No. Things like eBPF, strace, and packet filtering are enabled. Android uses SELinux and other facilities to limit the amount of code the kernel will allow to access these features. Big difference from their being compiled out of the kernel entirely as the OP suggests is necessary.
Container isolation can fail at shared libraries in shared layers too can't it? My evil service is based on the same cooltechframework base layer as your safety critical hardware control service and if there is a mistake in the framework...
Separate processes running the same shared instructions. If you compromise and modify those shared instructions, the othe container runs instructions of your choosing.
Layers are COW so one container modifying a layer has no effect on other containers started from the same image. Of course, preexisting vulnerabilities will remain but they'd have to be separately exploited in each container.
> thought it saved memory by loading one instance of shared objects into memory
It does! The trick is that it loads the shared object read-only as far as the CPU is concerned. If a program tries to modify the memory, the CPU (I'm simplifying a lot here) throws an exception. The kernel catches that exception, makes a copy of the memory the program is trying to modify, puts the copy of the original memory at the same address as the original read-only memory, and tells the program to re-try the write operation, which now succeeds. All of this happens without the application doing the writing being aware of what's going on. From its point of view, writes Just Work.
This way, you get the memory savings of sharing and the flexibility to do writes all without the security problems of shared mutability.
You might enjoy reading about OS virtual memory operation more generally!
> If NSA and only NSA can crack a particular system, they probably wouldn't mind using it for their own secrets.
How do you think they could assess that they, and only they will ever be able to exploit a particular cryptographic vulnerability at any time over the next few decades?
They can’t, they would be well aware of that, and they are extremely risk averse.
> And anyway why is there any reason to believe they really do use the system they say they use?
Because these systems exist widely throughout government today.
I don't mean to say this as a challenge to what you said, but as a genuine question: Do you hold any value in the continued existence of the red squirrel in Great Britain? Would you see its extinction as any kind of loss? I know many people that are hugely invested in securing the red squirrel, but would never be seen dead expressing any kind of hesitancy towards the idea of their own ethnic group disappearing. I've always found it a little odd, given that squirrels don't have culture, traditions, or a written history attached, and it's purely aesthetic.
Why does the technicality that red and grey squirrels are different species hold any weight to you? The effect is still the same: They are two discernibly different populations, of which one is on the decline in its native land alongside the increase of another. As humans, we are orders of magnitude more sensitive to population differences amongst humans than amongst squirrels. Squirrel populations do not have associated music, dress, religion, traditions, and so on. So the question remains: Why does the decline of a discernable population of squirrels carry immense sentimental weight to many people, but not the decline of an ethnic group? Especially when most people would give a very different answer if that ethnic group were, for example, Native American or Palestinian? The only answer to me is that people feel that they aren't allowed to hold these sentimental thoughts, and work to block them from their own mind.
I do not play favorites with nationalism. I have the same opinion of Arabic or Chinese or any other culture.
In any case, you are implying the ridiculous point that somehow culture is some telepathic magic that is inherent to the people who lived there from some completely arbitrary cut off point where you somehow think it drops out of thin air in the blood or something instead of something one is raised into. Do you think for example a british baby taken to afghanistan and raised by the Taliban would turn up to have English culture magically?
Extreme nationalism is a third world culture to me, I would consider a capitalist, liberal immigrant from say Egypt to be more European than a white nationalist. The far right causes problems for and has problems with far right from other places. White nationalists and Islamic extremists hating each other, and so on. I have never heard democratic capitalist people having issues with other democratic capitalist people. If you want to solve ethnic etc conflict I would say the surest shot approach to it is to suppress, deport, eliminate, deal with far right wingers of every stripe whether white or islamic or jewish or any other.
And lastly what exactly has nationalism given us? The bad far outweighs the good. For pithy stuff about language and food, you have genocides, warfare, bloodshed on the other end of the scale.
And Palestinians are being genocided...again driven by nationalism and religion. Genocide and property crimes are obviously bad.
Whites aren't being genocided in England. If someone thinks that, then being a delusional snowflake somehow equating not having enough babies to other races genociding you is their mental problem, not mine.
As usual, this article totally conflates "to help with homework" with "to cheat on homework". If you use it like a better Google, learning from its output rather than directly using the text, that’s definitely not cheating by any definition.
reply