Posts by Dan 55

Re: I've never used anything but Firefox...

So two commentards don't understand tech?

Re: Firefox everywhere

I honestly wonder how Palemoon (based on v52) can still render websites now, given Waterfox Classic (based on v57) ended up unable to render many of the ones I visited and I ended up going back to Firefox.

Re: WRONG

It's just a shame you removed it from SourceForge so there's no proof of that any more.

Re: WRONG

Oh, look who's turned up to sell their snakeoil version of Typescript for C by spamming an article on memory safety.

Re: Skype sucks

Don't understand why you were downvoted four times for that.

I'm guessing the number of active users is not very high these days otherwise MS wouldn't have removed adverts.

Re: Faulty Fuse

I can only imagine a US inspector's face seeing that craziness.

Are you talking about the same US building code which means the safest place in the house is the bathroom because other areas in the house don't need an RCD (GFCI) protecting them?

Re: Faulty Fuse

His reviews about the dangerous fuses got deleted from the product pages though.

Golf clap for Amazon. Again.

Re: Y2K24?

I can't help but wonder what would have happened if today's development, testing, and agile practices were used in the late 90s to fix Y2K code.

I've never understood widely-held idea in US software circles which consists of the CEO wiping their arse on a piece of paper and calling it an EULA or T&Cs and this apparently makes the seller or service provider invulnerable to their customers. I suspect we're about to find out it's not true.

Re: Remember the days...

There are also differences due to JavaScript engine/privacy settings/built-in browser login service. You could go ahead if you wanted to but I wouldn't be confident enough to test only against a test suite.

Re: Remember the days...

Developers would develop targeting HTML5 but it's still necessary to check Safari, Chrome, and Firefox at a minimum because each engine slightly has a different interpretation of the standard.

Re: Remember the days...

"We can't be bothered to test with this browser."

Re: Just bad luck?!

As long as the anti-virus industrial complex claims that the danger they protect against is so great that they must react so fast there's no time to properly test and as long as CSO and CTOs believe that their computers are protected by the snake oil sold by these companies, nothing will change.

Re: RE: examples that have done better

Only Crowdstrike isn't necessary for a system to boot properly anyway. That flag shouldn't really be set for it.

The EU only said that whatever MS did for their own endpoint software, they should offer third parties the same access that they have themselves.

MS could have developed a security endpoint API for themselves and third parties but instead they decided to allow kernel access for themselves and 3rd parties via kernel drivers.

That doesn't excuse Crowdstrike's shonky code of course.

If CrowdStrike hadn't set boot start we wouldn't even be having a discussion.

Or if Microsoft hadn't signed off on that driver due to that flag. They could always have said no.

Re: RE: examples that have done better

AVs and endpoint security software by definition has to be up to date. MS could develop an API and make developers transition over simply by not signing off any more WHQL drivers for this kind of software after a certain date. It wouldn't break any other decades-old software, why would it?

So the remaining question is it even an option in their kernel architecture. It should be. Can they make the necessary changes to accomplish this? That's up to MS. If they can't it doesn't bode well for future improvements to Windows that aren't just rejigging the UI.

If it turns out they can't then they should at least make recovery easier. Return F8 and "last known good configuration" to the boot sequence and make recovery from failed driver loading easier and more automatic.

Re: Canary releases?

Or the security industry is too used to moving fast and breaking things?

With a product such as Crowdstrike, only used by enterprises, the chances of giving attackers info is slim.

Yes, they have to go to the kernel to be effective.

They don't have to on macOS.

It goes in the kernel so that it has more visibility and control over what happens. There are some things that can't be done from user space at all, for perfectly good security reasons, and others which can't be done efficiently from there.

Only because MS never made an endpoint security API to make this stuff accessible from userland. Something like this, which Crowdstrike uses on the Mac version.

Please let's not defend Window's architecture as the way things must be when we have two examples in alternative OSes of how it can be done better.

Apparently a bug in RHEL's eBPF implementation?

Try the Consent-O-Matic add-on for Firefox, Firefox Android, and Chrome. It automatically clicks the "no" checkboxes for you for many GDPR pages.

Re: A very measured "this wouldn't have happened on Linux"...

I don't see any Linux kernel bug there, just Crowdstrike trashing kernel memory structures then the kernel crashing as a result.

Now this doesn't happen on Linux because of eBPF. One of the eBPF checks is "programs dereferencing pointers without safety checks" which is exactly what happened on Windows.

Windows really needs its own version of eBPF.