Comment on: I hope one day I'll live in a country where I have freedom to write any code I like without fearing.
6 22 Aug 2015 19:27 u/goofybud16 in v/programmingComment on: Mozilla just announced their intent to deprecate so called XUL-based add-ons in favor of what they call the WebExtensions API within the next year or two
XUL has some issues, and does need some rework or replacement.
Is this the right path? I am not sure, we will have to see.
Comment on: All decisions have consequences, but how did MS break OpenType fonts in such a way that it allows creation of an elevated user?
As far as how it worked: The OpenType font renderer had some security issues allowing a specific font to gain System level access and then use another file as a payload.
This appears to be the person who discovered it. The only fix is to fix the font rendering code.
He used a PDF to exploit and open Calc.exe, but it would be possible to download and execute something off of the web too.
Comment on: All decisions have consequences, but how did MS break OpenType fonts in such a way that it allows creation of an elevated user?
Actually, I found a PDF of the exploit in /r/reverseengineering explaining how the person found, created, and tested the exploit.
Yet.
If the government has their way, the US will be straight out of 1984, or possibly Idiocracy. Maybe a combo.
As it is they spy on our network traffic, force companies to backdoor their software, and the FBI recently said we aren't allowed to have secrets stored digitally that they can't access. All privacy in this country is going down the drain, and people don't give two fucks because "I don't have anything to hide." Nothing to hide? Then why do you care if the police walk into your house whenever they please and start searching for stuff? You have nothing to hide so why do you care?