Great reason to push more code out of the kernel and into user land
Is it HURD’n’ time?
I dunno, Stallman, it’s been 30 years, you got something for us?
I think we should just resurrect Plan 9 instead.
So what you are saying is “mach was right”?
eBPF is looking great.
Just because it has a CVE number doesn’t mean it’s exploitable. Of the 800 CVEs, which ones are in the KEV catalogue? What are the attack vectors? What mitigations are available?
The idea that it is somehow possible to determine that for each and every bug is a crazy fantasy by the people who don’t like to update to the latest version.
That’s a crazy “if”
That is actually perfectly reasonable assumption to make in the absence of resources to determine the opposite, which would probably be many times the resources needed to actually fix the bug.
There are lots of things the Kernel controls that can have non security related bugs, e.g. controller with the wrong mapping https://github.com/torvalds/linux/commit/9131f8cc2b4eaf7c08d402243429e0bfba9aa0d6
It’s a wild assumption to claim “All bugs in the Linux kernel are security issues”, without any backing, whoever is making that claim needs to provide evidence since the default position for any program is that there are bugs that are not security issues.
lol
defend one out there assumption with another, i guess.
who can tell if sidewinder force feedback (11684) is a security bug or just one that affects people using old joysticks. better treat it with all the seriousness of xv just to be sure!
I mean, this isn’t any different for Windows or macos. The difference is the culture around the kernel.
With Linux there are easily orders of magnitude more eyeballs on it than the others combined. And fixes are something anyone with a desire to do so can apply. You don’t have to wait for a fix to be packaged and delivered.
Install all the patches immediately.
Best way I found it running this command
rm -rf /
Then do a reboot just to be sure.
Good luck compromising my system after that.
FYI This is a joke Don’t actually run this command :)
Air gap.
Some air gaps better than others
Crontab dnf update -y and trust that if anything breaks uptime monitoing/ someone will let me know sooner or later.
Sayings like that are dumb as shit.
Step one: stop listening to anything from Ziff-Davis.
