Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://hachyderm.io/users/dalias/statuses/114592484954840595">Rich Felker (dalias@hachyderm.io)'s status on Friday, 30-May-2025 03:15:57 JST</a><a href="https://hachyderm.io/@dalias" title="dalias@hachyderm.io"><img src="https://gnusocial.jp/avatar/40873-48-20221207231635.webp" width="48" height="48" alt="Rich Felker" style="position: absolute; left: 0; top: 0;">Rich Felker</a><div><a href="https://infosec.exchange/@alwayscurious/114592461466993589" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/275421" title="froge@social.glitched.systems">CyberFrog</a></li><li><a href="https://gnusocial.jp/user/320612" title="sparklepanic@infosec.exchange">Raven (she/they)  🏳️‍⚧️</a></li></ul></div></section><article><p><a href="https://infosec.exchange/@alwayscurious">@alwayscurious</a> <a href="https://social.glitched.systems/@froge">@froge</a> <a href="https://infosec.exchange/@sparklepanic">@sparklepanic</a> No, very little is. We just have a very warped sense of the software landscape colored by "apps" that are interlinked with platforms, service providers, messaging, user generated content, etc. And even in these, "the affected functionality" can be well-scoped things like "media decoding and display" or "macros embedded in document" that can be disabled as needed, if users were given the option to do so and if we had a privacy-protecting way to distribute knowledge of the need to disable vulnerable functionality.</p><p>But there's also just a ton of software that does not deal with attack surface. And the WireGuard app is a great example of that.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/5118510#notice-10044762">In conversation</a><time datetime="2025-05-30T03:15:57+09:00" title="Friday, 30-May-2025 03:15:57 JST">about 8 days ago</time> <span>from <span><a href="https://hachyderm.io/@dalias/114592484954840595" rel="external" title="Sent from hachyderm.io via ActivityPub">hachyderm.io</a></span></span><a href="https://hachyderm.io/@dalias/114592484954840595">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Friday, 30-May-2025 03:15:57 JSTRich Felker
in reply to
@alwayscurious @froge @sparklepanic No, very little is. We just have a very warped sense of the software landscape colored by "apps" that are interlinked with platforms, service providers, messaging, user generated content, etc. And even in these, "the affected functionality" can be well-scoped things like "media decoding and display" or "macros embedded in document" that can be disabled as needed, if users were given the option to do so and if we had a privacy-protecting way to distribute knowledge of the need to disable vulnerable functionality.
But there's also just a ton of software that does not deal with attack surface. And the WireGuard app is a great example of that.
In conversationabout 8 days ago from hachyderm.iopermalink

Public

Embed Notice

HTML Code

Corresponding Notice