Hacker News new | past | comments | ask | show | jobs | submit | actionfromafar's comments login

I don't know which Gripen they are looking to buy but there's an old one and a new one ("EF").

So it's not Internet Explorer core library for Linux, Windows and MacOS.

Dang it!

This will surely stop the fentanyl?

The [0, 1, infinity] rule has been simplified to [1, infinity] rule.

Huh, so they had fizzbuzz in 1972!

Didn’t slap systemd hard enough.

Upstart was like slapping with a broken hand. Hurts the slapper much more than the slapee.

They should have kept at Upstart, but instead we got punished for our sins.

To silence Republican congressmen you don't have to threaten defenstration, merely a suggestion of being primaried will suffice.


The more they have contact with humans, the more they learn.

And the MacOS API is similar.

It's a bit more complicated. Ideally you'd only need libdyld.dylib and libSystem.B.dylib or so, but...

    $ echo 'package main; func main() {}' > nop.go
    $ go build ./nop.go
    $ DYLD_PRINT_LIBRARIES=1 ./nop 2>&1 | wc -l
          44
OpenBSD & macOS philosophies are often surprisingly aligned in certain ways, but OpenBSD is simple, macOS is comprehensive (and - TBF quite bloated).

That's a very fair assessment of Apple – IIRC a lot of early idiosyncratic hardening work in XNU world was done for the launch of the iPhone OS App Store, but it's only been (relatively) recently that they've started long-term initiatives systematically harden macOS on top.

I think it's also because a desktop is broadly considered a "power tool", you absolutely need it for systems development, and that is forever at odds with "iPhone-level" lockdown/security. Even if you'd start from scratch, you'd need a solid theoretical foundation (e.g. capabilities), and probably build up new metaphors on top.

I like what OpenBSD did with pledge&unveil. It gets "the first 80%" of the work done, it's easy for the developer, and invisible to the user.


Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: