Computers

[cervids]

On 7/25/2020 at 9:53 AM, WinterGreenWolf said:




There are kernel level exploits on Linux, such as 'Wasp Sting', and the infamous OpenSSL vulnerability 'HeartBleed'

Nitpick but none of those are "kernel level" vulnerabilities.  OpenSSL and the facilities used by HiddenWasp malware are all external to kernel code.

[WinterGreenWolf]

Right, I knew HB wasn't. I thought that WaspSting / HoddenWasp used a kernel schedular / allocation bug? Hmm, been a while. Plus, since I'm not an idiot I have no experience with HiddenWasp, hell I never give an application / program system level permissions unless I'm running system-level updates on my (fifteen-years-plus) Arch install, or am editing config files.




Hell if I need runlevels / work on systemd units: I have all my daemons running under their own segregated userlands (servers, routers..).

[cervids]

9 hours ago, WinterGreenWolf said:




I thought that WaspSting / HoddenWasp used a kernel schedular / allocation bug? Hmm, been a while.

You know, that rings a bell, so you may be right.




As you said it's been a while.  HiddenWasp is a nonissue now to any semi-skilled admin.

[WinterGreenWolf]

1 hour ago, cervids said:




You know, that rings a bell, so you may be right.




As you said it's been a while.  HiddenWasp is a nonissue now to any semi-skilled admin.

Damn straight. Good admin, good tooling and a solid sense of 'what the fuck am I doing?' is important.




I'm liking the look of the Rust programming language, I may even start writing in it too. I usually prefer C, but haven't programmed in Y E A R S, due to lack of motivation / ideas to write.




 

[cervids]

13 hours ago, WinterGreenWolf said:




Damn straight. Good admin, good tooling and a solid sense of 'what the fuck am I doing?' is important.




I'm liking the look of the Rust programming language, I may even start writing in it too. I usually prefer C, but haven't programmed in Y E A R S, due to lack of motivation / ideas to write.




 

I'm a high level language junkie.  It's not that I can't still write C, but once you have had Java/C# style facilities it gets hard to want to work without them.

[WinterGreenWolf]

I feel they get in my way. I prefer the open, yet dangerous landscape of low-level. Rust is kind of a low-level, but safe language.




 

[ZoobyDoobyDoo]

Yeah, Rust is nice. But if you try to do any sort of C interop involving a callback... it's a world of pain. Maybe it's gotten better from the last time I tried. But it was an absolute nightmare to get working. My personal preference is a managed language like C# unless I need to do anything low-level or where speed is crucial.

[WinterGreenWolf]

Mm, sounds about right. I've never gotten deep in Rust yet, but I do like my C. I think interop has improved though.




As for managed, never really been a huge fan.




 

[cervids]

On 6/14/2021 at 9:00 AM, WinterGreenWolf said:




I feel they get in my way. I prefer the open, yet dangerous landscape of low-level. Rust is kind of a low-level, but safe language.




 

Can't say I share that, but it may depend on the target projects we're working on, of course.




Can't really say much about what I work on, but high-level is mostly fine for it.

[WinterGreenWolf]

Oh absolutely, I can understand.




I just prefer to stay at kernel, driver, or even utility level v. high level GUI / business apps.