Notices by bitey cat bite bite bite bite (cybermeow@cybre.space), page 102

@natecull your right firewalling can only do so much but perhaps we shouldnt be networking certain things, at least not publicly. part of why NASA has so much success running ancient fortran code is because their devices arent exposed to the WWW

@moonman the apostle paul can SUCK THESE NUTS.

@natecull I see we still havent considered more cautious networking and more stringent access control as a fix

@gcupc I mean, assuming poor people will ever be able to afford one and that they wont get shafted by the banning of gas cars too soon.

@grime_witch backcombing (itll destroy your hair though)

@natecull @moonman and yet we will never get rid of the need for machine code, turns out VM based languages get errors in the machine code of the VM.

These VMs dont come out of no where, they are made in the same machine code we supposedly stopped writing in.

Turns out all you can really do is stay on top of security bulletins and update dilligently.

@natecull tagging @moonman because he may have opinions.

There is no such thing as a perfect tool, we thought we could do away with SO/HOs by implementing ASLR but the advent of brainbending ROP proved us wrong,

an attacker with enough time on their hands will always figure out how to exploit a system, due to our development methodology it is not feasible for us to create moderate sized codebases 100% free of errors, this is not on the toolchains that we are using, its on how we design and develop software

@natecull no thats wrong, mistakes are to be expected in literally any toolchain, we cant ditch toolchains optimized for important things like administration and rapid prototyping just because *people make mistakes*

@natecull RIGHT, this will not be fixed by writing pure functional code, we will still need updates, we must streamline the update process so it isnt as bad as adobe and we need to stop overexposing our software to the net where anyone can attack it from anywhere.

@natecull just because huge software needs plenty of updates doesnt mean updating is bad.

@natecull yes henlo nasa YOU NEED UPDANTES
UPDANTE YOUR SOFTWAR

real talk though nasa's software isnt exposed to the world wide web, it radios back to nasa and no one else iirc.

They can do what they want because its a closed circuit. They tackled the problem at the physical layer, which is what I have ben saying all along

@natecull "correct software doesnt need updates" is the worst take EVAR.

UF AWLL TIEM

@natecull EVERYthing needs to be updated, we live and learn and we find out about our mistakes after theyve been made and we have this neat process where security researchers give grace periods and we have the abliity to push updates over the air.

your pure functional language can be perfectly free of side efects, if I find a way to exploit the underlying machine it runs on or a library you used then thats that.

@natecull restricting the programmer is NOT the answer. maybe restrict the stupid designers that dont understand that putting a fully operational gas vehicles engine control unit into the infotainment system and opening that up to the outside world via network is A REALLY BAD IDEA.

@natecull right but when are we going to try making a better effort to keep software in products up to date, making sure the latest version of libraries and software is being rolled out, NOT recklessly networking our thermometers and motor vehicles with the outside world and fixing holes in our firewalls.

Part of the problem is crap like flatpack/whatever equivalent where we decide to bundle an app with its dependancies and then distribute and shit IOT devices that have no business being networked.

@natecull concurrent programming is important but it has limited potential in fields that arent based on extremely intensive computation. even then it turns out that you also need to be able to access some kind of interface to let the outside world know what youve come up with a result from all that computation.

Yes I have worked with enough threading to see the value in what you are talking about, however making it harder to write *useful* programs isnt a replacement for more careful networking

its been 2 hours and im halfway through backing up my music collection