I agree, but I still believe that one issue here is the lack of understanding of what the process around software development should be. We would get rid of some issues if we used a safer language, but the real issue is…
I have to say that I feel as if the problem here isn't competent programmers though. It's competent testing that is lacking. Sure, it's possible to make a lot of stupid mistakes in C, but most of these mistakes should…
I've worked in "IT security" as a C programmer for about 10 years. I both agree and disagree with this article. A competent C/C++ programmer will have a lot less of problems like buffer overflows and crap like that, I…
That's the thing though, can you prove that you haven't been exploited several times that you didn't notice and grsec which grsec didn't mitigate?
And you give up your anonymity as soon as you do.
Personally I feel as if underengineering is less of a problem than overengineering. I've seen both in real life scenarios and usually you just throw the underegineered code away and start over with knowledge gained from…
Just as far as everybody knows, that doesn't mean that it's necessarily true. There can be a distinct difference between what is believed to be true and what's actually true. There might very well be entities that has…
I work in the field and anybody that says that a piece of software is secure before it has even had a security evaluation by a third party does not know what they are talking about. I think what you have seen is…
PIA might actually log everything and send to the FBI as a regular part of their operation, hell, they might even be funded by the FBI and you would never know. You should not trust what people tell you over the…
I think you misunderstand the reason for using a VPN. Privacy is not the same as anonymity. Let me try to explain. You use a VPN to protect your connection from MiM attacks, for example if you connect to a public…
The security of Wireguard is completely unknown. Sure, it might be more secure after a formal release and a security evaluation. They even state themselves that they should not be used if security is required.
One still stay away from stuff that is patented in the US as a European company though, most European companies want to go to market in the US sooner or later.
I agree, but I still believe that one issue here is the lack of understanding of what the process around software development should be. We would get rid of some issues if we used a safer language, but the real issue is…
I have to say that I feel as if the problem here isn't competent programmers though. It's competent testing that is lacking. Sure, it's possible to make a lot of stupid mistakes in C, but most of these mistakes should…
I've worked in "IT security" as a C programmer for about 10 years. I both agree and disagree with this article. A competent C/C++ programmer will have a lot less of problems like buffer overflows and crap like that, I…
That's the thing though, can you prove that you haven't been exploited several times that you didn't notice and grsec which grsec didn't mitigate?
And you give up your anonymity as soon as you do.
Personally I feel as if underengineering is less of a problem than overengineering. I've seen both in real life scenarios and usually you just throw the underegineered code away and start over with knowledge gained from…
Just as far as everybody knows, that doesn't mean that it's necessarily true. There can be a distinct difference between what is believed to be true and what's actually true. There might very well be entities that has…
I work in the field and anybody that says that a piece of software is secure before it has even had a security evaluation by a third party does not know what they are talking about. I think what you have seen is…
PIA might actually log everything and send to the FBI as a regular part of their operation, hell, they might even be funded by the FBI and you would never know. You should not trust what people tell you over the…
I think you misunderstand the reason for using a VPN. Privacy is not the same as anonymity. Let me try to explain. You use a VPN to protect your connection from MiM attacks, for example if you connect to a public…
The security of Wireguard is completely unknown. Sure, it might be more secure after a formal release and a security evaluation. They even state themselves that they should not be used if security is required.
One still stay away from stuff that is patented in the US as a European company though, most European companies want to go to market in the US sooner or later.