• poVoq
    cake
    link
    fedilink
    arrow-up
    17
    arrow-down
    1
    ·
    edit-2
    2 years ago

    deleted by creator

    • ᗪᗩᗰᑎ
      link
      fedilink
      arrow-up
      11
      arrow-down
      1
      ·
      edit-2
      3 years ago

      Another thing to point out is that he states how the Linux kernel has hundreds of vulnerabilities found compared to other OS’s. Well yeah, Linux is open source and literally any researcher/security expert can read the code to find bugs. Good luck trying to do the same with Windows or MacOS.

      Lastly, most Linux distros are “complete” in the sense that you generally (or at least for the majority) don’t have to install much software outside of whats already in your distribution’s repos; you’re not having to google/download sketchy apps, so this threat model of rogue apps trying to hack/steal your data is minimal, if not non-existent.

      The real problem is those systems (Windows, MacOS, iOS, Android) all have an app store where a ton of developers are trying to make money off of you in any way possible by stealing your data/invading your privacy, so they had to build a permission system because you can’t trust those random people. You can generally trust your Linux distro to not package malware and can safely install any app that’s available.

      Edit: I should add, its still a good writeup. I think he makes some good points and it would be great to see Linux improve in some areas, even if the problem doesn’t really exist as much as it does for the more commercially backed operating systems.

        • ninchuka
          link
          fedilink
          arrow-up
          7
          arrow-down
          3
          ·
          edit-2
          3 years ago

          how the fuck is reverse engineered code easier to read then the source code?? that makes no sense what so ever

    • SeerLite
      link
      fedilink
      arrow-up
      3
      ·
      3 years ago

      Running everything sandboxed even if the software that’s being run is FOSS and comes from trusted sources doesn’t sound too bad though. Just another layer of defense. What are the potential security issues this could cause?

      • poVoq
        cake
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        edit-2
        2 years ago

        deleted by creator

        • pinknoise
          link
          fedilink
          arrow-up
          3
          ·
          edit-2
          3 years ago

          Just a bunch of stupid bugs can turn your well behaved code into malware. You should not trust any code to do what you think it does, especially if you have written it yourself. If it’s possible to enforce fine grained access control and isolation then it should be done.

          the web would be pretty much unusable without javascript.

          Imo it would be a better place without it

            • pinknoise
              link
              fedilink
              arrow-up
              3
              ·
              edit-2
              3 years ago

              And a lot of the impacts of bugs can be more easily mitigated against with general system improvements

              Yes and these improvements will converge to be a sandboxed environment. Even original unix had (weak) process isolation and ACL’s. Should we go back to cooperative multitasking because a scheduler is bloat? No, because it’s not practical. Should we remove all exploit mitigations and fix all the bugs instead? No, because it’s not practical. For reasonably complex programs we can’t tell if they are bug-free and even if we could the hardware it runs on may have bugs. The best we can do is minimize the impact a glitched program can realistically have.

              Rust is the better idea then wrapping everything in a sandbox.

              Rust prevents a range of stupid bugs that don’t have to happen. (plus other cool stuff) It can’t prevent logic bugs. Say e.g. you have a server with an unintentional arbitrary file inclusion. Would you rather like to wait for the bug to be fixed and be completely vulnerable in the meantime or have the impact limited to the files the server process/user is explicitely allowed to access?

              In fact it had stuff like Shockwave and Flash

              Sure, compared to those (whose turing completeness javascript predates btw.) it’s nice but no builtin RCE at all is still the better solution.