Public
- Public
- Network
- Groups
- Featured
- Popular
- People

Notices by Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)

Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 08:39:49 JST Haelwenn /элвэн/ :triskell:
in reply to
- georgia
- Piggo :verified_horse:
@piggo @georgia Probably both.

In conversation about 9 hours ago from queer.hacktivis.me permalink
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 08:36:46 JST Haelwenn /элвэн/ :triskell:
- georgia
@georgia Also I guess inventor of that has no friends.

In conversation about 9 hours ago from queer.hacktivis.me permalink
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 08:34:04 JST Haelwenn /элвэн/ :triskell:
in reply to
- Haelwenn /элвэн/ :triskell:
- Sick Sun
@sun Or for another example on glibc systems, CVE-2023-4911 (glibc ld.so GLIBC_TUNABLES) would still work against sudo-rs instead of sudo.

Meanwhile a Go reimplementation of sudo could end up fine if cgo isn't used.
In conversation about 9 hours ago from queer.hacktivis.me permalink
Attachments
1. Untitled attachment
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 08:14:54 JST Haelwenn /элвэн/ :triskell:
in reply to
- Sick Sun
@sun > it also doesn't solve logical vulnerabilities

I know, see the vulns Pleroma had, Erlang and Elixir are memory-safe.

In conversation about 9 hours ago from queer.hacktivis.me permalink
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 08:12:43 JST Haelwenn /элвэн/ :triskell:
in reply to
- Sick Sun
@sun Sure but Rust Unsafe is basically Rust with few specific safety guarantees disabled.

Meanwhile issue with linking to C++/C/assembly/… is you do not have memory isolation, that's between processes.
For example Rust code linking to OpenSSL-Heartbleed is just as exploitable as C code would.

In conversation about 9 hours ago from queer.hacktivis.me permalink
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 08:00:30 JST Haelwenn /элвэн/ :triskell:
in reply to
- cool_boy_mew
@coolboymew Put the most anti-christ one you can think off instead? :D

In conversation about 10 hours ago from queer.hacktivis.me permalink
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 07:56:31 JST Haelwenn /элвэн/ :triskell:
in reply to
- Sick Sun
@sun Yeah in fact kind of fun that rust stdlib just links to the libc, rustc depends on LLVM (so C++) and cargo has quite a lot of dependencies in C and various kinds of assembly.

At least Go is more isolated there but for many years reference Go toolchain was in C.

In conversation about 10 hours ago from queer.hacktivis.me permalink
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 07:48:51 JST Haelwenn /элвэн/ :triskell:
in reply to
- Sick Sun
@sun And presenting logic to apply instead of "trust me bro, you do (not) need this" in a very general manner.

In conversation about 10 hours ago from queer.hacktivis.me permalink
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 07:46:38 JST Haelwenn /элвэн/ :triskell:
in reply to
- kaia
@kaia Given the evangelion plugsuit… I don't think that's even official merch.

In conversation about 10 hours ago from queer.hacktivis.me permalink
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 07:44:55 JST Haelwenn /элвэн/ :triskell:
in reply to
- Sick Sun
@sun Which is a dead argument because good luck quantifying software risks in such a broad manner, there's barely even have proper infra for communicating security issues to downstreams (like CVEs do) so stats would be seriously off.

Although I think you could say that not all software benefits from memory safety (like when there's little to no external input) and that all software benefits from taking dependency issues seriously.

In conversation about 10 hours ago from queer.hacktivis.me permalink
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 07:26:04 JST Haelwenn /элвэн/ :triskell:
in reply to
- Sick Sun
@sun Well except memory safety is a language feature, not a programmer skill, although you do have to pick the right language for what you need.

While dependency issues how is that not a skill issue?

In conversation about 10 hours ago from queer.hacktivis.me permalink
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 07:15:30 JST Haelwenn /элвэн/ :triskell:
in reply to
- kaia
@kaia Imagine seeing this during the apocalypse.

In conversation about 10 hours ago from queer.hacktivis.me permalink
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 06:12:47 JST Haelwenn /элвэн/ :triskell:
in reply to
- Lizzie Crowdagger :neocat_floof_flag_trans:
@crowdagger Ah oui, les chaines d'email je connais.

In conversation about 11 hours ago from queer.hacktivis.me permalink
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 06:11:31 JST Haelwenn /элвэн/ :triskell:
in reply to
- kaia
@kaia Well consider that the actual 50 users of GnuSocial back in like 2014 actually had a use for !groups :D

In conversation about 11 hours ago from queer.hacktivis.me permalink
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 05:53:11 JST Haelwenn /элвэн/ :triskell:

tfw BlueSky StarterPacks just made me think of !groups…
bocchi cris for missing pleroma features (!groups).jpg
Gnu Social Veteran !groups (oh fugg).jpg
In conversation about 12 hours ago from queer.hacktivis.me permalink
Attachments
1. bocchi cris for missing pleroma features (!groups).jpg
  https://queer.hacktivis.me/media/8684ab8c-5ba6-440c-9959-a1a5e348086c/bocchi%20cris%20for%20missing%20pleroma%20features%20%28%21groups%29.jpg
2. Gnu Social Veteran !groups (oh fugg).jpg
  https://queer.hacktivis.me/media/1c062e82-917c-4bc9-b345-52fb92ef4a9d/Gnu%20Social%20Veteran%20%21groups%20%28oh%20fugg%29.jpg
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 05:45:57 JST Haelwenn /элвэн/ :triskell:

heh, ended up finding this
Hotel Mario CD-I - Hey You Get Off My Cloud -FGYGCoGBw.mkv
In conversation about 12 hours ago from queer.hacktivis.me permalink
Attachments
1. Hotel Mario CD-I - Hey You Get Off My Cloud -FGYGCoGBw.mkv
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 05:41:12 JST Haelwenn /элвэн/ :triskell:
in reply to
- chjara
@chjara >implying DPRK has extra corn for popcorn

In conversation about 12 hours ago from gnusocial.jp permalink
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 05:39:52 JST Haelwenn /элвэн/ :triskell:
in reply to
- [GRLC] (⁠^⁠.⁠_⁠.⁠^⁠)⁠ﾉ :neocat_flag_sapphic:
@novenary mario_cd-i_no.MOV

In conversation about 12 hours ago from queer.hacktivis.me permalink
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 05:22:26 JST Haelwenn /элвэн/ :triskell:
in reply to
- Haelwenn /элвэн/ :triskell:
Which also means that one can diff from POSIX.1-2018:

https://hacktivis.me/tmp/posix-2018-2024-files.txt
In conversation about 12 hours ago from gnusocial.jp permalink
Attachments
1. Untitled attachment
  
  Invalid filename.
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 05:03:39 JST Haelwenn /элвэн/ :triskell:

\o/ POSIX.1-2024 available as archives: https://pubs.opengroup.org/onlinepubs/9799919799/download/
In conversation about 13 hours ago from queer.hacktivis.me permalink
Attachments
1. Domain not in remote thumbnail source whitelist: pubs.opengroup.org
  
  Download

Before

User actions

🦊🦄⚧🂡ⓥ :anarchy: 👿🐧 :gentoo: :sun:Pleroma maintainer (mostly backend); BadWolf developer; Gentoo contributor; Eternal upstreamerArch users needs to pacman -R works-for-me arch-btwMake the changes you want to see.Just because computer bad: X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*banner from: https://soc.flyingcube.tech/objects/56f79be2-9013-4559-9826-f7dc392417dbFederation-bots: #nobot

Tags