JST Fish of Rage

     in reply to
     what if I told you that the existence of supply chain attacks doesn't absolve you from competent programming
     mangeurdenuage :gnu: :trisquel: :gondola_head: 🌿 :abeshinzo: :ignucius: likes this.
   • Embed this notice
     mangeurdenuage :gnu: :trisquel: :gondola_head: 🌿 :abeshinzo: :ignucius: (mangeurdenuage@shitposter.world)'s status on Wednesday, 04-Dec-2024 07:18:15 JST mangeurdenuage :gnu: :trisquel: :gondola_head: 🌿 :abeshinzo: :ignucius:

     in reply to
     @sun Both are as worrying. I'm worried of common points of failure like hardware/firmware bugs/backdoors.
   • Embed this notice
     Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 07:26:04 JST Haelwenn /элвэн/ :triskell:

     in reply to
     @sun Well except memory safety is a language feature, not a programmer skill, although you do have to pick the right language for what you need.
     
     While dependency issues how is that not a skill issue?
   • Embed this notice
     Fish of Rage (sun@shitposter.world)'s status on Wednesday, 04-Dec-2024 07:34:56 JST Fish of Rage

     in reply to

     • Haelwenn /элвэн/ :triskell:
     @lanodan right but just imagine being like I don't think I need memory safety because the real risk is supply chain
   • Embed this notice
     Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 07:44:55 JST Haelwenn /элвэн/ :triskell:

     in reply to
     @sun Which is a dead argument because good luck quantifying software risks in such a broad manner, there's barely even have proper infra for communicating security issues to downstreams (like CVEs do) so stats would be seriously off.
     
     Although I think you could say that not all software benefits from memory safety (like when there's little to no external input) and that all software benefits from taking dependency issues seriously.
   • Embed this notice
     Fish of Rage (sun@shitposter.world)'s status on Wednesday, 04-Dec-2024 07:47:03 JST Fish of Rage

     in reply to

     • Haelwenn /элвэн/ :triskell:
     @lanodan that is the difference between "all" and "almost all"
   • Embed this notice
     Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 07:48:51 JST Haelwenn /элвэн/ :triskell:

     in reply to
     @sun And presenting logic to apply instead of "trust me bro, you do (not) need this" in a very general manner.
   • Embed this notice
     Fish of Rage (sun@shitposter.world)'s status on Wednesday, 04-Dec-2024 07:49:31 JST Fish of Rage

     in reply to

     • Haelwenn /элвэн/ :triskell:
     @lanodan lack of memory safety is actually bad but I admit it's hard to avoid C
     Jeff "never puts away anything, especially oven mitts" Cliff, Bringer of Nightmares 🏴‍☠️🦝🐙 🇱🇧🧯 🇨🇦🐧 likes this.
   • Embed this notice
     Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 07:56:31 JST Haelwenn /элвэн/ :triskell:

     in reply to
     @sun Yeah in fact kind of fun that rust stdlib just links to the libc, rustc depends on LLVM (so C++) and cargo has quite a lot of dependencies in C and various kinds of assembly.
     
     At least Go is more isolated there but for many years reference Go toolchain was in C.
   • Embed this notice
     Fish of Rage (sun@shitposter.world)'s status on Wednesday, 04-Dec-2024 08:01:19 JST Fish of Rage

     in reply to

     • Haelwenn /элвэн/ :triskell:
     @lanodan Rust unsafe still benefits from type safety and borrow checker is not disabled
   • Embed this notice
     Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 08:12:43 JST Haelwenn /элвэн/ :triskell:

     in reply to
     @sun Sure but Rust Unsafe is basically Rust with few specific safety guarantees disabled.
     
     Meanwhile issue with linking to C++/C/assembly/… is you do not have memory isolation, that's between processes.
     For example Rust code linking to OpenSSL-Heartbleed is just as exploitable as C code would.
   • Embed this notice
     Fish of Rage (sun@shitposter.world)'s status on Wednesday, 04-Dec-2024 08:13:56 JST Fish of Rage

     in reply to

     • Haelwenn /элвэн/ :triskell:
     @lanodan it doesn't make you perfectly safe it makes you more safe
     
     it also doesn't solve logical vulnerabilities
   • Embed this notice
     Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 08:14:54 JST Haelwenn /элвэн/ :triskell:

     in reply to
     @sun > it also doesn't solve logical vulnerabilities
     
     I know, see the vulns Pleroma had, Erlang and Elixir are memory-safe.
   • Embed this notice
     frogzone@wizard.casa's status on Wednesday, 04-Dec-2024 08:34:03 JST frogzone

     in reply to

     • mangeurdenuage :gnu: :trisquel: :gondola_head: 🌿 :abeshinzo: :ignucius:

     @mangeurdenuage @sun yeah they are both bad, just look at what isreal did to lebanon, people dont expect their device to act as a chemical weapon but that line is now crossed.

     mangeurdenuage :gnu: :trisquel: :gondola_head: 🌿 :abeshinzo: :ignucius: likes this.
   • Embed this notice
     Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 08:34:04 JST Haelwenn /элвэн/ :triskell:

     in reply to

     • Haelwenn /элвэн/ :triskell:
     @sun Or for another example on glibc systems, CVE-2023-4911 (glibc ld.so GLIBC_TUNABLES) would still work against sudo-rs instead of sudo.
     
     Meanwhile a Go reimplementation of sudo could end up fine if cgo isn't used.