software security, vaguely ranty
I find "supply chain security" discussions so exhausting, even in their genuine form of "how do we contain malware on the average person's system"... because they are all identical carbon copies of each other in the end, and no new conclusions are ever reached.
It goes something like this:
- All these plugins and packages are a security disaster! Anyone can publish them! We should limit publishing to a curated set that's been reviewed.
- Oh, turns out nobody has the review capacity to do so, and/or it would break the world by creating a centralized gatekeeper for everything, so I guess we need to make it possible to run untrusted code safely instead. Sandboxing!
- Oh, turns out sandboxing is imperfect, so we actually need to fix the problem at the root, and adopt secure programming practices and tools like capability security and explicit authorization grants.
- Oh, turns out it's impossible to convince the majority of developers to collectively work on that (which is needed to make it succeed) because most of them don't recognize the problem and keep waffling on about curation and sandboxing. Guess we're just fucked then and it will be broken forever!
Rinse repeat for three decades.
software security, vaguely ranty (3)
(Referring to this part of Midori specifically: https://joeduffyblog.com/2015/11/03/blogging-about-midori/)
software security, vaguely ranty (3)
@joepie91 but don't you love how a decade after Midori some of its lowest hanging fruit have made it into Windows / C# in the most watered down form palatable?
software security, vaguely ranty (2)
Bonus frustration: Microsoft almost, *almost* resolved this problem, most likely, with Midori (being one of the very few organizations that could put their foot down and *make* people care about this) - and then axed the project and only took parts of it.