More

actionfromafar · 2025-03-14T00:50:40 1741913440

I don't know which Gripen they are looking to buy but there's an old one and a new one ("EF").

actionfromafar · 2025-03-14T00:06:05 1741910765

So it's not Internet Explorer core library for Linux, Windows and MacOS.

gibbitz · 2025-03-14T00:22:22 1741911742

Dang it!

actionfromafar · 2025-03-14T00:00:31 1741910431

This will surely stop the fentanyl?

actionfromafar · 2025-03-13T17:40:03 1741887603

The [0, 1, infinity] rule has been simplified to [1, infinity] rule.

actionfromafar · 2025-03-13T16:12:21 1741882341

Huh, so they had fizzbuzz in 1972!

actionfromafar · 2025-03-13T14:15:30 1741875330

Didn’t slap systemd hard enough.

thyristan · 2025-03-13T15:55:20 1741881320

Upstart was like slapping with a broken hand. Hurts the slapper much more than the slapee.

actionfromafar · 2025-03-13T13:54:02 1741874042

They should have kept at Upstart, but instead we got punished for our sins.

actionfromafar · 2025-03-13T11:13:55 1741864435

To silence Republican congressmen you don't have to threaten defenstration, merely a suggestion of being primaried will suffice.

actionfromafar · 2025-03-13T11:11:20 1741864280

The more they have contact with humans, the more they learn.

actionfromafar · 2025-03-12T10:43:02 1741776182

And the MacOS API is similar.

rollcat · 2025-03-12T11:44:28 1741779868

It's a bit more complicated. Ideally you'd only need libdyld.dylib and libSystem.B.dylib or so, but...

    $ echo 'package main; func main() {}' > nop.go
    $ go build ./nop.go
    $ DYLD_PRINT_LIBRARIES=1 ./nop 2>&1 | wc -l
          44

OpenBSD & macOS philosophies are often surprisingly aligned in certain ways, but OpenBSD is simple, macOS is comprehensive (and - TBF quite bloated).

nxobject · 2025-03-12T17:45:43 1741801543

That's a very fair assessment of Apple – IIRC a lot of early idiosyncratic hardening work in XNU world was done for the launch of the iPhone OS App Store, but it's only been (relatively) recently that they've started long-term initiatives systematically harden macOS on top.

rollcat · 2025-03-13T15:19:43 1741879183

I think it's also because a desktop is broadly considered a "power tool", you absolutely need it for systems development, and that is forever at odds with "iPhone-level" lockdown/security. Even if you'd start from scratch, you'd need a solid theoretical foundation (e.g. capabilities), and probably build up new metaphors on top.

I like what OpenBSD did with pledge&unveil. It gets "the first 80%" of the work done, it's easy for the developer, and invisible to the user.