@YLatynina А зачем как лучше? Вы же сами говорили что русские как жили так и будут жить в говне
Русский
Platon Makovsky
10.1K posts
Platon Makovsky
@Fixer0736
И ты будешь волков по земле плодить, и учить их вилять хвостом. А то, что потом придётся платить, так ведь это ж, пойми, потом.
Hell, MI Beigetreten Ekim 2012
229 Folgt35 Follower
Дарья, тут я с вами абсолютно согласна, что критиковать власть в России - опасно. В России - атмосфера абсолютной несвободы и страха. Стратегически это катастрофа. Но мой point был в другом.
А именно - в том, что власть можно и нужно критиковать из любви к стране, а не из ненависти к стране. И любая нормальная оппозиция (вы-то как раз являетесь нормальной оппозицией, а Боня нет, это не ее задача) исходит из позиции "я хочу сделать для страны лучше".
Реальный оппозиционер может заблуждаться, не знать, что лучше, страшно ошибаться - но его исходная идея, если он хочет добиться власти, должна быть "давайте сделаем, как лучше". А не "давайте обоснуем как-нибудь красиво, почему эту страну надо стереть в порошок". Только это не оппозиция, а называется другим именем.
Дарья Хейкинен@kheikinend
Нет, безопасно это делать нельзя. Российские власти одинаков щемят нацболов, либералов, националистов, деколонизаторов и кого угодно, кто высказывается против власти с абсолютно любой позиции (не говоря уже о том, что Боня, кажется, находится не в России)
Русский
@eraser0110 She’s reliving the trauma inflicted upon her with the rape. She’s doing it to feel a sense of control that she didn’t have
English
@meekaale @LukasHozda I’ve already talked to Fil about this, he said the same thing. U can read a bit of this thread:
Platon Makovsky@Fixer0736
@filpizlo In cpp casting the const qualifier away and writing into a const variable under gcc has different behavior on x64 and arm64 according to compiler explorer - indicative of ub.
English
@Fixer0736 @LukasHozda indeed, the spec doesn't define the semantics so the compiler is free to choose some behavior; Fil-C's behavior is perfectly predictable, memory safe, in accordance with the general C memory model, and matches what many other compilers would do
English
Rust and Fil-C approaches to mem safety are uncomparable
Fil-C introduces a runtime with a GC and naturally a perf&RAM penalty to ensure your programs crash safely
Rust tries to prevent most violations at compile-time so your programs will crash less. You need one or the other
The Lunduke Journal@LundukeJournal
Fil-C is an interesting project. It seems to me to be a reasonable approach. “Memory safety” in existing C code. If being “memory safe” is truly the goal, this accomplishes that far more rapidly and completely (without needing to scrap well tested code) than Rust.
English
@meekaale @LukasHozda It’s A:H therefore it can be exploited. Also, we’ve been arguing whether it’s a memory safety issue and while that’s up for discussion, what isn’t is that this is a vulnerability caused by violating a type qualifier.
English
@Fixer0736 @LukasHozda it's a page fault due to a thwarted write to read only memory, not an exploitable memory safety issue
English
@meekaale @LukasHozda You claimed violating const could never lead to a situation where an attacker could gain "control of the program" - a vulnerability. And I'm showing you that there are documented cases where it caused a vuln
English
@Fixer0736 @LukasHozda the first one is a page fault crash which is not a memory safety violation, the second one is just a buffer overflow that also mentions a const violation incidentally as an undefined behavior problem but Fil-C does not have undefined behavior
English
@meekaale @LukasHozda It can lead to vulns and it has:
nvd.nist.gov/vuln/detail/CV…
github.com/qualisys/quali…
English
@Fixer0736 @LukasHozda it's better described as a violation of a type system constraint but it can never in itself lead to the weird execution that is the essential problem with memory safety violations letting attackers gain control of the program
English
@meekaale @LukasHozda Reasonable in this case meaning violations of a type's invariant?
English
@Fixer0736 @LukasHozda it does not require accessing memory outside the pointer allocation or outside the value's lifespan; the semantics are completely undefined by the standard, and like all undefined behaviors, Fil-C implements it with reasonable memory safe semantics
English
@meekaale @LukasHozda This doesn't answer my question. Why is modifying a non-modifiable lvalue not a memory safety issue according to you?
English
@Fixer0736 @LukasHozda it's just not what memory safety refers to, it's a different class of problem and it's also not what actual vulnerabilities exploit; allocation granularity is a real thing... but again y'all are basically just complaining
English
@meekaale @LukasHozda Do u want to? The things that cause UB in unsafe rust are confined in one rustnomicon article. Conversely the J annex of the C spec on UB is over 10 pages long
English
@Fixer0736 @LukasHozda wanna go through all the ways in which Rust is actually unsafe? and take every single one as a reason to dismiss the whole language? without any actual reasoning about tradeoffs or security?
English
@meekaale @LukasHozda Per the spec const defines an lvalue that shan’t be modified. How is modifying it anyway anything but a memory safety issue?
Overwriting neighboring fields in a struct can absolutely lead to a vuln as well as producing an invalid value of a certain type
English
@Fixer0736 @LukasHozda writing to const variables is not a memory safety issue; allocation granularity matters but I don't think you're arguing about actual security engineering here, it seems like you're basically just complaining
English
@meekaale @LukasHozda Well, there’s this example. Fil-C will also happily let u override const variables with no consequences, const (and volatile for that matter) is meaningless there and that’s by design x.com/cryze107/statu…
CryZe@CryZe107
@HSVSphere Turns out Fil-C only adds protections on the very highest allocation layer. Any sort of memory violation within an allocation is just straight up not caught. So much for being safer than Rust. Notice how I am not only writing OOB into a float, but also into padding.
English
@LukasHozda wdym you need one or the other?
Fil-C's approach is much more comprehensively memory safe; the prevalence and necessity of the unsafe escape hatch in Rust means especially from a post-Mythos perspective, Rust crates are still basically unsafe until proven safe through auditing
English
@LundukeJournal But it isn’t memory safe x.com/cryze107/statu…
CryZe@CryZe107
@HSVSphere Turns out Fil-C only adds protections on the very highest allocation layer. Any sort of memory violation within an allocation is just straight up not caught. So much for being safer than Rust. Notice how I am not only writing OOB into a float, but also into padding.
English
Fil-C is an interesting project. It seems to me to be a reasonable approach.
“Memory safety” in existing C code.
If being “memory safe” is truly the goal, this accomplishes that far more rapidly and completely (without needing to scrap well tested code) than Rust.
Filip Jerzy Pizło@filpizlo
If you're not in the list of organizations or researchers blessed by Anthropic to have Mythos, then at least you can run memory safe Linux components for free thanks to Fil-C. Folks have reported being able to compile mail servers, web servers, and lots of other stuff with Fil-C with zero changes. Most recently, I got snort3 to work in Fil-C. If you're brave enough, you can even build a memory-safe browser (with full JS support!). If you want to mess around with Fil-C without installing anything as root: fil-c.org/install_pizfix If you want to install Fil-C in /opt/fil along with memory safe sshd and lots of other memory safe tools: fil-c.org/install_optfil If you want a memory safe Linux distro: fil-c.org/pizlix
English
@Zhitnipalzhi Не хотите напомнить как закончился матч Карякин-Карлсен?
Русский
Дауны из Спортса - манипулируют чувствами казахским мамбетов и домохозяек.
Магнус - чорт, Карякин - сила, но если бы он не сообщил судье о нарушении до старта партии, то ему бы засчитали автоматическую победу, а её могли дисквалифицировать.
Он буквально спас казашку.
Русский
@TrushinBV Как доказать , что крокодил больше длинный, чем зеленый?
Русский
Кто справится с задачей из учебника по физике за 7 класс? )
"Что больше: расстояние до школы, равное 1500 м, или время, равное 20 мин, за которое ученик его проходит?"
Русский
Этой надписи уже тысячу лет. Древние строители оставили её на стенах Софийского собора, что и сейчас стоит в центре Киева. И написана она на русском языке. #история
Русский
@sergeenko_i Зачем переплачивать? Возьмите просто конституцию Российской Федерации
Русский
Куплю учебник квантовой физики на украинском языке. Очень хочется посмеяться.
Русский
English
@schteppe This game also can be played with Rust
1. Rust dev uses std::cell::RefCell
2. calls borrow_mut() in callback spagetty
3. panic takes down prod
4. GOTO 1
English
@kosyo_98 @HatsOffff Да, той си имаше вземане даване с тях преди бая време
Български
@kosyo_98 @MiddleEastEye Абсолютно. Нз дали е истина но ако Volkswagen започне да прави оръжия това би било може би даже добре за Европа
Български
Unable to compete with Chinese electric vehicles, Nazi-era weapons maker Volkswagen eyes a return to arms production, this time with Israel
middleeasteye.pulse.ly/onm42fjzka
English