Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://bikeshed.party/objects/99b426e5-6f63-4ba0-80ce-67535889976c">feld (feld@bikeshed.party)'s status on Wednesday, 21-Sep-2022 23:37:27 JST</a><a href="https://bikeshed.party/users/feld" title="feld@bikeshed.party"><img src="https://gnusocial.jp/avatar/4193-48-20240209135539.webp" width="48" height="48" alt="feld" style="position: absolute; left: 0; top: 0;">feld</a><div><a href="https://p.helene.moe/objects/de7ad489-6650-40ad-a2f0-841515fd41b1" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/997" title="helene@p.helene.moe">Hélène</a></li></ul></div></section><article>A few of the security guys on FreeBSD's team work/have worked in malware research and just laugh at OpenBSD because the stuff they implement is bypassed by modern malware all the time, so I don't worry too much<br><br>The bleeding edge security research in *nix land is happening by some FreeBSD devs and it's called CHERI. This is the real solution. Not rewriting everything in Rust. Not implementing all the performance killing nonsense that OpenBSD implements. (And FreeBSD's Capsicum is better than OpenBSD's Pledge; Pledge is just easier to use)<br><br>But honestly. CHERI is the future. That's how we solve the problems that plague us.<br><br><a href="https://papers.freebsd.org/2019/bsdcan/davis-cheriabi/" rel="noreferrer nofollow">https://papers.freebsd.org/2019/bsdcan/davis-cheriabi/</a></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/200032#notice-359246">In conversation</a><time datetime="2022-09-21T23:37:27+09:00" title="Wednesday, 21-Sep-2022 23:37:27 JST">Wednesday, 21-Sep-2022 23:37:27 JST</time> <span>from <span><a href="https://bikeshed.party/objects/99b426e5-6f63-4ba0-80ce-67535889976c" rel="external" title="Sent from bikeshed.party via ActivityPub">bikeshed.party</a></span></span><a href="https://bikeshed.party/objects/99b426e5-6f63-4ba0-80ce-67535889976c">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: www.freebsd.org</div><h5><a href="https://papers.freebsd.org/2019/bsdcan/davis-cheriabi/">CheriABI: Hardware enforced memory safety for FreeBSD :: FreeBSD Presentations and Papers</a></h5><div></div></header><div></div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
feld (feld@bikeshed.party)'s status on Wednesday, 21-Sep-2022 23:37:27 JSTfeld
in reply to
- Sexy Moon
- Hélène
A few of the security guys on FreeBSD's team work/have worked in malware research and just laugh at OpenBSD because the stuff they implement is bypassed by modern malware all the time, so I don't worry too much

The bleeding edge security research in *nix land is happening by some FreeBSD devs and it's called CHERI. This is the real solution. Not rewriting everything in Rust. Not implementing all the performance killing nonsense that OpenBSD implements. (And FreeBSD's Capsicum is better than OpenBSD's Pledge; Pledge is just easier to use)

But honestly. CHERI is the future. That's how we solve the problems that plague us.

https://papers.freebsd.org/2019/bsdcan/davis-cheriabi/
In conversationWednesday, 21-Sep-2022 23:37:27 JST from bikeshed.partypermalink
Attachments
1. Domain not in remote thumbnail source whitelist: www.freebsd.org
  CheriABI: Hardware enforced memory safety for FreeBSD :: FreeBSD Presentations and Papers

Public

Embed Notice

HTML Code

Corresponding Notice