troed @ troed @fedia.io

HW/FW security researcher & Demoscene elder.

---

Read more

Posts

1

Comments

447

Joined

2 yr. ago

Agree. I'm an absolutely awesome software dev myself - and I know C by heart (being my favorite language after assembler). However, with age comes humility and the ability to recognize that I will write buggy code every now and then.

Better the language saves me when I can't, in security critical situations.

They can do that no matter if I federate with them or not.

My bad - I misread. Yeah that's a good point.

Why would you subscribe to those? Or are you claiming they would post ads as if they are from a user? In the latter case - the EU would shut them down before they even had time to deploy that.

Well sure - but you need to actively subscribe (e.g. pull).

Yeah, let's see what Bagder has to say about this:

C is unsafe and always will be

The C programming language is not memory-safe. Among the 150 reported curl CVEs, we have determined that 61 of them are “C mistakes”. Problems that most likely would not have happened had we used a memory-safe language. 40.6% of the vulnerabilities in curl reported so far could have been avoided by using another language.

Rust is virtually the only memory-safe language that is starting to become viable.

https://daniel.haxx.se/blog/2023/12/13/making-it-harder-to-do-wrong/

Citing scientific research is. Now, please post your gut feeling in response.

Figure 2: https://sci-hub.se/https://link.springer.com/article/10.1007/s11416-021-00379-x

Isn't that exactly the strawman the maintainer got tired of?

Do you believe C isn't crap when it comes to security? Please explain why and I'll happily debate you.

/fw hacker, reverse engineer

Lots of OSS is created by people who want to create something, and happily gives it away to others too.

The problem is when others start depending, and demanding, work from that person. There is no good solution to that problem at the moment.

C is crap for anything where security matters. I'll happily take that debate with anyone who thinks differently.

They can't place ads in your feeds.

ActivityPub is pull, not push. Threads isn't pushing anything into my feeds.

That's your opinion. It's problematic when people conflate their gut feelings for facts.

Have you? Or have you fallen for russian influence operations?

The ~1500 or so nuclear weapons Russia and the USA have in active service each are mostly much smaller tactical nukes compared to the insane my-dick-is-bigger-than-yours stuff that happened in the 60s.

It's awesome that Threads federate with Mastodon. I follow several accounts on Threads I otherwise wouldn't be able to, just as I bridge with Bluesky.

Me federating with Threads makes absolutely no difference whatsoever to what they could or could not do with my data.

Most nukes are targeted at the other side's nukes. Those aren't in population centers.

once a nuke launches, it's over for all of us

No, it really isn't. Nuclear winter and the idea of thousands of Tsar Bombas belongs to the 70s. Even in an all out nuclear war today using the full (working? - doubtful regarding Russia) arsenals it would be a catastrophe with hundreds of thousands of dead but mostly we'd be continuing on as before afterwards.

I grew up during "duck and cover" and iodine in the cupboard. That's not where we are anylonger.

Well. Aren't those two exactly what open source licensing is about?

Either you follow the license, or you are in violation of copyright.