Hacker News new | past | comments | ask | show | jobs | submit | chum's comments login

"programmers who are good at crafting defenses for their own systems know how to penetrate other people’s computers, too"

This is not strictly true. There is a big difference between identifying/exploiting bugs in software and defending a network from attack. Within the context of government spending, this is the difference between funding reverse engineering/binary analysis/buying 0days and funding the training of systems administrators.


at the micro level, it's true that those activities are different, but in the big picture, they are so close, and those people are interacting so much with each other.

There is also the big offense/defense hypocrisy, like buying guns and missiles to protect people (instead of armors and bunkers), and mixing offense and defense to make some behavior more publicly acceptable.


I used virtualbox a lot for work and play, always with a debian guest. While my overall experience was good, there were two gotchas that really annoyed me:

1. When cloning VMs I would always have networking issues. The fix was known and simple (https://www.virtualbox.org/ticket/660) but not intuitive to a casual user.

2. Installing the guest additions (drag-and-drop file support, shared clipboard, basically stuff you really want) as a kernel module can be a huge pain in the ass depending on what kernel you run. I never had any issues with a "stable" 2.x kernel, but with 3.x I had a difficult time finding the correct kernel headers and putting them in the correct place.


some.distros have the guest additions in their repositories, that makes it easier.


Some have proposed a sort of patent "small claims" court to address these issues:

http://www.uspto.gov/ip/global/patents/comments/patent_small...


Recode Python functions in C

From a security standpoint, this sounds like a bad idea


By the time it hits the C code it should be sanitized, but yes, it does add some security overhead.


That's a really general statement, people write C code all of the time. You just have to be more careful. That is, you have to actually be a C programmer instead of a Python programmer cobbling together some C.

That said, reddit uses a mix of straight-C and Cython-ised Python, which is a bit like the best of both worlds.


Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: