Hacker News new | ask | show | jobs
by spankalee 1837 days ago
Those types of driver vulnerabilities are exactly why Fuchsia's sandboxed driver model is needed.
1 comments
kelnos 1837 days ago
I see that as a sort of capitulation. What is actually needed is manufacturers who remain responsible and responsive when it comes to the quality of their drivers. They need to support them much longer than they currently do, and they need to release security fixes promptly.

I think having a sandboxed driver model is a great idea in general, but this will only encourage hardware manufacturers to care even less about supporting their drivers beyond the initial more-or-less-working release.

link
zepto 1837 days ago
> What is actually needed is manufacturers who remain responsible and responsive when it comes to the quality of their drivers. They need to support them much longer than they currently do, and they need to release security fixes promptly.

That requires a level of investment in engineering competence that they aren’t doing because there is little incentive.

How would you suggest changing that?

link
fsflover 1837 days ago
When the support ends, drivers must be open-sourced.
link
zepto 1837 days ago
That’s just a wish.

How do you create the incentive for it?

link
fsflover 1837 days ago
I think that just must be a law. I see no other possibility.
link
zepto 1836 days ago
How would the law define ‘support ends’?

Also seizing source code at gunpoint seems antithetical to the notion of free software.

link