Announcement

Collapse
No announcement yet.

Linux Kernel Exploit Affecting Linux 3.3 To Linux 3.8

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #51
    Originally posted by Cthulhux View Post
    Well, how do they say? "Open source is more secure because more people can see what's going on". Hahaha. Great.
    more secure =/= 100% bullet proof

    =>

    your post makes absolutely no sense

    =>

    you are just a troll or need mental help

    Comment


    • #52
      Originally posted by johnc View Post
      Yup, and I've never said any different.



      It's definitely the right choice for a kernel (and many other things), but that doesn't change the fact that it's the worst language imaginable.
      in that case your imagination is quite short sighted and your experience too.

      Comment


      • #53
        Originally posted by dee. View Post
        You can create GTK GUIs with Glade, which are saved as XML files, which are then used by the C code that Vala produces - or if you want I guess you can embed the XML file in the C code although doesn't it make more sense to keep it as separate XML so you don't have to recompile every time you make an interface adjustment? - which is then compiled to machine code.
        It is important GUI to be defined in generated code where every GUI widget is object, which can be directly and type-safely modified and used for connecting signals. Parsing XML file during runtime makes application less reliable because application isn't 100% native and type-safe.

        Comment


        • #54
          Originally posted by varikonniemi View Post
          [...]
          Why has not Linux foundation put up some prize money for reported 0-day vulnerabilities? Would it be such a burden for such an organization to promise 10k$ for every submitted 0-day root exploit or something similar? 10k would be huge money for a security researcher but pocket change for Linux foundation. This would encourage the 0-day to be reported rather than sold for profit.
          Looks like you're not that updated on the security researcher industry. 10k is pocket change to a security researcher with a loose moral code. I still think it's a good idea though, since it might get some of the holes less tricky to find.

          Comment


          • #55
            Originally posted by runeks View Post
            Looks like you're not that updated on the security researcher industry. 10k is pocket change to a security researcher with a loose moral code. I still think it's a good idea though, since it might get some of the holes less tricky to find.
            but then that puts security bugs in a class separate from every other kind of bug. developers will be more interested in fixing a hard to exploit vulnerability than a easy to trip bug that quietly corrupts data. linux will become incredibly secure, but the other important bugs will be ignored.

            Comment


            • #56
              Originally posted by tvall View Post
              but then that puts security bugs in a class separate from every other kind of bug. developers will be more interested in fixing a hard to exploit vulnerability than a easy to trip bug that quietly corrupts data. linux will become incredibly secure, but the other important bugs will be ignored.
              Not to mention the potential for abuse. Two people could collude to first introduce an exploit to the kernel, then "find" and "fix" it... yes it's a long shot but why provide the incentive.

              Comment


              • #57
                Originally posted by johnc View Post
                Yup, and I've never said any different.

                It's definitely the right choice for a kernel (and many other things), but that doesn't change the fact that it's the worst language imaginable.
                If you think C is the worst language imagineable, your imagination is pretty limited:
                -assembler (any PDP, VAX, x86, mips, your choice!)
                -COBOL
                -Try learning FORTRAN77.
                -INTERCAL-here's Hello, World:
                Code:
                DO ,1 <- #13
                PLEASE DO ,1 SUB #1 <- #238
                DO ,1 SUB #2 <- #108
                DO ,1 SUB #3 <- #112
                DO ,1 SUB #4 <- #0
                DO ,1 SUB #5 <- #64
                DO ,1 SUB #6 <- #194
                DO ,1 SUB #7 <- #48
                PLEASE DO ,1 SUB #8 <- #22
                DO ,1 SUB #9 <- #248
                DO ,1 SUB #10 <- #168
                DO ,1 SUB #11 <- #24
                DO ,1 SUB #12 <- #16
                DO ,1 SUB #13 <- #162
                PLEASE READ OUT ,1
                PLEASE GIVE UP

                Comment


                • #58
                  Originally posted by Ibidem View Post
                  -INTERCAL-here's Hello, World:
                  Code:
                  DO ,1 <- #13
                  PLEASE DO ,1 SUB #1 <- #238
                  DO ,1 SUB #2 <- #108
                  DO ,1 SUB #3 <- #112
                  DO ,1 SUB #4 <- #0
                  DO ,1 SUB #5 <- #64
                  DO ,1 SUB #6 <- #194
                  DO ,1 SUB #7 <- #48
                  PLEASE DO ,1 SUB #8 <- #22
                  DO ,1 SUB #9 <- #248
                  DO ,1 SUB #10 <- #168
                  DO ,1 SUB #11 <- #24
                  DO ,1 SUB #12 <- #16
                  DO ,1 SUB #13 <- #162
                  PLEASE READ OUT ,1
                  PLEASE GIVE UP
                  I think there was an assumed "serious" in there somewhere. I don't think languages created with express intention of being terrible really count.

                  Comment


                  • #59
                    Originally posted by TheBlackCat View Post
                    I think there was an assumed "serious" in there somewhere. I don't think languages created with express intention of being terrible really count.
                    Somewhat serious but with A LOT of hyperbole.

                    Comment


                    • #60
                      Originally posted by TheBlackCat View Post
                      I think there was an assumed "serious" in there somewhere. I don't think languages created with express intention of being terrible really count.
                      I figured if he was using hyperbole, I was free to throw in a couple joke languages
                      But COBOL and FORTRAN77 make C look incredibly clean.

                      Comment

                      Working...
                      X