Hacker News new | past | comments | ask | show | jobs | submit login

> fixing whatever made it possible for "problematic content" to cause "ungraceful" crashes

Better not only fix this specific bug but continuously use fuzzing to find more places where external data (including updates) can trigger a crash (or worse RCE)




That is indeed necessary.

But it seems to me that putting the interpreter in a place in the OS where it can cause a system crash with the be the behavior that it's allowed to do is a fundamental design choice that is not at all addressed by fuzzing.


An interpreter that handles data downloaded from the internet even. That's an exploit waiting to happen.


I guess "fight fire with fire" is great adage, so why not fight backdoors with backdoors. What can go wrong.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: