Comment Re:Problems with Linux that should have been solve (Score 1) 751
SELinux is not hard to deal with, especially in targetted mode. Otherwise I agree.
SELinux is not hard to deal with, especially in targetted mode. Otherwise I agree.
The examples given mostly have nothing to do with the languages having vulnerabilities at all (I only read the Python section as I'm most familiar).
For goodness sake, none of those were privilege escalation or remote access attack vectors. Yes, if you allow the user to specify their environment variables (like PAGER and EDITOR) they'll get executed *as that user* which is known behaviour.
They'll just embed the NIC controller in the CPU alongside the memory controller and the VGA garbage.
Exactly what I was thinking -- if a backdoor were available, this wouldn't be such a problem for those involved lol.
So wait, you *support* Apple charging more for a device with less technology?
I'm sorry but I know who I'm going to mock, and its you.
They obviously didn't test it against a modern 4k phone display like https://www.sonymobile.com/ca-...
458ppi? Try 806. What a laugh.
Public key cryptography has been the solution for a long time, we've just shot ourselves in the feet by not implementing it on the client side.
Client-side certificates for instance, SSH keys, PGP/GPG keys -- they're all examples of public key cryptography that works to secure data and requires the user to only remember one good password instead of many.
We have had client-side certificates forever. They make HTTPS more secure, they make us safer, they solve most of our password problems. Why aren't we using them?
Also the frequently changed complex password requirements make passwords less safe, not more.
If you live in Canada, there's a federal commissioner for privacy you can contact. In Ontario specifically, you should be filling out this form:
https://www.ipc.on.ca/wp-conte...
I would strongly suspect (from experience) that the kid did do it just for the challenge.
"Why haven't you done it" is the most idiotic open source response in the world designed to put people in their place as though somehow a person who can't write software (or doesn't have time) doesn't deserve an opinion.
Only if the encryption routines in the software are securely implemented and only if there isn't an error in the libraries they linked to and only if and only if
ECC memory has been available for a long time and most servers use it, I have no idea why voting machines and other important devices wouldn't.
C++ is not C and C is not C++.
Then again if you claim to be a programmer who can't pick up python in a few sittings, you don't deserve the title.
"Ninety percent of baseball is half mental." -- Yogi Berra