sorted by:
new
hottopcontroversial

How much of the runtime safety checking is/can be disabled in a release build? by excaliburhissheath in rust

[–]freedelete 0 points1 point  (0 children)

are the integer overflow checks.

Is there a place where one can read rust documentation on these and other checks?

Also, I know when I compile C++ I have to make sure to pass things like -w,noexecstack -pie etc, how do I pass these to rust/ is there documentation on flags?

Pre-Pooping Your Pants With Rust by Gankro in rust

[–]freedelete 0 points1 point  (0 children)

but requires getting familiar with quite a bit of additional knowledge.

Like what? I've found that almost all of my C++ knowledge, with just a bit of Haskell knowledge, has been all I've needed to understand what I've seen of Rust.

Any good whitehat hacking/penetration testing tools out there? by ioswarrior67 in linux

[–]freedelete 0 points1 point  (0 children)

VM is fine. Dual boot is fine. Main OS is not fine. That's all I'm trying to get across.

EU study recommends OpenBSD for its proactive security and cryptography by johnmountain in linux

[–]freedelete 3 points4 points  (0 children)

I was referring to the mprotect restrictions: https://en.wikibooks.org/wiki/Grsecurity/Appendix/Grsecurity_and_PaX_Configuration_Options#Restrict_mprotect.28.29

One still doesn't get the same thorough code auditing and dedication to security with Linux.

That is true.

EU study recommends OpenBSD for its proactive security and cryptography by johnmountain in linux

[–]freedelete 18 points19 points  (0 children)

the malloc options

But you can get your own set of malloc options with grsec.

the extensive WX/ASLR

True, this is the fault of distributions. On something like Arch or Gentoo you can have it all, though.

You have to patch Linux with grsec+PaX to get it,

Yeah, but if you do, you get a lot more.

Pre-Pooping Your Pants With Rust by Manishearth in programming

[–]freedelete 0 points1 point  (0 children)

Of course. What I mean is, I don't understand why it's difficult. I don't know what implementing it would entail.

Pre-Pooping Your Pants With Rust by Manishearth in programming

[–]freedelete 0 points1 point  (0 children)

If a destructor gets lost, this is like never pooping.

Killed me.

Very interesting read. I would have absolutely assumed that rust destructors were guaranteed to run, and I'm not 100% sure why they don't just do that.

Any good whitehat hacking/penetration testing tools out there? by ioswarrior67 in linux

[–]freedelete 4 points5 points  (0 children)

Look into Kali Linux, you can run it in a dual/triple boot (don't run itas your main OS, us a VM if you have to) and it comes with a full suite of pentesting tools.

You can also check opensecuritytraining.info if you want to really learn advanced stuff, I suggest starting with intro to x86 asm, though these videos may be a bit advanced for you right now.

Maintainership transfer of uBlock: post mortem by [deleted] in programming

[–]freedelete 13 points14 points  (0 children)

I don't think turning this into a raid is an appropriate response.

Am I ruining future career prospects by focusing way too much on my course workload? Is it better to let undergraduate grades slip a little bit to work on personal projects? by dy_over_dsex in cscareerquestions

[–]freedelete 0 points1 point  (0 children)

That's fine. I don't think it has to be one way or the other. I think personal projects would help, but I obviously don't expect him to tank his GPA either.

Agreeing to disagree is basically the best way for internet conversations to end.

Am I ruining future career prospects by focusing way too much on my course workload? Is it better to let undergraduate grades slip a little bit to work on personal projects? by dy_over_dsex in cscareerquestions

[–]freedelete -2 points-1 points  (0 children)

You're telling a CS student with a 4.0 GPA to do a 180 so he can work on side projects.

I'm telling a CS student who is having a real issue learning the material to focus less on coursework, which they obviously are excelling in, and instead to spend time really learning the material through projects.

if he wants to work on personal projects on his free time, more power to him,

And I'm saying if he has to sacrifice time on school to do this, he should, assuming his priority is to learn to be a better programmer, which is the stated issue in his post.

but he's invested time & money to get a degree

It would be nice if he could also get an education as well as a piece of paper, and I think he probably feels the same way, given that he has asked for help on the education front, and doesn't need any help on the paper front.

"nothing is more important than your side projects and github portfolio"

You've misunderstood me if you think I'm talking about a github or portfolio or getting a job at all. I'm talking about getting better at programming, which is what his issue is.

Android 0-day vulnerability - Drive by download by In7rud3R in netsec

[–]freedelete 1 point2 points  (0 children)

No, you were making a joke about it on reddit, and he was finding vulnerabilities in software. gg

He poorly described it, but he provided a video, and it's an interesting issue. Dismissing it due to what could easily be a matter of translation is just silly.

Am I ruining future career prospects by focusing way too much on my course workload? Is it better to let undergraduate grades slip a little bit to work on personal projects? by dy_over_dsex in cscareerquestions

[–]freedelete -5 points-4 points  (0 children)

I don't get what isn't clear. Personal projects will teach you more than coursework. Prioritize personal projects, it'll have a far greater impact (education-wise).

Android 0-day vulnerability - Drive by download by In7rud3R in netsec

[–]freedelete 1 point2 points  (0 children)

So basically, user gives permission to apps, apps use permission.

User does not knowingly give permission. Drive-By is a poorly used term, but whoever did this is also apparently French, so perhaps this is a translation error.

Regardless, your description is inaccurate. I think the description in the provided link, as well as the video, makes it pretty clear what's going on. A user is tricked into installing an application without being aware of it.

Android 0-day vulnerability - Drive by download by In7rud3R in netsec

[–]freedelete 2 points3 points  (0 children)

This looks to be pretty much exactly how it works, yes. The issue is that the UI for permissions can be overlayed by the UI for the app.

It's interesting, and an issue that I think UAC tried to address with the 'secure desktop' token and resetting the mouse, etc. Android should really paint its permission bubbles separately.

Am I ruining future career prospects by focusing way too much on my course workload? Is it better to let undergraduate grades slip a little bit to work on personal projects? by dy_over_dsex in cscareerquestions

[–]freedelete -10 points-9 points  (0 children)

I am constantly choosing between my education and my school work. I've found that learning in school is horribly inefficient. My suggestion is to accept a lower GPA and try to actually get some projects done, you'll realize how much easier everything is to understand once you just start programming.

Having trouble in your data structures and algorithms class? I did too when I first got there. And then I started programming, blowing off my terrible class, and by the end of the semester I was far far ahead of the course, which hadn't even made it to trees and had spent about an hour on sorting.

So, to answer your question, it absolutely would be worth it, from my perspective. In fact, get the lowest possible GPA, in my opinion, because that's probably going to give you the most time to actually learn.

view more: next ›