Few days ago, I was told that, doing Q&A, it is not my job to care that code is stupid, buggy and actually corrupts memory outside range that was
passed to it. Time to look around for new job, I guess...
"А вам слабо?"
13:09 < PaulFertser> raster: why do vendors still allow to guys to do "sim unlocking"?
13:11 < raster> PaulFertser: because they have very poor concepts of security
13:11 < raster> PaulFertser: to them rtemoving a header files == security.
13:11 < raster> now u dont have the api header.. uc ant use the library etc.
13:11 < raster> thats a real belief
13:12 < raster> i kid you not
13:12 < raster> thnk of it this way
13:12 < raster> open source programmers ar egenerally good
13:12 < raster> why? in the oss world u need to rely on literally being good to keep your head above water
13:12 < raster> if you are merely average or bad — you sink
13:13 < raster> in the end the law of the jungle in oss land means that oss devs tend to be like the top 1% of engineers
13:13 < raster> so they understand thgins like security
13:13 < raster> they know removing a ehader wont do anything
13:13 < raster> they also know that putting security sensitive stuff in a shared lib as oppoed to in aservice running as root
vs ui runing as user, is much more secure
13:13 < raster> etc.
13:13 < raster> they know about making code ope and being able to use digital signatures etc.
13:14 < raster> but.. those people are not 100% of the engineers u see working in real life at the places that make thigns
13:14 < raster> they are maybe 5% of them.
13:15 < raster> so... you see modem firmwares being hackable because of an incorrect belief that they secured it already — the
Scene One: A tree. An apple. An ape comes and starts to shake the tree. A voice from above:
"Think, think!" The ape thinks, grabs a stick, and hits the apple off. / Scene Two: A tree. An
apple. A praporschik comes and starts to shake the tree. A voice from above: "Think, think!" / "No
time to think, gotta shake!".