There is no question that programming in C and C++ requires skill, and that memory management is an issue, and automatic heap allocation and garbage collection is the popular solution to that issue, but there is no silver bullets, and they are always compromises. I
Yes, project need to be written with security in mind.
There are program with few security hole written in C/C++ but most of the time they use special API for strings, allocation,...
For example vsftpd : http://vsftpd.beasts.org/#securityAgain, there are no silver bullets. For instance, the Java sandbox is one solution to a security issue. It is not perfect, and it's imperfections lead to a false sense of security. It is ok for developers to be sloppy because garbage collection and the sandbox will protect the user.
Sandbox doesn't imply high level language. Even in a sandbox, if it is not correctly configured, there can be security hole.
On the other side you can be sandboxing in C/C++ (using the OS). For example using chroot/PR_SET_SECCOMP...)
I think the problem is writing a safe application is really hard and can be tricky. You need to know well "secure" programming and what offer the OS.
For the average programmer using high level language can help : it is the writer of the high level language who have managed security, not you. And you can expect them to do better than you.
AFAIK the integrated video, sound, ethernet and all are integrated in the chipset not the CPU.
And nvidia does already chipset (nforce) with integrated GPU.
So I thinks even without "CPU-GPU Hybrids", you can give low cost solution.
This is great, but we realy miss filesystem for such big NAND. Either we use FTL [1](flash translation layer) to put FAT, but that that's quite ugly (FAT is not aware of flash and not robust to power lost, FTL is optimized for FAT). Either we put flash filesystem like jffs2 or yaffs2, but they will eat lot's of RAM and take lot's of time on such big flash.
I wonder what are the performance with a filesystem.
PS : there is logfs or ubifs that should be better flash fs, but there are not ready.
But you could use alternative open source software like ekiga.
Also after reading how skype works http://www.secdev.org/conf/skype_BHEU06.pdf , you maybe frightened by all the obscurity behind it.
Well it's not quite trivial to implment an recycling bin.
First problem : which layer use: - libc : in user space, portable to near all *NIX, only intercept the call using libc. - fs : OS specific, fs specific - kernel syscall interception : os specific.
There are solution which were implemented for that (http://pwp.netcabo.pt/0154115101/software/libtras h/, http://e2undel.sourceforge.net/, http://www. shirka.org/recycled4linux/), but I think it don't fit well with *NIX. Admin prefer using backup.
If you read http://people.redhat.com/arjanv/COPYING.modules, you will see that if you write a binary module from scratch it is considered as a derived work from linux kernel, so it should respect the GPL license and be open source.
I am a bit disapointed to see a guy like fabrice bellard which have contributed to lot's of famous open source projects (ffmpeg for exemple) to choose a such decission.
Slashdot Mirror
>What does surprise me though is that Intel has made such an obvious
>mistake in their design.
The funny part is that they patent the exploit and fix some years ago : http://www.freepatentsonline.com/y2008/0209578.html
There is no question that programming in C and C++ requires skill, and that memory management is an issue, and automatic heap allocation and garbage collection is the popular solution to that issue, but there is no silver bullets, and they are always compromises. I Yes, project need to be written with security in mind. There are program with few security hole written in C/C++ but most of the time they use special API for strings, allocation, ...
For example vsftpd : http://vsftpd.beasts.org/#security
Again, there are no silver bullets. For instance, the Java sandbox is one solution to a security issue. It is not perfect, and it's imperfections lead to a false sense of security. It is ok for developers to be sloppy because garbage collection and the sandbox will protect the user.
Sandbox doesn't imply high level language. Even in a sandbox, if it is not correctly configured, there can be security hole.
On the other side you can be sandboxing in C/C++ (using the OS). For example using chroot/PR_SET_SECCOMP ...)
I think the problem is writing a safe application is really hard and can be tricky. You need to know well "secure" programming and what offer the OS.
For the average programmer using high level language can help : it is the writer of the high level language who have managed security, not you. And you can expect them to do better than you.
Note that atheros already release a "legacy" HAL 2 months ago : http://marc.info/?l=linux-wireless&m=122246623707038&w=2
AFAIK the integrated video, sound, ethernet and all are integrated in the chipset not the CPU. And nvidia does already chipset (nforce) with integrated GPU. So I thinks even without "CPU-GPU Hybrids", you can give low cost solution.
This is great, but we realy miss filesystem for such big NAND.
Either we use FTL [1](flash translation layer) to put FAT, but that that's quite ugly (FAT is not aware of flash and not robust to power lost, FTL is optimized for FAT).
Either we put flash filesystem like jffs2 or yaffs2, but they will eat lot's of RAM and take lot's of time on such big flash.
I wonder what are the performance with a filesystem.
PS : there is logfs or ubifs that should be better flash fs, but there are not ready.
[1] BTW FTL is patented.
It is a joke. I find no refenrence of a such product on google nor proof that is that aprouved by french gouvenement...
IIRC the core of Xara Xtreme were put on some binary only libs. Did these libraries were released in a opensource license in new version ?
But you could use alternative open source software like ekiga. Also after reading how skype works http://www.secdev.org/conf/skype_BHEU06.pdf , you maybe frightened by all the obscurity behind it.
No use telnet...
Yes but bank often don't check signature...
mappy[1] have these features form years, and google and microsoft don't work for well Europe.... [1] http://www.mappy.com/
No attack the cpu microcode and update it!!!
Well the libdvdcss is host in a famous french university server for years...
Well it's not quite trivial to implment an recycling bin.
:
s h/,. shirka.org/recycled4linux/), but I think it don't fit well with *NIX.
First problem : which layer use
- libc : in user space, portable to near all *NIX, only intercept the call using libc.
- fs : OS specific, fs specific
- kernel syscall interception : os specific.
There are solution which were implemented for that (http://pwp.netcabo.pt/0154115101/software/libtra
http://e2undel.sourceforge.net/,
http://www
Admin prefer using backup.
Well people often use shift + delete, so they don't use the recycling bin...
Have were a those unpatented formats ?
In audio/video near everything is patented...
Note that fabrice don't seem familiar whith license issue : see http://sourceforge.net/mailarchive/message.php?msg _id=6932290 where is tried to relicense lgpl work in under bsd license...
If you read http://people.redhat.com/arjanv/COPYING.modules, you will see that if you write a binary module from scratch it is considered as a derived work from linux kernel, so it should respect the GPL license and be open source.
I am a bit disapointed to see a guy like fabrice bellard which have contributed to lot's of famous open source projects (ffmpeg for exemple) to choose a such decission.
if xvid.org don't work, you can use one of the main developper personal page : http://ed.gomez.free.fr/
;)
Has you can see, xvid-1.0 is here since more one week