Announcement

Collapse
No announcement yet.

Rust-Written Redox OS Now Supports GDB Debugging

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • aht0
    replied
    Originally posted by Volta View Post
    Well, I have nothing against Rust, but it won't magically fix all of the vulnerabilities. I hope we'll see something interesting and performant written in Rust.
    It will never "fix all" but it will deal with the most common kind and numerous.

    Originally posted by Volta View Post
    It's not blabbing. I'm currently using Windows 10 and Windows 10 have dozens of trackers which are security vulnerabilities on their own. The only reason Windows feels more secure than its precedesors is Linux servers scanning traffic and searching for malware and viruses. I doubt Windows security checks improved much. In the past (maybe Windows 7 era) even if applications were stopped by the system it was too late, because it became affected already. Linux had some security mechanisms before Windows and flatpaks are step forward in this area. TOR project security advisors recommend to stay away from Windows. The security bug in browser was only exploitable in Windows. This tells much about Windows 'security':
    https://threatpost.com/tor-urges-use...indows/101825/
    You cannot counter insecure drivers with potential malware included (kernel level access) with an argument of "dozens of trackers", these things are not remotely in the same league. Tracker is just that, tracker - it's an issue of privacy not security, don't confuse the two - these concepts may overlap to the degree but they are not same. So, whatever Tor Project happens to claim is not really relevant - they are concerned about privacy leaks that may get their users ID'd.

    Even Linux employs telemetry, Linux Foundation has official policy regarding telemetry and it's employment even. Nvidia drivers have had telemetry for years now, KDE has internal telemetry. For that matter Ubuntu used to have Amazon "spyware" included to it. If it doesnt show the trend then I don't know what does.

    Security is not just matter of pure software/hardware vulnerabilities and fixing or preventing ones. Human factor is the threat as well. You can make software reasonably secure but idiot user may still override it. Windows tries to reduce it (all sorts of enablements of potentially damaging shit is behind multiple confirmation dialogues, group policies, specific commands from the command line interface or flat out impossible from the same running system). Linux distros do not seem to care to the point where installing packages is not even demanding user's password/confirmation in some distros.

    What I am trying to point out: Windows has market share of 90%+. It faces malware attacks routinely, it's a fact if life and most users know about the possibility. Linux desktop has market share of 1-2%, most of it's users still assume they are safe because they use linux, level of trust is higher and users are safe mostly because targeting them is not that cost-effective for malware-writers. To make Linux "as is" reasonably safe - see what Google had to do with Android. Yeah, Windows does not employ read-only file system but they chose something similar in the different sauce - files important to the OS are signed and when you alter, remove or change any - these will be automatically recovered to their original state.


    Btw, look up https://msmgtoolkit.in/ It will help you get rid of bloat in Win10. Including telemetry.

    Example of how many Apps I have left
    Last edited by aht0; 07-30-2020, 12:27 PM.

    Leave a comment:


  • Volta
    replied
    Originally posted by aht0 View Post

    Rust will fix one major source/type of bugs. Memory and type safety. Take a look at Linux (and Windows or BSD for that matter) past vulnerabilities, majority are exactly the kind Rust would prevent to happen. It's a progress, can't see why you folks get so touchy and demagogic over it.
    Well, I have nothing against Rust, but it won't magically fix all of the vulnerabilities. I hope we'll see something interesting and performant written in Rust.

    your "windows is insecure by design" blabbing shows plainly you have ZERO IDEA, your last used Windows was XP without service pack or you simply beat particular ideological drum not caring about it's truthfulness.

    Linux desktop, depending on distro, is in my eyes somewhere between Windows ME and XP when it comes to desktop security. Yeah, between ME and XP. It does not come even close to more recent NT (8.1-10).
    Why? There's no built-in antimalware - in fact, to find Linux desktop using any kind of antivirus/antimalware is hard. Most users go cheerfully without. As cheerfully they would go and install "best and freshest" from unofficial 3rd party repos authored by unknowns.

    Windows has whole bunch others security checks Linux has never seen. Executables originating from unknown sources have to be manually allowed, loading drivers which have no valid digital signatures is impossible without altering the state of the system (large "Test Mode" proclaimed in the right bottom of the desktop), 3rd party apps lacking digital signature by its dev are not being run without user's manual override.. I wont even start with enterprise shit like policies enforced centrally..
    If malware writers would actually bother with writing malware against Linux more and target desktop, it'd be painful waking up..
    It's not blabbing. I'm currently using Windows 10 and Windows 10 have dozens of trackers which are security vulnerabilities on their own. The only reason Windows feels more secure than its precedesors is Linux servers scanning traffic and searching for malware and viruses. I doubt Windows security checks improved much. In the past (maybe Windows 7 era) even if applications were stopped by the system it was too late, because it became affected already. Linux had some security mechanisms before Windows and flatpaks are step forward in this area. TOR project security advisors recommend to stay away from Windows. The security bug in browser was only exploitable in Windows. This tells much about Windows 'security':

    https://threatpost.com/tor-urges-use...indows/101825/

    Leave a comment:


  • aht0
    replied
    Originally posted by Volta View Post

    Looks like we have a problem with bsdead fanboys here. The first one is delusional, because redox is just a toy OS (to forestall stupid argument: 30 years ago operating systems were incomparably less advanced and hardware was very limited, so it was easier to create system like Linux and became successful). The second one is delusional as well. Do you claim rust will magically fix intel CPUs vulnerabilities?
    Rust will fix one major source/type of bugs. Memory and type safety. Take a look at Linux (and Windows or BSD for that matter) past vulnerabilities, majority are exactly the kind Rust would prevent to happen. It's a progress, can't see why you folks get so touchy and demagogic over it. In systemd threads many dissenters were sneeringly told to 'go write your own and better alternative or shut up' - now, when some bunch actually is writing alternative in even bigger scale, largely same crowd gets whiny, hostile and hyperaggressive..

    Windows.. I actually do use Windows for gaming, daily, why you would drag #bsddead into discussion.. I am familiar enough with Windows limitations and advantages.

    your "windows is insecure by design" blabbing shows plainly you have ZERO IDEA, your last used Windows was XP without service pack or you simply beat particular ideological drum not caring about it's truthfulness.

    Linux desktop, depending on distro, is in my eyes somewhere between Windows ME and XP when it comes to desktop security. Yeah, between ME and XP. It does not come even close to more recent NT (8.1-10).
    Why? There's no built-in antimalware - in fact, to find Linux desktop using any kind of antivirus/antimalware is hard. Most users go cheerfully without. As cheerfully they would go and install "best and freshest" from unofficial 3rd party repos authored by unknowns.

    Windows has whole bunch others security checks Linux has never seen. Executables originating from unknown sources have to be manually allowed, loading drivers which have no valid digital signatures is impossible without altering the state of the system (large "Test Mode" proclaimed in the right bottom of the desktop), 3rd party apps lacking digital signature by its dev are not being run without user's manual override.. I wont even start with enterprise shit like policies enforced centrally..
    If malware writers would actually bother with writing malware against Linux more and target desktop, it'd be painful waking up..


    Leave a comment:


  • ssokolow
    replied
    Originally posted by gnulinux82
    Cool story. Why are all Rust users so cringe?
    You're operating on a misapprehension. There are plenty of Rust users who aren't "so cringe"... we just have better things to do than argue on forums.

    Leave a comment:


  • wswartzendruber
    replied
    Originally posted by gnulinux82

    I am just the equal and opposite reaction to disgusting Rust fanboyism.
    So that's why you asserted that Rust wouldn't help Microsoft with their memory access issues. You're full of crap, but from the other side. Very well.

    This exchange is over.

    Leave a comment:


  • wswartzendruber
    replied
    Originally posted by gnulinux82
    ...zero self-awareness, zero ability to accept criticism and absolutely no sense of intellectual honesty.
    You're saying this about the person who confessed inexperience and was intrigued by Rust's developments in error handling.

    What you say does apply to some people, but medetrich is not one of them. You, on the other hand, seem to have become the villain you so much despise.

    Leave a comment:


  • wswartzendruber
    replied
    Originally posted by gnulinux82
    No, it won't.
    Go on...

    Leave a comment:


  • lyamc
    replied
    There was a time when a program would have to be written in pure assembly. Then C came along and you had to trust that the compiler was successfully porting your code to the process architecture.

    I don't think that C is a language for people who don't know how to write assembly. Why write assembly when your compiler does the work?

    There is was a time when a program (if they want it to be fast) would have to be written with manual memory management. Then Rust came along and put that in the compiler.

    It seems to me that gnulinux82 is just complaining because it's popular. If you don't understand why it's popular, then perhaps it just doesn't solve any problems for you. That doesn't invalidate its usefulness for others.

    Leave a comment:


  • wswartzendruber
    replied
    Originally posted by gnulinux82

    Find some decent programmers. Rust won't save them.
    Rust won't save them from...you're missing an accusative noun. Rust won't save them from...memory errors?

    Yes, it will.

    Leave a comment:


  • goTouch
    replied
    Originally posted by gnulinux82

    Find some decent programmers. Rust won't save them.
    Tools are used and better tools are invented by human beings, and enable more people to do better job.
    If tooling was never improved, you could never train people to create more advanced product.
    Rust could surely save some people's life better than C/C++.

    Leave a comment:

Working...
X